OTL logfile created on: 10.12.2012 17:29:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,36 Mb Total Physical Memory | 201,71 Mb Available Physical Memory | 19,71% Memory free
2,40 Gb Paging File | 1,50 Gb Available in Paging File | 62,39% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 97,40 Gb Free Space | 65,35% Space Free | Partition Type: NTFS
Computer Name: A-D79B6F17AFFB4 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.12.10 17:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2012.12.10 15:16:04 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.12.10 15:16:04 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.09 21:46:03 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.09 21:45:47 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.12.09 21:45:46 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.12.09 21:45:43 | 000,379,168 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.11.28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2011.06.28 13:58:32 | 002,345,984 | ---- | M] (Koninklijke Philips Electronics N.V.) -- C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe
PRC - [2010.06.21 10:14:30 | 000,308,736 | ---- | M] () -- C:\Program Files\Philips\Wi-Fi MediaConnect\HTSRecover.exe
PRC - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.12.09 21:46:06 | 000,397,088 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.11.28 04:43:17 | 000,460,904 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
MOD - [2012.11.28 04:43:16 | 012,456,040 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
MOD - [2012.11.28 04:43:15 | 004,008,040 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012.11.28 04:42:30 | 000,587,880 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012.11.28 04:42:29 | 000,124,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012.11.28 04:42:22 | 000,157,304 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012.11.28 04:42:21 | 002,168,952 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012.11.28 04:42:21 | 000,275,576 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012.02.20 23:08:56 | 000,344,064 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2012.02.17 19:55:36 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.06.21 10:14:30 | 000,308,736 | ---- | M] () -- C:\Program Files\Philips\Wi-Fi MediaConnect\HTSRecover.exe
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2002.10.05 00:04:26 | 000,092,672 | ---- | M] () -- C:\WINDOWS\system32\vorbis.dll
MOD - [2002.10.05 00:04:18 | 000,021,504 | ---- | M] () -- C:\WINDOWS\system32\ogg.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.12.10 15:16:04 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.09 21:46:03 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.09 21:45:47 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.12.09 21:45:43 | 000,379,168 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.12.08 14:01:34 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:36:40 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewdcsc.sys -- (Huawei)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2012.11.16 20:17:15 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.11.16 20:17:15 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.11.16 20:17:15 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.10.30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.01.05 04:34:28 | 005,656,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.11.17 13:03:56 | 000,101,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010.02.08 10:45:06 | 000,019,328 | ---- | M] (WiFi Media Connect) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfmcvad.sys -- (WFMC_VAD)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.03.31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.01.30 11:57:00 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006.12.14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1409082233-861567501-1177238915-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE - HKU\S-1-5-21-1409082233-861567501-1177238915-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1409082233-861567501-1177238915-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1409082233-861567501-1177238915-500\..\SearchScopes\{8F8D12AE-67BB-4293-B9EB-F1C11DB18481}: "URL" =
http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1409082233-861567501-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "
www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.09 23:05:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.12.09 23:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2012.12.09 23:05:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.10 11:45:13 | 000,000,616 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
[2012.11.29 12:32:34 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.11.29 12:32:34 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.11.29 12:32:34 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.11.29 12:32:34 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.29 12:32:35 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - homepage:
http://www.seznam.cz/
CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url =
http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - homepage:
http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.11.0_0\background/registryAccess.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Avira Toolbar = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.11.30776_0\
CHR - Extension: InnoGames International = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi\2.3.17.1_0\
O1 HOSTS File: ([2001.10.25 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Wi-Fi MediaConnect.lnk = C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe (Koninklijke Philips Electronics N.V.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-861567501-1177238915-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://windowsupdate.microsoft.com/wind ... 3682679375 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.255.255.10 10.255.255.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6630B2EB-16FE-42EB-988E-63527678D0A4}: DhcpNameServer = 10.255.255.10 10.255.255.20
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.12.12 09:40:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5f2f0878-2033-11e2-ba7c-001617d2d685}\Shell - "" = AutoRun
O33 - MountPoints2\{5f2f0878-2033-11e2-ba7c-001617d2d685}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.a3d - C:\WINDOWS\System32\a3d.dll (Aureal Semiconductor)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa - C:\WINDOWS\System32\divxa32.acm (Packed With Joy !)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Packed With Joy !)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3radius - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (
http://www.mp3dev.org/)
Drivers32: msacm.ogg - C:\WINDOWS\System32\ogg.dll ()
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbisenc - C:\WINDOWS\System32\vorbisenc.dll ()
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - C:\WINDOWS\System32\divxc32.dll (build Pinky.cz)
Drivers32: vidc.div4 - C:\WINDOWS\System32\divxc32f.dll (Pinky.cz)
Drivers32: vidc.divx - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.12.10 17:26:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2012.12.10 14:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Adobe
[2012.12.10 13:53:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.12.10 10:28:05 | 000,000,000 | ---D | C] -- C:\rsit
[2012.12.09 23:06:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2012.12.09 23:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.12.09 23:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Google Chrome
[2012.12.09 22:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DoNotTrackPlus
[2012.12.09 22:41:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\CallingID
[2012.12.09 21:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
[2012.12.09 21:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Avira
[2012.12.09 21:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\AskToolbar
[2012.12.09 21:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\APN
[2012.12.09 21:36:29 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.12.09 21:36:29 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.12.09 21:36:29 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.12.09 21:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.12.09 21:36:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2012.12.09 10:44:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012.12.08 15:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\McAfee
[2012.12.08 14:01:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\McAfee
[2012.12.08 08:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2012.12.08 08:32:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.12.08 08:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.12.10 17:32:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.10 17:26:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2012.12.10 17:16:06 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500UA.job
[2012.12.10 16:59:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.10 16:56:21 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.12.10 16:43:38 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.12.10 16:43:32 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012.12.10 16:41:25 | 000,545,819 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
[2012.12.10 16:18:04 | 000,856,731 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\SecurityCheck.exe
[2012.12.10 10:27:34 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2012.12.09 23:16:06 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500Core.job
[2012.12.09 23:07:26 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Google Chrome.lnk
[2012.12.09 23:05:55 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2012.12.09 22:44:16 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2012.12.09 21:49:02 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2012.12.09 12:00:01 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012.12.09 11:00:40 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.12.09 10:45:26 | 000,012,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20121209_104508.reg
[2012.12.08 14:01:33 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.12.08 14:01:32 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.12.07 17:59:42 | 001,223,274 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Lučina.bmp
[2012.12.03 19:33:00 | 006,001,667 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\IMG_2635.JPG
[2012.12.03 19:27:42 | 004,546,296 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\IMG_2649.JPG
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.10 17:32:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.10 16:41:25 | 000,545,819 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
[2012.12.10 16:18:01 | 000,856,731 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\SecurityCheck.exe
[2012.12.10 10:27:34 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2012.12.09 23:06:14 | 000,001,058 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500UA.job
[2012.12.09 23:06:14 | 000,001,006 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500Core.job
[2012.12.09 23:05:55 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2012.12.09 23:05:55 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2012.12.09 23:01:28 | 000,002,317 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Google Chrome.lnk
[2012.12.09 22:44:16 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
[2012.12.09 22:44:16 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2012.12.09 21:37:52 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2012.12.09 10:45:24 | 000,012,590 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20121209_104508.reg
[2012.12.07 17:59:42 | 001,223,274 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Lučina.bmp
[2012.12.03 19:32:26 | 006,001,667 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\IMG_2635.JPG
[2012.12.03 19:27:16 | 004,546,296 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\IMG_2649.JPG
[2012.11.25 18:32:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2012.09.29 12:11:55 | 001,763,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1409082233-861567501-1177238915-500-0.dat
[2012.09.01 19:41:07 | 000,074,236 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2012.06.30 09:41:10 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2012.06.30 09:41:09 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012.06.30 09:40:16 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\$_hpcst$.hpc
[2012.05.24 21:00:24 | 000,286,982 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.04.09 19:58:24 | 000,000,403 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2012.03.20 21:13:50 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012.01.25 21:24:40 | 000,000,531 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2012.01.25 21:09:35 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2012.01.16 19:47:34 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.21 19:23:43 | 000,000,118 | ---- | C] () -- C:\Documents and Settings\Administrator\default.pls
[2011.12.21 19:01:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.12 10:47:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.12.12 10:47:33 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011.12.12 10:47:33 | 000,226,857 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.12.12 10:47:33 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011.12.12 10:29:41 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.12.12 10:28:04 | 000,267,800 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.12 10:01:11 | 000,000,476 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2011.12.12 09:56:46 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.12.12 09:42:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.12.12 09:36:33 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.09.22 18:08:56 | 003,902,976 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2011.08.22 20:07:48 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.08.22 20:07:02 | 000,158,208 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2011.08.22 20:07:00 | 000,259,584 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2011.08.22 20:06:30 | 001,524,224 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2011.08.22 20:06:30 | 000,211,456 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2011.08.22 20:06:30 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2011.08.22 20:06:28 | 000,327,680 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2011.08.22 20:06:28 | 000,113,664 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2011.08.22 20:06:26 | 000,145,920 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2011.08.22 20:06:26 | 000,136,704 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2011.05.30 14:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.05.23 08:46:30 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.03.03 12:40:08 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2011.03.03 12:39:56 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2011.03.03 12:39:46 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2011.03.03 12:39:34 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2011.03.03 12:39:02 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2011.03.03 12:38:54 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2011.03.03 12:38:40 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2011.03.03 12:38:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2011.03.03 12:38:04 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2011.03.03 12:37:50 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2011.03.03 12:37:40 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2011.03.03 12:35:32 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2011.03.03 12:35:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
========== ZeroAccess Check ==========
[2012.08.03 09:27:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008.04.14 07:51:42 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.10.10 13:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ad-Aware Antivirus
[2012.02.14 15:19:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AlderGames
[2012.10.06 16:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2012.10.10 11:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\blekko
[2012.12.09 22:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CallingID
[2012.10.07 19:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\COWON
[2012.04.13 20:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ERS Game Studios
[2012.05.24 18:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Exec
[2012.11.02 18:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Friday's games
[2012.06.17 19:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IObit
[2012.11.11 20:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Jpeg Resampler
[2012.05.17 17:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Meridian93
[2012.01.25 21:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyHeritage
[2012.12.09 22:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2012.06.30 09:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2012.06.30 09:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Samsung
[2012.04.11 19:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\spidla
[2012.10.27 13:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Telefónica Móviles
[2012.01.25 21:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\The Complete Genealogy Reporter - FTB
[2012.10.07 10:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2012.02.14 16:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\URSE Games
[2012.01.06 20:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VendelGAMES
[2012.02.13 18:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\wrapper
[2012.05.17 17:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Špidla Data Processing, s.r.o
[2012.01.06 21:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
[2012.11.02 18:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2012.12.09 21:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.10.06 16:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2012.01.06 20:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2011.12.16 19:42:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.08.16 17:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Madagascar
[2012.09.29 14:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\firebird
[2012.10.10 14:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GFI Software
[2012.06.17 19:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2012.12.10 16:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2012.09.03 13:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\mpSOFT
[2012.01.25 21:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MyHeritage
[2012.06.30 09:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.11.12 19:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\rionix
[2012.10.07 18:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RoboForm
[2012.10.06 16:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.10.07 10:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2012.10.07 10:15:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.10.07 10:15:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012.05.17 17:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
[2012.10.10 11:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Ad-Aware Antivirus
========== Purity Check ==========
========== Custom Scans ==========
< >
[2011.12.12 09:38:12 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.12.12 09:45:41 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.04.21 09:40:18 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.10.10 11:55:43 | 000,000,960 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012.12.09 23:06:14 | 000,001,006 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500Core.job
[2012.12.09 23:06:14 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500UA.job
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\system32\dllcache\services.exe
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\system32\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\025d83439cae2967347f559266950b4b\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\025d83439cae2967347f559266950b4b\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.10.10 13:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ad-Aware Antivirus
[2011.12.12 10:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2012.07.03 17:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ahead
[2012.02.14 15:19:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AlderGames
[2012.10.06 16:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2012.12.09 21:44:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Avira
[2012.10.10 11:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\blekko
[2012.12.09 22:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CallingID
[2012.10.07 19:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\COWON
[2012.04.13 20:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ERS Game Studios
[2012.05.24 18:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Exec
[2012.11.02 18:54:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Friday's games
[2011.12.12 09:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2012.06.17 19:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IObit
[2012.11.11 20:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Jpeg Resampler
[2011.12.12 10:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2012.10.08 19:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2012.05.17 17:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Meridian93
[2012.06.28 17:29:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2012.12.09 23:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2012.01.25 21:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyHeritage
[2012.12.09 22:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2012.06.30 09:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2012.06.30 09:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Samsung
[2012.08.03 09:43:51 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
[2012.12.09 12:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2012.04.11 19:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\spidla
[2012.10.27 13:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Telefónica Móviles
[2012.01.25 21:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\The Complete Genealogy Reporter - FTB
[2012.10.07 10:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2012.02.14 16:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\URSE Games
[2012.01.06 20:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VendelGAMES
[2012.04.25 20:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2012.02.13 18:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\wrapper
[2012.05.17 17:07:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Špidla Data Processing, s.r.o
< %APPDATA%\*.exe /s >
[2012.05.17 17:07:29 | 005,041,152 | -H-- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Kouzelná farma\game.exe
[2012.03.14 14:50:58 | 009,070,474 | ---- | M] (Spidla) -- C:\Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Kouzelná farma\Kouzelná farma.exe
[2012.05.17 17:06:22 | 001,173,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Kouzelná farma\unins000.exe
[2012.04.14 19:41:55 | 004,003,328 | -H-- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Sanatorium Green Hills\game.exe
[2012.04.11 13:49:12 | 008,424,462 | ---- | M] (Spidla) -- C:\Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Sanatorium Green Hills\Sanatorium Green Hills.exe
[2012.04.11 19:15:39 | 001,173,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Sanatorium Green Hills\unins000.exe
[2011.04.14 17:10:52 | 004,194,000 | ---- | M] (Spidla) -- C:\Documents and Settings\Administrator\Data aplikací\wrapper\Dárek k Valentýnu.exe
[2012.02.13 18:06:24 | 000,471,040 | -H-- | M] (Dayterium) -- C:\Documents and Settings\Administrator\Data aplikací\wrapper\game.exe
[2012.02.13 18:05:13 | 001,173,631 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\wrapper\unins000.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.12.09 12:00:01 | 000,000,960 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012.12.10 16:56:21 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.12.09 23:16:06 | 000,001,006 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500Core.job
[2012.12.10 17:16:06 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-861567501-1177238915-500UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2011.12.12 10:27:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.12.12 10:27:12 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.12.12 10:27:12 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.12.10 16:43:38 | 000,002,504 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.12.08 14:01:33 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2012.12.08 14:01:32 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2012.12.09 23:06:10 | 000,136,176 | ---- | M] (Google Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.11.29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation) MD5=5744FFF8E72D105C138DAE9E17BB29FE -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008.05.08 08:16:18 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=DE49B348A18369B4626FBA1D49B07FB4 -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.12.09 22:44:31 | 000,878,480 | ---- | M] (Opera Software) MD5=E96462DD021F65D61D3F97056C3EF236 -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.12.10 17:32:33 | 000,000,512 | ---- | M] () MD5=618AB296A3D1E2B19354F96C8137E1FD -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.11.17 15:45:08 | 000,001,189 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Sanatorium Green Hills\data\Scripts\scenes\02_Main_Building_Entrance_Zoom_WallCrack.lua
[2011.11.17 15:45:14 | 000,065,751 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Sanatorium Green Hills\data\Sound\02_Main_Building_Entrance\insect_in_crack.ogg
[2011.11.17 15:41:52 | 000,119,366 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\spidla\wrapper_trial\Sanatorium Green Hills\data\Texture\Scenes\02_Main_Building_Entrance\Zone_Main\Zoom_WallCrack\ZoomBgWallCrack.png
[2012.08.16 15:44:16 | 076,155,719 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\Farm-Frenzy-3-Madagascar-cz_6-(crack-a-hra-je-v-češtině).rar
[2010.02.07 20:43:40 | 000,001,020 | ---- | M] () -- \Program Files\Sierra\Caesar 3 CZ\CRACK.EXE
[2010.02.07 20:43:40 | 000,001,020 | ---- | M] () -- \SIERRA\Caesar3\CRACK.EXE
< *keygen* /s >
< *loader* /s >
[2012.12.09 23:01:35 | 000,000,673 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lpgjmggepafkhenaeknpnjiceakbedpi\2.3.17.1_0\Media\ajax-loader.gif
[2012.12.09 21:49:18 | 000,140,896 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temp\avnwldrtemp\networkloader.log
[2012.12.09 22:41:05 | 000,000,905 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2YE457DJ\TooltipLoader[1].css
[2012.12.09 22:41:05 | 000,014,290 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\M398SPSA\TooltipLoader[1].js
[2012.11.08 15:16:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.11.08 15:16:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.11.08 15:16:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\
loader@2x.png
[2012.12.09 21:45:47 | 000,052,512 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2012.12.09 21:45:47 | 000,232,224 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2012.12.09 21:45:48 | 001,713,952 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2009.03.31 08:23:58 | 000,289,280 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009.03.12 08:31:22 | 000,285,184 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009.03.31 08:39:20 | 000,208,896 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2009.04.02 17:03:40 | 000,258,048 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008.11.25 15:52:24 | 000,266,240 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:BACB6B6C
< End of report >
Poprosim o log.txt, je umisten v c:\rsit
