Prosím o kontrolu logu - cod2 problem Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
jarmilprdell
nováček
Příspěvky: 16
Registrován: červenec 10
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu - cod2 problem

Příspěvekod jarmilprdell » 06 črc 2010 21:30

zdravim, mam problem.. hraju cod2, mam 250 fps a najednou se mi fps snizi treba na 30 a to se opakuje treba po 3 minutach..dostal sem tip, ze byste zde mohli vedet.. :) dekuji za jakoukoli pomoc.. dik :)

Logfile of HijackThis v1.99.1
Scan saved at 21:29:24, on 6.7.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Running processes:
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Last.fm\LastFM.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\jarmill\AppData\Local\Temp\Temp1_hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O8 - Extra context menu item: Download Using &BitSpirit - C:\Windows.old\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: prio32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - Unknown owner - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Prio Service (prio_svc) - Unknown owner - C:\Program Files\Prio\prio_svc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43295
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jaro3 » 06 črc 2010 23:02

Odinstaluj:
ICQToolBar
DAEMON Tools Toolbar
Winamp Toolbar
XfireXO Toolbar
BS Player Toolbar
Ask Toolbar
Sopcast Ask Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" –atboottime
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
******************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\prio32.dll
Pokud už byl soubor testován-klikni na otestovat znovu.
Až skončí test všech antivirů, vlož sem pak odkaz na stránku s výsledky.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jarmilprdell
nováček
Příspěvky: 16
Registrován: červenec 10
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jarmilprdell » 07 črc 2010 00:08

Kód: Vybrat vše

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4285

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

7.7.2010 0:00:17
mbam-log-2010-07-07 (00-00-17).txt

Typ skenu: Rychlý sken
Skenované objekty: 125480
Uplynulý čas: 3 minuta(y), 41 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)


Kód: Vybrat vše

http://www.virustotal.com/cs/analisis/4bc4e6118f8d0a1e1ffa943c54da73de26f54b5b75c32b11ad3b244e1fb66328-1276242756


Kód: Vybrat vše

Antivirus   Verze   Poslední aktualizace   Výsledek
a-squared   5.0.0.26   2010.06.11   -
AhnLab-V3   2010.06.11.00   2010.06.11   -
AntiVir   8.2.2.6   2010.06.10   -
Antiy-AVL   2.0.3.7   2010.06.11   -
Authentium   5.2.0.5   2010.06.11   -
Avast   4.8.1351.0   2010.06.10   -
Avast5   5.0.332.0   2010.06.10   -
AVG   9.0.0.787   2010.06.10   -
BitDefender   7.2   2010.06.11   -
CAT-QuickHeal   10.00   2010.06.11   -
ClamAV   0.96.0.3-git   2010.06.11   -
Comodo   5059   2010.06.11   -
DrWeb   5.0.2.03300   2010.06.11   -
eSafe   7.0.17.0   2010.06.10   -
eTrust-Vet   36.1.7627   2010.06.10   -
F-Prot   4.6.0.103   2010.06.11   -
F-Secure   9.0.15370.0   2010.06.11   -
Fortinet   4.1.133.0   2010.06.10   -
GData   21   2010.06.11   -
Ikarus   T3.1.1.84.0   2010.06.11   -
Jiangmin   13.0.900   2010.06.11   -
Kaspersky   7.0.0.125   2010.06.11   -
McAfee   5.400.0.1158   2010.06.11   -
McAfee-GW-Edition   2010.1   2010.06.10   -
Microsoft   1.5802   2010.06.11   -
NOD32   5188   2010.06.10   -
Norman   6.04.12   2010.06.10   -
nProtect   2010-06-11.01   2010.06.11   -
Panda   10.0.2.7   2010.06.10   -
PCTools   7.0.3.5   2010.06.11   -
Rising   22.51.04.03   2010.06.11   -
Sophos   4.54.0   2010.06.11   -
Sunbelt   6433   2010.06.11   -
Symantec   20101.1.0.89   2010.06.11   -
TheHacker   6.5.2.0.297   2010.06.11   -
TrendMicro   9.120.0.1004   2010.06.11   -
TrendMicro-HouseCall   9.120.0.1004   2010.06.11   -
VBA32   3.12.12.5   2010.06.10   -
ViRobot   2010.6.11.3880   2010.06.11   -
VirusBuster   5.0.27.0   2010.06.10   -
Rozšiřující informace
File size: 10960 bytes
MD5   : 0cca7a3e33c24e70893eff8ba8ed2e1d
SHA1  : a4563d3b852df9052a2a023c07e53cc508949e09
SHA256: 4bc4e6118f8d0a1e1ffa943c54da73de26f54b5b75c32b11ad3b244e1fb66328
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x124D
timedatestamp.....: 0x4BE14067 (Wed May 5 11:54:47 2010)
machinetype.......: 0x14C (Intel I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x59C 0x600 5.69 795c344b07c11ef7da7403ffb751ac18
.rdata 0x2000 0x7B5 0x800 4.58 d183ff4e88186bbc9508cf9b7e0afd96
.data 0x3000 0x410 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x4000 0x308 0x400 2.60 2356d3022cb0d3e1a7936c4bf836d51c
.reloc 0x5000 0x12A 0x200 2.68 db15c52f389ecabc54fa1f016ed10980

( 3 imports )

> advapi32.dll: AllocateAndInitializeSid, FreeSid, CheckTokenMembership
> kernel32.dll: HeapAlloc, GetCurrentProcess, HeapFree, GetEnvironmentStringsW, CallNamedPipeW, GetModuleHandleW, GetProcessHeap, GetPrivateProfileStringW, LoadLibraryW, Sleep, GetVersionExW, lstrcpynW, GetModuleFileNameW, FreeLibrary, GetPrivateProfileIntW, DisableThreadLibraryCalls, ProcessIdToSessionId, SetProcessWorkingSetSize, lstrcmpiW, GetProcessAffinityMask, FreeEnvironmentStringsW, GetCurrentThreadId, CloseHandle, GetCurrentProcessId, CreateThread, ExpandEnvironmentStringsW, SetPriorityClass, SetProcessAffinityMask, GetEnvironmentVariableW, GetCommandLineW, GetStartupInfoW, ExitProcess
> user32.dll: GetWindowLongW, AllowSetForegroundWindow, EnumThreadWindows, SetForegroundWindow

( 0 exports )
TrID  : File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ssdeep: 192:qKKDpjg4nin97WZJ9rDKA87mUkWOeyowx4z57+L/zY:EBJSWD1DKA8yKYx4MLzY
sigcheck: publisher....: O_K Software
copyright....: Copyright (c) 2005-2009 O_K Software
product......: Prio
description..: Prio Process Control
original name: n/a
internal name: prio
file version.: 1.9.9.2332
comments.....: n/a
signers......: O&K Software Ltd.
Thawte Code Signing CA
Thawte Premium Server CA
signing date.: 11:54 AM 5/5/2010
verified.....: -
PEiD  : -
RDS   : NSRL Reference Data Set
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43295
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jaro3 » 07 črc 2010 14:50

Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).

Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jarmilprdell
nováček
Příspěvky: 16
Registrován: červenec 10
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jarmilprdell » 07 črc 2010 15:14

OTL
OTL logfile created on: 7.7.2010 15:03:31 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\jarmill\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 312,50 Gb Total Space | 3,89 Gb Free Space | 1,24% Space Free | Partition Type: NTFS
Drive D: | 153,26 Gb Total Space | 5,59 Gb Free Space | 3,65% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JARMILL-PC
Current User Name: jarmill
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.07.07 14:58:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
PRC - [2010.07.07 14:58:17 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTH.scr
PRC - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


========== Modules (SafeList) ==========

MOD - [2010.07.07 14:58:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
MOD - [2010.05.06 14:41:49 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2010.05.05 11:54:48 | 000,010,960 | ---- | M] (O&K Software) -- C:\Program Files\Prio\prio32.dll
MOD - [2009.07.14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009.07.14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009.07.14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009.07.14 03:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2009.07.14 03:16:15 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2009.07.14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009.07.14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009.07.14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2009.07.14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009.07.14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009.07.14 03:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009.07.14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009.07.14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009.07.14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009.07.14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.07.02 12:44:10 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EHttpSrv)
SRV:64bit: - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.05.05 11:55:34 | 000,009,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Prio\prio_svc.exe -- (prio_svc)
SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.16 20:54:37 | 000,075,064 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.06.24 09:04:14 | 000,166,984 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.04.28 08:17:46 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.04.28 08:17:46 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.04.20 13:46:30 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010.04.19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.04.11 18:48:44 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 5E 74 00 E4 D8 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.05.30 19:07:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.06.02 13:56:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.06.02 13:56:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.07.06 19:45:16 | 000,000,000 | ---D | M]

[2010.05.01 19:28:24 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Mozilla\Extensions
[2010.04.13 18:37:28 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\extensions
[2010.04.13 18:37:28 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.07.06 23:17:55 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\extensions
[2010.06.19 18:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.07.06 14:43:59 | 000,002,384 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\searchplugins\askcom.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\searchplugins\icqplugin.xml
[2010.07.06 23:20:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download Using &BitSpirit - C:\Windows.old\Program Files\BitSpirit\bsurl.htm ()
O8 - Extra context menu item: Download Using &BitSpirit - C:\Windows.old\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (prio.dll) - C:\Program Files\Prio\prio.dll (O&K Software)
O20 - AppInit_DLLs: (prio32.dll) - C:\Program Files\Prio\prio32.dll (O&K Software)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.09 11:03:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell - "" = AutoRun
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell\AutoRun\command - "" = G:\Setup\rsrc\autorun.exe -- File not found
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010.07.07 14:58:29 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
[2010.07.07 14:58:17 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTH.scr
[2010.07.06 23:56:13 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Malwarebytes
[2010.07.06 23:55:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.07.06 23:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.06 23:55:52 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.07.06 23:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.07.06 21:51:54 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\ESET
[2010.07.06 21:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.07.06 19:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010.07.06 19:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.07.06 18:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\Prio
[2010.07.06 15:12:04 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\IObit
[2010.07.06 15:12:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2010.07.06 14:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.07.06 14:48:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.07.06 14:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.07.06 14:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.07.06 14:47:01 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.07.06 14:47:01 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.07.06 14:46:52 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.07.06 14:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010.07.06 14:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.07.01 15:13:18 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Allstar
[2010.06.29 15:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamePark
[2010.06.27 14:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.06.27 14:03:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.06.27 14:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010.06.27 14:01:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.06.27 14:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2010.06.24 11:46:25 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Google Translator
[2010.06.24 09:04:14 | 000,166,984 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
[2010.06.24 03:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.06.22 11:23:02 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Nero
[2010.06.22 11:21:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010.06.22 11:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.06.22 11:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.06.19 18:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.06.19 18:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.06.19 18:18:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.06.13 14:58:57 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\skypePM
[2010.06.13 14:52:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Skype
[2010.06.13 14:52:17 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.06.13 14:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.06.13 14:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.06.11 03:28:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010.06.11 03:28:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010.06.08 22:20:02 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\FIFA 10
[2010.06.08 22:18:35 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Leadertech
[2010.06.08 21:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports
[2010.06.08 21:18:51 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Desktop\Fifa10-Razor1911
[2010.06.07 14:07:41 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Desktop\pacifik
[2010.06.06 13:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.06.02 13:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.06.02 13:54:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.05.31 21:06:11 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\Downloads
[2010.05.30 19:07:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Real
[2010.05.30 19:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2010.05.30 19:07:02 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010.05.30 19:07:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2010.05.30 19:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010.05.30 19:06:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real
[2010.05.30 19:06:57 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Real
[2010.05.30 19:06:00 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Google
[2010.05.30 19:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.05.26 12:29:51 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Boss Media
[2010.05.26 12:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Boss Media
[2010.05.26 12:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParadisePoker
[2010.05.26 12:22:48 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\PokerStars
[2010.05.16 20:54:04 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\PunkBuster
[2010.05.16 17:39:13 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\DVDVideoSoft
[2010.05.16 17:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.05.16 17:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.05.15 14:22:37 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\ElevatedDiagnostics
[2010.05.12 16:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010.05.10 21:42:43 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\BitSpirit
[2010.05.10 21:39:04 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\uTorrent
[2010.05.10 18:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
[2010.05.10 18:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.05.09 17:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2010.05.04 18:22:24 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\OpenOffice.org
[2010.05.04 18:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2010.05.04 17:50:15 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\ICQ
[2010.05.01 19:28:16 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Mozilla
[2010.05.01 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.04.28 08:17:46 | 000,139,704 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys
[2010.04.28 08:17:46 | 000,124,760 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys
[2010.04.23 15:55:06 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Diagnostics
[2010.04.20 19:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BS_Player
[2010.04.20 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\BSplayer Pro
[2010.04.20 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\BSplayer
[2010.04.20 13:46:30 | 000,021,832 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010.04.20 13:46:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
[2010.04.14 11:23:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\WinRAR
[2010.04.13 19:28:09 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Activision
[2010.04.13 19:25:42 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.04.13 19:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2010.04.13 18:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2010.04.13 18:44:17 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\LogMeIn Hamachi
[2010.04.13 18:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.04.13 18:42:27 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Hamachi
[2010.04.13 18:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.04.13 18:37:28 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Mozilla
[2010.04.13 18:37:25 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Xfire
[2010.04.13 18:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.04.13 18:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2010.04.13 12:47:47 | 000,000,000 | ---D | C] -- C:\Poker
[2010.04.13 12:00:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.04.11 19:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2010.04.11 19:16:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2010.04.11 19:16:44 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\Sports Interactive
[2010.04.11 19:16:42 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Sports Interactive
[2010.04.11 19:05:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2010.04.11 19:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sports Interactive
[2010.04.11 19:01:19 | 000,000,000 | -H-D | C] -- C:\Users\jarmill\InstallAnywhere
[2010.04.11 18:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.04.11 18:48:00 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\DAEMON Tools Lite
[2010.04.11 18:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.04.11 11:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2010.04.11 11:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.04.11 11:23:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010.04.11 11:05:31 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Apple Computer
[2010.04.11 11:05:30 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Apple Computer
[2010.04.11 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.04.11 11:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
[2010.04.11 11:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.04.11 11:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.04.11 11:03:52 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Apple
[2010.04.11 11:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.04.11 11:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.04.11 11:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.04.10 23:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2010.04.10 23:40:44 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Last.fm
[2010.04.10 23:40:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm
[2010.04.10 23:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webteh
[2010.04.10 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Macromedia
[2010.04.10 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Adobe
[2010.04.10 22:12:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.04.10 22:10:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Opera
[2010.04.10 22:10:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Opera
[2010.04.10 22:07:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010.04.10 22:06:25 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.04.10 22:02:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.04.10 22:02:29 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.04.10 21:50:51 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010.04.10 21:39:17 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\ICQ
[2010.04.10 21:39:16 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\AOL
[2010.04.10 21:37:54 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Microsoft Games
[2010.04.10 21:24:39 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Searches
[2010.04.10 21:24:27 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Identities
[2010.04.10 21:24:21 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Contacts
[2010.04.10 21:24:14 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\VirtualStore
[2010.04.10 21:23:56 | 000,000,000 | --SD | C] -- C:\Users\jarmill\AppData\Roaming\Microsoft
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Videos
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Saved Games
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Pictures
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Music
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Links
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Favorites
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Downloads
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Dokumenty
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Desktop
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\AppData\Local\Temporary Internet Files
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Šablony
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Soubory cookie
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\SendTo
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Poslední
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Okolní tiskárny
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Okolní síť
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Documents\Obrázky
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Nabídka Start
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Local Settings
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Documents\Hudba
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\AppData\Local\History
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Documents\Filmy
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Dokumenty
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Data aplikací
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\AppData\Local\Data aplikací
[2010.04.10 21:23:56 | 000,000,000 | -H-D | C] -- C:\Users\jarmill\AppData
[2010.04.10 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Temp
[2010.04.10 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Microsoft
[2010.04.10 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Media Center Programs
[2010.04.10 21:23:40 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.04.10 21:23:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2010.04.10 21:23:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2010.04.10 21:07:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.04.10 21:04:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

========== Files - Modified Within 90 Days ==========

[2010.07.07 15:05:54 | 002,621,440 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT
[2010.07.07 14:58:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
[2010.07.07 14:58:17 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTH.scr
[2010.07.07 14:28:01 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.07 14:24:38 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.07.07 14:24:38 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.07.07 11:01:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.06 23:55:56 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.06 21:21:57 | 000,002,985 | ---- | M] () -- C:\Users\jarmill\Desktop\HiJackThis.lnk
[2010.07.06 21:03:49 | 000,027,822 | ---- | M] () -- C:\Users\jarmill\Documents\cc_20100706_210301.reg
[2010.07.06 19:28:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.06 18:55:40 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.06 18:55:40 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.06 18:37:06 | 000,000,019 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\prio.ini
[2010.07.06 15:12:08 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010.07.06 15:12:06 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.07.06 14:51:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.06 14:50:47 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.06 14:49:46 | 002,354,875 | -H-- | M] () -- C:\Users\jarmill\AppData\Local\IconCache.db
[2010.07.06 14:42:54 | 000,001,106 | ---- | M] () -- C:\Users\jarmill\Desktop\EVEREST Home Edition.lnk
[2010.07.06 14:35:27 | 000,001,889 | ---- | M] () -- C:\Users\jarmill\Desktop\CCleaner.lnk
[2010.07.05 14:34:12 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra více hráčů.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra jednoho hráče.lnk
[2010.06.29 23:28:40 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.06.29 15:10:04 | 000,001,837 | ---- | M] () -- C:\Users\jarmill\Desktop\GamePark.lnk
[2010.06.27 14:03:42 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.27 14:00:46 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010.06.24 09:04:14 | 000,166,984 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
[2010.06.22 11:21:50 | 000,002,712 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.06.21 12:38:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.06.19 18:19:06 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.13 14:58:57 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.06.13 14:52:17 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.11 12:50:02 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.06.11 12:50:02 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.06.11 12:50:02 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.06.11 12:50:02 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.06.11 12:50:02 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.06.11 03:29:54 | 000,289,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.08 22:03:05 | 001,381,144 | ---- | M] () -- C:\Users\jarmill\Documents\Winter.rar
[2010.06.08 01:58:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.06.08 01:58:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.06.08 01:58:00 | 000,012,507 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2010.06.02 13:56:02 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.30 19:07:35 | 000,001,268 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010.05.30 19:07:02 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010.05.30 04:19:18 | 000,001,193 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.28 02:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.05.28 02:09:00 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2010.05.26 12:29:48 | 000,001,027 | ---- | M] () -- C:\Users\jarmill\Desktop\ParadisePoker.lnk
[2010.05.16 20:54:37 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.16 17:39:13 | 000,001,243 | ---- | M] () -- C:\Users\jarmill\Desktop\DVDVideoSoft Free Studio.lnk
[2010.05.10 21:39:04 | 000,000,815 | ---- | M] () -- C:\Users\jarmill\Desktop\µTorrent.lnk
[2010.05.10 18:54:58 | 000,001,950 | ---- | M] () -- C:\Users\jarmill\Desktop\Counter Strike 1.6 Non Steam.lnk
[2010.05.10 18:40:25 | 000,001,676 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
[2010.05.09 17:05:15 | 000,000,995 | ---- | M] () -- C:\Users\jarmill\Desktop\SopCast.lnk
[2010.05.04 20:26:53 | 000,062,952 | ---- | M] () -- C:\Users\jarmill\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.04 18:22:48 | 000,001,239 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.05.04 18:20:29 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.05.02 14:51:15 | 000,333,836 | RHS- | M] () -- C:\IBLQA
[2010.05.02 14:51:15 | 000,000,020 | RHS- | M] () -- C:\winx.ld
[2010.05.02 14:49:40 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.05.02 14:49:40 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.05.01 19:28:14 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.04.30 10:34:48 | 000,262,144 | -H-- | M] () -- C:\Windows\DUMPdd60.DMP
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.28 08:17:46 | 000,139,704 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys
[2010.04.28 08:17:46 | 000,124,760 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys
[2010.04.24 19:02:56 | 803,594,271 | ---- | M] () -- C:\Users\jarmill\Documents\sw_13a_lq.wmv
[2010.04.23 16:09:43 | 008,612,542 | ---- | M] () -- C:\Users\jarmill\Documents\Dizzee Rascal ft. Daniel Pearce - Dirtee Disco _Radio Rip_.mp3
[2010.04.22 00:12:15 | 000,000,723 | ---- | M] () -- C:\Users\jarmill\Desktop\Titan Poker.lnk
[2010.04.20 19:12:10 | 000,001,126 | ---- | M] () -- C:\Users\jarmill\Desktop\BS.Player FREE.lnk
[2010.04.20 17:42:10 | 838,770,688 | ---- | M] () -- C:\Users\jarmill\Desktop\Zkažená mládež[2007].avi
[2010.04.20 13:46:30 | 000,021,832 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010.04.13 21:19:44 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.04.13 18:37:25 | 000,001,003 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010.04.11 18:48:44 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.04.11 16:43:13 | 003,444,896 | ---- | M] () -- C:\Users\jarmill\Documents\Dizzee Rascal & Florence And The Machine - BRIT Awards 2010 Performance (HQ).mp3
[2010.04.11 11:55:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.04.10 23:31:28 | 006,021,120 | ---- | M] () -- C:\Users\jarmill\Documents\A List - Runway.mp3
[2010.04.10 22:02:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.04.10 22:02:29 | 000,000,367 | RHS- | M] () -- C:\Boot.ini.saved
[2010.04.10 21:44:57 | 000,524,288 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.10 21:44:57 | 000,524,288 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.10 21:44:57 | 000,065,536 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.10 21:23:56 | 000,000,020 | -HS- | M] () -- C:\Users\jarmill\ntuser.ini
[2010.04.10 21:09:10 | 000,061,655 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.04.10 21:09:10 | 000,061,655 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2010.07.06 23:55:56 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.06 21:21:57 | 000,002,985 | ---- | C] () -- C:\Users\jarmill\Desktop\HiJackThis.lnk
[2010.07.06 21:03:22 | 000,027,822 | ---- | C] () -- C:\Users\jarmill\Documents\cc_20100706_210301.reg
[2010.07.06 18:37:06 | 000,000,019 | ---- | C] () -- C:\Users\jarmill\AppData\Roaming\prio.ini
[2010.07.06 15:12:08 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010.07.06 15:12:06 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.07.06 14:47:01 | 000,012,507 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010.07.06 14:42:54 | 000,001,106 | ---- | C] () -- C:\Users\jarmill\Desktop\EVEREST Home Edition.lnk
[2010.07.06 14:35:27 | 000,001,889 | ---- | C] () -- C:\Users\jarmill\Desktop\CCleaner.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra více hráčů.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra jednoho hráče.lnk
[2010.06.30 12:27:21 | 3788,406,784 | ---- | C] () -- C:\Users\jarmill\Desktop\CoD.iso
[2010.06.29 15:10:04 | 000,001,837 | ---- | C] () -- C:\Users\jarmill\Desktop\GamePark.lnk
[2010.06.27 14:03:42 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.27 14:00:46 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010.06.22 11:21:50 | 000,002,712 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.06.21 12:38:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.06.19 18:19:06 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.13 14:58:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.13 14:52:17 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.08 22:03:05 | 001,381,144 | ---- | C] () -- C:\Users\jarmill\Documents\Winter.rar
[2010.06.08 21:39:37 | 3244,752,895 | ---- | C] () -- C:\Users\jarmill\Desktop\rzr-fa10.iso
[2010.06.02 13:56:02 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.06.01 00:00:30 | 1099,440,128 | ---- | C] () -- C:\Users\jarmill\Desktop\Frankenstein.1994.AC3.DVDRip.XviD.CZ.avi
[2010.05.30 19:07:35 | 000,001,268 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010.05.30 19:06:28 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.05.30 19:06:11 | 000,000,954 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.30 19:06:08 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.30 04:19:18 | 000,001,193 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.28 02:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.05.28 02:09:00 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2010.05.26 12:29:48 | 000,001,027 | ---- | C] () -- C:\Users\jarmill\Desktop\ParadisePoker.lnk
[2010.05.16 20:56:16 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.05.16 17:39:13 | 000,001,243 | ---- | C] () -- C:\Users\jarmill\Desktop\DVDVideoSoft Free Studio.lnk
[2010.05.10 21:39:04 | 000,000,815 | ---- | C] () -- C:\Users\jarmill\Desktop\µTorrent.lnk
[2010.05.10 18:54:58 | 000,001,950 | ---- | C] () -- C:\Users\jarmill\Desktop\Counter Strike 1.6 Non Steam.lnk
[2010.05.10 18:40:25 | 000,001,676 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
[2010.05.09 17:05:15 | 000,000,995 | ---- | C] () -- C:\Users\jarmill\Desktop\SopCast.lnk
[2010.05.04 18:22:48 | 000,001,239 | ---- | C] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.05.04 18:20:29 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.05.02 14:51:15 | 000,333,836 | RHS- | C] () -- C:\IBLQA
[2010.05.02 14:48:52 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010.05.02 14:48:52 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2010.05.02 14:26:25 | 000,000,020 | RHS- | C] () -- C:\winx.ld
[2010.05.01 19:28:14 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.04.30 10:34:48 | 000,262,144 | -H-- | C] () -- C:\Windows\DUMPdd60.DMP
[2010.04.24 18:58:28 | 803,594,271 | ---- | C] () -- C:\Users\jarmill\Documents\sw_13a_lq.wmv
[2010.04.23 16:05:46 | 008,612,542 | ---- | C] () -- C:\Users\jarmill\Documents\Dizzee Rascal ft. Daniel Pearce - Dirtee Disco _Radio Rip_.mp3
[2010.04.22 00:12:15 | 000,000,723 | ---- | C] () -- C:\Users\jarmill\Desktop\Titan Poker.lnk
[2010.04.20 19:12:10 | 000,001,126 | ---- | C] () -- C:\Users\jarmill\Desktop\BS.Player FREE.lnk
[2010.04.20 17:36:25 | 838,770,688 | ---- | C] () -- C:\Users\jarmill\Desktop\Zkažená mládež[2007].avi
[2010.04.13 21:19:46 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.13 21:19:44 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.04.13 21:19:44 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.04.13 18:37:25 | 000,001,003 | ---- | C] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010.04.11 18:48:44 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.04.11 16:42:57 | 003,444,896 | ---- | C] () -- C:\Users\jarmill\Documents\Dizzee Rascal & Florence And The Machine - BRIT Awards 2010 Performance (HQ).mp3
[2010.04.11 11:55:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.04.10 23:31:27 | 006,021,120 | ---- | C] () -- C:\Users\jarmill\Documents\A List - Runway.mp3
[2010.04.10 22:07:11 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.04.10 22:02:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.04.10 22:02:29 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.04.10 22:02:29 | 000,000,223 | -H-- | C] () -- C:\Boot.BAK
[2010.04.10 21:23:56 | 002,621,440 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT
[2010.04.10 21:23:56 | 000,524,288 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.10 21:23:56 | 000,524,288 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.10 21:23:56 | 000,262,144 | -HS- | C] () -- C:\Users\jarmill\ntuser.dat.LOG2
[2010.04.10 21:23:56 | 000,262,144 | -HS- | C] () -- C:\Users\jarmill\ntuser.dat.LOG1
[2010.04.10 21:23:56 | 000,065,536 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.10 21:23:56 | 000,000,020 | -HS- | C] () -- C:\Users\jarmill\ntuser.ini
[2010.04.10 21:03:42 | 3220,676,608 | -HS- | C] () -- C:\hiberfil.sys
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.07.01 15:13:18 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Allstar
[2010.05.10 21:42:43 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\BitSpirit
[2010.04.27 23:25:51 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\BSplayer
[2010.04.20 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\BSplayer Pro
[2010.04.11 19:00:31 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\DAEMON Tools Lite
[2010.07.06 14:52:22 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\ICQ
[2010.07.06 15:12:04 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\IObit
[2010.06.08 22:18:35 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Leadertech
[2010.05.04 18:22:24 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\OpenOffice.org
[2010.06.24 11:46:28 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Opera
[2010.04.11 19:16:42 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Sports Interactive
[2010.05.11 00:28:10 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\uTorrent
[2010.07.06 15:12:08 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2009.07.14 07:08:49 | 000,015,276 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009.01.09 11:03:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009.01.09 12:17:33 | 000,000,223 | -H-- | M] () -- C:\Boot.BAK
[2010.04.10 22:02:29 | 000,000,367 | RHS- | M] () -- C:\Boot.ini.saved
[2001.10.25 16:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009.07.14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010.04.10 22:02:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009.01.09 11:03:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.07.06 14:50:47 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.02 14:51:15 | 000,333,836 | RHS- | M] () -- C:\IBLQA
[2009.01.09 11:03:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009.01.09 11:03:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009.01.09 11:31:05 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009.01.12 16:33:36 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2010.07.06 14:50:49 | 4294,238,208 | -HS- | M] () -- C:\pagefile.sys
[2009.01.09 12:14:07 | 000,000,581 | ---- | M] () -- C:\RHDSetup.log
[2010.05.02 14:51:15 | 000,000,020 | RHS- | M] () -- C:\winx.ld
[2010.02.19 19:02:10 | 000,138,255 | ---- | M] () -- C:\yt.htm

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
< End of report >

//nedávej log do code! jaro3
Nahoru
jarmilprdell
nováček
Příspěvky: 16
Registrován: červenec 10
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jarmilprdell » 07 črc 2010 15:15

extras

extras
OTL logfile created on: 7.7.2010 15:03:31 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\jarmill\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 312,50 Gb Total Space | 3,89 Gb Free Space | 1,24% Space Free | Partition Type: NTFS
Drive D: | 153,26 Gb Total Space | 5,59 Gb Free Space | 3,65% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JARMILL-PC
Current User Name: jarmill
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.07.07 14:58:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
PRC - [2010.07.07 14:58:17 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTH.scr
PRC - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


========== Modules (SafeList) ==========

MOD - [2010.07.07 14:58:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
MOD - [2010.05.06 14:41:49 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2010.05.05 11:54:48 | 000,010,960 | ---- | M] (O&K Software) -- C:\Program Files\Prio\prio32.dll
MOD - [2009.07.14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009.07.14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009.07.14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009.07.14 03:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2009.07.14 03:16:15 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2009.07.14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009.07.14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009.07.14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2009.07.14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009.07.14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009.07.14 03:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009.07.14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009.07.14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009.07.14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009.07.14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.07.02 12:44:10 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EHttpSrv)
SRV:64bit: - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.05.05 11:55:34 | 000,009,936 | ---- | M] () [Auto | Running] -- C:\Program Files\Prio\prio_svc.exe -- (prio_svc)
SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.16 20:54:37 | 000,075,064 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.06.24 09:04:14 | 000,166,984 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.04.28 08:17:46 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.04.28 08:17:46 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.04.20 13:46:30 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010.04.19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.04.11 18:48:44 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 5E 74 00 E4 D8 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.05.30 19:07:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.06.02 13:56:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.06.02 13:56:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.07.06 19:45:16 | 000,000,000 | ---D | M]

[2010.05.01 19:28:24 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Mozilla\Extensions
[2010.04.13 18:37:28 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\extensions
[2010.04.13 18:37:28 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.07.06 23:17:55 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\extensions
[2010.06.19 18:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.07.06 14:43:59 | 000,002,384 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\searchplugins\askcom.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Mozilla\Firefox\Profiles\hpktarti.default\searchplugins\icqplugin.xml
[2010.07.06 23:20:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download Using &BitSpirit - C:\Windows.old\Program Files\BitSpirit\bsurl.htm ()
O8 - Extra context menu item: Download Using &BitSpirit - C:\Windows.old\Program Files\BitSpirit\bsurl.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (prio.dll) - C:\Program Files\Prio\prio.dll (O&K Software)
O20 - AppInit_DLLs: (prio32.dll) - C:\Program Files\Prio\prio32.dll (O&K Software)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.09 11:03:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell - "" = AutoRun
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell\AutoRun\command - "" = G:\Setup\rsrc\autorun.exe -- File not found
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010.07.07 14:58:29 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
[2010.07.07 14:58:17 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTH.scr
[2010.07.06 23:56:13 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Malwarebytes
[2010.07.06 23:55:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.07.06 23:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.06 23:55:52 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.07.06 23:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.07.06 21:51:54 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\ESET
[2010.07.06 21:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.07.06 19:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010.07.06 19:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.07.06 18:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\Prio
[2010.07.06 15:12:04 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\IObit
[2010.07.06 15:12:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2010.07.06 14:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.07.06 14:48:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.07.06 14:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.07.06 14:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.07.06 14:47:01 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.07.06 14:47:01 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.07.06 14:46:52 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.07.06 14:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010.07.06 14:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.07.01 15:13:18 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Allstar
[2010.06.29 15:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamePark
[2010.06.27 14:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.06.27 14:03:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.06.27 14:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010.06.27 14:01:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.06.27 14:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2010.06.24 11:46:25 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Google Translator
[2010.06.24 09:04:14 | 000,166,984 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
[2010.06.24 03:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.06.22 11:23:02 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Nero
[2010.06.22 11:21:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010.06.22 11:21:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.06.22 11:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.06.19 18:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.06.19 18:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.06.19 18:18:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.06.13 14:58:57 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\skypePM
[2010.06.13 14:52:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Skype
[2010.06.13 14:52:17 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.06.13 14:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.06.13 14:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.06.11 03:28:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010.06.11 03:28:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010.06.08 22:20:02 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\FIFA 10
[2010.06.08 22:18:35 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Leadertech
[2010.06.08 21:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports
[2010.06.08 21:18:51 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Desktop\Fifa10-Razor1911
[2010.06.07 14:07:41 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Desktop\pacifik
[2010.06.06 13:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.06.02 13:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.06.02 13:54:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.05.31 21:06:11 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\Downloads
[2010.05.30 19:07:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Real
[2010.05.30 19:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2010.05.30 19:07:02 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010.05.30 19:07:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2010.05.30 19:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010.05.30 19:06:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real
[2010.05.30 19:06:57 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Real
[2010.05.30 19:06:00 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Google
[2010.05.30 19:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.05.26 12:29:51 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Boss Media
[2010.05.26 12:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Boss Media
[2010.05.26 12:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParadisePoker
[2010.05.26 12:22:48 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\PokerStars
[2010.05.16 20:54:04 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\PunkBuster
[2010.05.16 17:39:13 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\DVDVideoSoft
[2010.05.16 17:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.05.16 17:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.05.15 14:22:37 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\ElevatedDiagnostics
[2010.05.12 16:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010.05.10 21:42:43 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\BitSpirit
[2010.05.10 21:39:04 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\uTorrent
[2010.05.10 18:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
[2010.05.10 18:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.05.09 17:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2010.05.04 18:22:24 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\OpenOffice.org
[2010.05.04 18:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2010.05.04 17:50:15 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\ICQ
[2010.05.01 19:28:16 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Mozilla
[2010.05.01 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.04.28 08:17:46 | 000,139,704 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys
[2010.04.28 08:17:46 | 000,124,760 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys
[2010.04.23 15:55:06 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Diagnostics
[2010.04.20 19:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BS_Player
[2010.04.20 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\BSplayer Pro
[2010.04.20 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\BSplayer
[2010.04.20 13:46:30 | 000,021,832 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010.04.20 13:46:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
[2010.04.14 11:23:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\WinRAR
[2010.04.13 19:28:09 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Activision
[2010.04.13 19:25:42 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.04.13 19:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2010.04.13 18:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2010.04.13 18:44:17 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\LogMeIn Hamachi
[2010.04.13 18:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.04.13 18:42:27 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Hamachi
[2010.04.13 18:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.04.13 18:37:28 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Mozilla
[2010.04.13 18:37:25 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Xfire
[2010.04.13 18:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.04.13 18:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2010.04.13 12:47:47 | 000,000,000 | ---D | C] -- C:\Poker
[2010.04.13 12:00:18 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.04.11 19:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2010.04.11 19:16:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2010.04.11 19:16:44 | 000,000,000 | ---D | C] -- C:\Users\jarmill\Documents\Sports Interactive
[2010.04.11 19:16:42 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Sports Interactive
[2010.04.11 19:05:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2010.04.11 19:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sports Interactive
[2010.04.11 19:01:19 | 000,000,000 | -H-D | C] -- C:\Users\jarmill\InstallAnywhere
[2010.04.11 18:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.04.11 18:48:00 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\DAEMON Tools Lite
[2010.04.11 18:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.04.11 11:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2010.04.11 11:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.04.11 11:23:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010.04.11 11:05:31 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Apple Computer
[2010.04.11 11:05:30 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Apple Computer
[2010.04.11 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.04.11 11:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
[2010.04.11 11:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.04.11 11:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.04.11 11:03:52 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Apple
[2010.04.11 11:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.04.11 11:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.04.11 11:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.04.10 23:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2010.04.10 23:40:44 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Last.fm
[2010.04.10 23:40:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm
[2010.04.10 23:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webteh
[2010.04.10 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Macromedia
[2010.04.10 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Adobe
[2010.04.10 22:12:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.04.10 22:10:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Opera
[2010.04.10 22:10:38 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Opera
[2010.04.10 22:07:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010.04.10 22:06:25 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.04.10 22:02:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.04.10 22:02:29 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.04.10 21:50:51 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010.04.10 21:39:17 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\ICQ
[2010.04.10 21:39:16 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\AOL
[2010.04.10 21:37:54 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Microsoft Games
[2010.04.10 21:24:39 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Searches
[2010.04.10 21:24:27 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Identities
[2010.04.10 21:24:21 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Contacts
[2010.04.10 21:24:14 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\VirtualStore
[2010.04.10 21:23:56 | 000,000,000 | --SD | C] -- C:\Users\jarmill\AppData\Roaming\Microsoft
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Videos
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Saved Games
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Pictures
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Music
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Links
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Favorites
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Downloads
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Dokumenty
[2010.04.10 21:23:56 | 000,000,000 | R--D | C] -- C:\Users\jarmill\Desktop
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\AppData\Local\Temporary Internet Files
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Šablony
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Soubory cookie
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\SendTo
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Poslední
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Okolní tiskárny
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Okolní síť
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Documents\Obrázky
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Nabídka Start
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Local Settings
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Documents\Hudba
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\AppData\Local\History
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Documents\Filmy
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Dokumenty
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\Data aplikací
[2010.04.10 21:23:56 | 000,000,000 | -HSD | C] -- C:\Users\jarmill\AppData\Local\Data aplikací
[2010.04.10 21:23:56 | 000,000,000 | -H-D | C] -- C:\Users\jarmill\AppData
[2010.04.10 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Temp
[2010.04.10 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Local\Microsoft
[2010.04.10 21:23:56 | 000,000,000 | ---D | C] -- C:\Users\jarmill\AppData\Roaming\Media Center Programs
[2010.04.10 21:23:40 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.04.10 21:23:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2010.04.10 21:23:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010.04.10 21:23:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2010.04.10 21:07:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.04.10 21:04:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

========== Files - Modified Within 90 Days ==========

[2010.07.07 15:05:54 | 002,621,440 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT
[2010.07.07 14:58:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTL.exe
[2010.07.07 14:58:17 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\jarmill\Desktop\OTH.scr
[2010.07.07 14:28:01 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.07 14:24:38 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.07.07 14:24:38 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.07.07 11:01:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.06 23:55:56 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.06 21:21:57 | 000,002,985 | ---- | M] () -- C:\Users\jarmill\Desktop\HiJackThis.lnk
[2010.07.06 21:03:49 | 000,027,822 | ---- | M] () -- C:\Users\jarmill\Documents\cc_20100706_210301.reg
[2010.07.06 19:28:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.06 18:55:40 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.06 18:55:40 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.06 18:37:06 | 000,000,019 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\prio.ini
[2010.07.06 15:12:08 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010.07.06 15:12:06 | 000,001,225 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.07.06 14:51:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.06 14:50:47 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.06 14:49:46 | 002,354,875 | -H-- | M] () -- C:\Users\jarmill\AppData\Local\IconCache.db
[2010.07.06 14:42:54 | 000,001,106 | ---- | M] () -- C:\Users\jarmill\Desktop\EVEREST Home Edition.lnk
[2010.07.06 14:35:27 | 000,001,889 | ---- | M] () -- C:\Users\jarmill\Desktop\CCleaner.lnk
[2010.07.05 14:34:12 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra více hráčů.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra jednoho hráče.lnk
[2010.06.29 23:28:40 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.06.29 15:10:04 | 000,001,837 | ---- | M] () -- C:\Users\jarmill\Desktop\GamePark.lnk
[2010.06.27 14:03:42 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.27 14:00:46 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010.06.24 09:04:14 | 000,166,984 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
[2010.06.22 11:21:50 | 000,002,712 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.06.21 12:38:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.06.19 18:19:06 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.13 14:58:57 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.06.13 14:52:17 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.11 12:50:02 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.06.11 12:50:02 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.06.11 12:50:02 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.06.11 12:50:02 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.06.11 12:50:02 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.06.11 03:29:54 | 000,289,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.08 22:03:05 | 001,381,144 | ---- | M] () -- C:\Users\jarmill\Documents\Winter.rar
[2010.06.08 01:58:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.06.08 01:58:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.06.08 01:58:00 | 000,012,507 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2010.06.02 13:56:02 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.30 19:07:35 | 000,001,268 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010.05.30 19:07:02 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2010.05.30 04:19:18 | 000,001,193 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.28 02:09:00 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.05.28 02:09:00 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2010.05.26 12:29:48 | 000,001,027 | ---- | M] () -- C:\Users\jarmill\Desktop\ParadisePoker.lnk
[2010.05.16 20:54:37 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.16 17:39:13 | 000,001,243 | ---- | M] () -- C:\Users\jarmill\Desktop\DVDVideoSoft Free Studio.lnk
[2010.05.10 21:39:04 | 000,000,815 | ---- | M] () -- C:\Users\jarmill\Desktop\µTorrent.lnk
[2010.05.10 18:54:58 | 000,001,950 | ---- | M] () -- C:\Users\jarmill\Desktop\Counter Strike 1.6 Non Steam.lnk
[2010.05.10 18:40:25 | 000,001,676 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
[2010.05.09 17:05:15 | 000,000,995 | ---- | M] () -- C:\Users\jarmill\Desktop\SopCast.lnk
[2010.05.04 20:26:53 | 000,062,952 | ---- | M] () -- C:\Users\jarmill\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.04 18:22:48 | 000,001,239 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.05.04 18:20:29 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.05.02 14:51:15 | 000,333,836 | RHS- | M] () -- C:\IBLQA
[2010.05.02 14:51:15 | 000,000,020 | RHS- | M] () -- C:\winx.ld
[2010.05.02 14:49:40 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.05.02 14:49:40 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.05.01 19:28:14 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.04.30 10:34:48 | 000,262,144 | -H-- | M] () -- C:\Windows\DUMPdd60.DMP
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.28 08:17:46 | 000,139,704 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys
[2010.04.28 08:17:46 | 000,124,760 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys
[2010.04.24 19:02:56 | 803,594,271 | ---- | M] () -- C:\Users\jarmill\Documents\sw_13a_lq.wmv
[2010.04.23 16:09:43 | 008,612,542 | ---- | M] () -- C:\Users\jarmill\Documents\Dizzee Rascal ft. Daniel Pearce - Dirtee Disco _Radio Rip_.mp3
[2010.04.22 00:12:15 | 000,000,723 | ---- | M] () -- C:\Users\jarmill\Desktop\Titan Poker.lnk
[2010.04.20 19:12:10 | 000,001,126 | ---- | M] () -- C:\Users\jarmill\Desktop\BS.Player FREE.lnk
[2010.04.20 17:42:10 | 838,770,688 | ---- | M] () -- C:\Users\jarmill\Desktop\Zkažená mládež[2007].avi
[2010.04.20 13:46:30 | 000,021,832 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\hamachi.sys
[2010.04.13 21:19:44 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.04.13 18:37:25 | 000,001,003 | ---- | M] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010.04.11 18:48:44 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.04.11 16:43:13 | 003,444,896 | ---- | M] () -- C:\Users\jarmill\Documents\Dizzee Rascal & Florence And The Machine - BRIT Awards 2010 Performance (HQ).mp3
[2010.04.11 11:55:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.04.10 23:31:28 | 006,021,120 | ---- | M] () -- C:\Users\jarmill\Documents\A List - Runway.mp3
[2010.04.10 22:02:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.04.10 22:02:29 | 000,000,367 | RHS- | M] () -- C:\Boot.ini.saved
[2010.04.10 21:44:57 | 000,524,288 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.10 21:44:57 | 000,524,288 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.10 21:44:57 | 000,065,536 | -HS- | M] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.10 21:23:56 | 000,000,020 | -HS- | M] () -- C:\Users\jarmill\ntuser.ini
[2010.04.10 21:09:10 | 000,061,655 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.04.10 21:09:10 | 000,061,655 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2010.07.06 23:55:56 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.06 21:21:57 | 000,002,985 | ---- | C] () -- C:\Users\jarmill\Desktop\HiJackThis.lnk
[2010.07.06 21:03:22 | 000,027,822 | ---- | C] () -- C:\Users\jarmill\Documents\cc_20100706_210301.reg
[2010.07.06 18:37:06 | 000,000,019 | ---- | C] () -- C:\Users\jarmill\AppData\Roaming\prio.ini
[2010.07.06 15:12:08 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010.07.06 15:12:06 | 000,001,225 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010.07.06 14:47:01 | 000,012,507 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010.07.06 14:42:54 | 000,001,106 | ---- | C] () -- C:\Users\jarmill\Desktop\EVEREST Home Edition.lnk
[2010.07.06 14:35:27 | 000,001,889 | ---- | C] () -- C:\Users\jarmill\Desktop\CCleaner.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra více hráčů.lnk
[2010.06.30 13:09:21 | 000,002,110 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 2 Hra jednoho hráče.lnk
[2010.06.30 12:27:21 | 3788,406,784 | ---- | C] () -- C:\Users\jarmill\Desktop\CoD.iso
[2010.06.29 15:10:04 | 000,001,837 | ---- | C] () -- C:\Users\jarmill\Desktop\GamePark.lnk
[2010.06.27 14:03:42 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.27 14:00:46 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010.06.22 11:21:50 | 000,002,712 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.06.21 12:38:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.06.19 18:19:06 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.13 14:58:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.13 14:52:17 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.08 22:03:05 | 001,381,144 | ---- | C] () -- C:\Users\jarmill\Documents\Winter.rar
[2010.06.08 21:39:37 | 3244,752,895 | ---- | C] () -- C:\Users\jarmill\Desktop\rzr-fa10.iso
[2010.06.02 13:56:02 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.06.01 00:00:30 | 1099,440,128 | ---- | C] () -- C:\Users\jarmill\Desktop\Frankenstein.1994.AC3.DVDRip.XviD.CZ.avi
[2010.05.30 19:07:35 | 000,001,268 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010.05.30 19:06:28 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.05.30 19:06:11 | 000,000,954 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.30 19:06:08 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.30 04:19:18 | 000,001,193 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
[2010.05.28 02:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.05.28 02:09:00 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2010.05.26 12:29:48 | 000,001,027 | ---- | C] () -- C:\Users\jarmill\Desktop\ParadisePoker.lnk
[2010.05.16 20:56:16 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.05.16 17:39:13 | 000,001,243 | ---- | C] () -- C:\Users\jarmill\Desktop\DVDVideoSoft Free Studio.lnk
[2010.05.10 21:39:04 | 000,000,815 | ---- | C] () -- C:\Users\jarmill\Desktop\µTorrent.lnk
[2010.05.10 18:54:58 | 000,001,950 | ---- | C] () -- C:\Users\jarmill\Desktop\Counter Strike 1.6 Non Steam.lnk
[2010.05.10 18:40:25 | 000,001,676 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
[2010.05.09 17:05:15 | 000,000,995 | ---- | C] () -- C:\Users\jarmill\Desktop\SopCast.lnk
[2010.05.04 18:22:48 | 000,001,239 | ---- | C] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.05.04 18:20:29 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.05.02 14:51:15 | 000,333,836 | RHS- | C] () -- C:\IBLQA
[2010.05.02 14:48:52 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010.05.02 14:48:52 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2010.05.02 14:26:25 | 000,000,020 | RHS- | C] () -- C:\winx.ld
[2010.05.01 19:28:14 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.04.30 10:34:48 | 000,262,144 | -H-- | C] () -- C:\Windows\DUMPdd60.DMP
[2010.04.24 18:58:28 | 803,594,271 | ---- | C] () -- C:\Users\jarmill\Documents\sw_13a_lq.wmv
[2010.04.23 16:05:46 | 008,612,542 | ---- | C] () -- C:\Users\jarmill\Documents\Dizzee Rascal ft. Daniel Pearce - Dirtee Disco _Radio Rip_.mp3
[2010.04.22 00:12:15 | 000,000,723 | ---- | C] () -- C:\Users\jarmill\Desktop\Titan Poker.lnk
[2010.04.20 19:12:10 | 000,001,126 | ---- | C] () -- C:\Users\jarmill\Desktop\BS.Player FREE.lnk
[2010.04.20 17:36:25 | 838,770,688 | ---- | C] () -- C:\Users\jarmill\Desktop\Zkažená mládež[2007].avi
[2010.04.13 21:19:46 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.13 21:19:44 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.04.13 21:19:44 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.04.13 18:37:25 | 000,001,003 | ---- | C] () -- C:\Users\jarmill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010.04.11 18:48:44 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.04.11 16:42:57 | 003,444,896 | ---- | C] () -- C:\Users\jarmill\Documents\Dizzee Rascal & Florence And The Machine - BRIT Awards 2010 Performance (HQ).mp3
[2010.04.11 11:55:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.04.10 23:31:27 | 006,021,120 | ---- | C] () -- C:\Users\jarmill\Documents\A List - Runway.mp3
[2010.04.10 22:07:11 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.04.10 22:02:32 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.04.10 22:02:29 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.04.10 22:02:29 | 000,000,223 | -H-- | C] () -- C:\Boot.BAK
[2010.04.10 21:23:56 | 002,621,440 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT
[2010.04.10 21:23:56 | 000,524,288 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.10 21:23:56 | 000,524,288 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.10 21:23:56 | 000,262,144 | -HS- | C] () -- C:\Users\jarmill\ntuser.dat.LOG2
[2010.04.10 21:23:56 | 000,262,144 | -HS- | C] () -- C:\Users\jarmill\ntuser.dat.LOG1
[2010.04.10 21:23:56 | 000,065,536 | -HS- | C] () -- C:\Users\jarmill\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.10 21:23:56 | 000,000,020 | -HS- | C] () -- C:\Users\jarmill\ntuser.ini
[2010.04.10 21:03:42 | 3220,676,608 | -HS- | C] () -- C:\hiberfil.sys
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.07.01 15:13:18 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Allstar
[2010.05.10 21:42:43 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\BitSpirit
[2010.04.27 23:25:51 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\BSplayer
[2010.04.20 19:11:37 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\BSplayer Pro
[2010.04.11 19:00:31 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\DAEMON Tools Lite
[2010.07.06 14:52:22 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\ICQ
[2010.07.06 15:12:04 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\IObit
[2010.06.08 22:18:35 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Leadertech
[2010.05.04 18:22:24 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\OpenOffice.org
[2010.06.24 11:46:28 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Opera
[2010.04.11 19:16:42 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\Sports Interactive
[2010.05.11 00:28:10 | 000,000,000 | ---D | M] -- C:\Users\jarmill\AppData\Roaming\uTorrent
[2010.07.06 15:12:08 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2009.07.14 07:08:49 | 000,015,276 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009.01.09 11:03:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009.01.09 12:17:33 | 000,000,223 | -H-- | M] () -- C:\Boot.BAK
[2010.04.10 22:02:29 | 000,000,367 | RHS- | M] () -- C:\Boot.ini.saved
[2001.10.25 16:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009.07.14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010.04.10 22:02:32 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009.01.09 11:03:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.07.06 14:50:47 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.02 14:51:15 | 000,333,836 | RHS- | M] () -- C:\IBLQA
[2009.01.09 11:03:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009.01.09 11:03:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009.01.09 11:31:05 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009.01.12 16:33:36 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2010.07.06 14:50:49 | 4294,238,208 | -HS- | M] () -- C:\pagefile.sys
[2009.01.09 12:14:07 | 000,000,581 | ---- | M] () -- C:\RHDSetup.log
[2010.05.02 14:51:15 | 000,000,020 | RHS- | M] () -- C:\winx.ld
[2010.02.19 19:02:10 | 000,138,255 | ---- | M] () -- C:\yt.htm

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
< End of report >

//nedávej log do code! jaro3
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43295
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jaro3 » 07 črc 2010 16:23

Dal si sem 2x OTL List , potřebuju taky Extras...

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll (Conduit Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell - "" = AutoRun
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell\AutoRun\command - "" = G:\Setup\rsrc\autorun.exe -- File not found
O33 - MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Program Files (x86)\ICQ6Toolbar
C:\Windows\tasks\SA.DAT
C:\ProgramData\ezsidmv.dat
C:\Windows\DUMPdd60.DMP

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]

Toto znáš:
C:\IBLQA
C:\yt.htm
??
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jarmilprdell
nováček
Příspěvky: 16
Registrován: červenec 10
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jarmilprdell » 07 črc 2010 16:36

Toto znáš:
C:\IBLQA
C:\yt.htm
??


neznam.. .)

OTL Extras logfile created on: 7.7.2010 15:03:31 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\jarmill\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 312,50 Gb Total Space | 3,89 Gb Free Space | 1,24% Space Free | Partition Type: NTFS
Drive D: | 153,26 Gb Total Space | 5,59 Gb Free Space | 3,65% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JARMILL-PC
Current User Name: jarmill
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{53529DAD-F7C9-476E-87CC-1547C4E3E821}" = iTunes
"{852CD00B-1467-4906-B3B4-8FDFFABA42EE}" = ESET NOD32 Antivirus
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Prio" = Prio

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DE71D48-01EB-4BF2-A643-50FE6C9B6AC9}" = OpenOffice.org 3.2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{c686062a-2231-4fb0-9d9c-a1513559cd25}" = Nero 9 Lite
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"BS_Player Toolbar" = BS_Player Toolbar
"BSPlayerf" = BS.Player FREE
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Football Manager 2010" = Football Manager 2010
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"GameParkClient_is1" = GamePark
"Google Chrome" = Google Chrome
"Hamachi" = Hamachi 1.0.1.5
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"LastFM_is1" = Last.fm 1.5.4.24567
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ParadisePoker" = ParadisePoker
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.2.9
"Uninstall_is1" = Uninstall 1.0.0.1
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Translator" = Google Translator
"Titan Poker" = Titan Poker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6.7.2010 21:10:19 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7098

Error - 6.7.2010 21:10:19 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7098

Error - 6.7.2010 21:10:20 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6.7.2010 21:10:20 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8096

Error - 6.7.2010 21:10:20 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8096

Error - 7.7.2010 9:00:35 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = 484: ERROR: read_msg errno 10054 (Stávající připojení bylo vynuceně
ukončeno vzdáleným hostitelem.)

Error - 7.7.2010 9:00:35 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = 216: ERROR: read_msg errno 10054 (Stávající připojení bylo vynuceně
ukončeno vzdáleným hostitelem.)

Error - 7.7.2010 9:00:35 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = 492: ERROR: read_msg errno 10054 (Stávající připojení bylo vynuceně
ukončeno vzdáleným hostitelem.)

Error - 7.7.2010 9:00:35 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = 480: ERROR: read_msg errno 10054 (Stávající připojení bylo vynuceně
ukončeno vzdáleným hostitelem.)

Error - 7.7.2010 9:00:35 | Computer Name = jarmill-PC | Source = Bonjour Service | ID = 100
Description = 488: ERROR: read_msg errno 10054 (Stávající připojení bylo vynuceně
ukončeno vzdáleným hostitelem.)

[ System Events ]
Error - 6.7.2010 8:51:41 | Computer Name = jarmill-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.

Error - 6.7.2010 8:51:41 | Computer Name = jarmill-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.

Error - 6.7.2010 9:27:48 | Computer Name = jarmill-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 6.7.2010 14:37:48 | Computer Name = jarmill-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 6.7.2010 16:55:31 | Computer Name = jarmill-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 6.7.2010 17:34:42 | Computer Name = jarmill-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 7.7.2010 9:00:32 | Computer Name = jarmill-PC | Source = Service Control Manager | ID = 7031
Description = Služba Apple Mobile Device byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 7.7.2010 9:00:43 | Computer Name = jarmill-PC | Source = Service Control Manager | ID = 7034
Description = Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 7.7.2010 9:00:44 | Computer Name = jarmill-PC | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 7.7.2010 9:00:44 | Computer Name = jarmill-PC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.


< End of report >

//nedávej logy do code!!! jaro3
Nahoru
jarmilprdell
nováček
Příspěvky: 16
Registrován: červenec 10
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jarmilprdell » 07 črc 2010 16:46

log po restartu..

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Prefs.js: toolbar@ask.com:3.6.6.117 removed from extensions.enabledItems
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
C:\Program Files (x86)\BS_Player\tbBS_P.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}\ not found.
File C:\Program Files (x86)\BS_Player\tbBS_P.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\Windows\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ deleted successfully.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\ not found.
File G:\Setup\rsrc\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99a59fed-458a-11df-b10f-001e8ce0cfd6}\ not found.
File G:\Directx\dxsetup.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AWC Startup.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
C:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Windows\DUMPdd60.DMP moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: jarmill
->Temp folder emptied: 9216464 bytes
->Temporary Internet Files folder emptied: 30451892 bytes
->FireFox cache emptied: 39901872 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 9951630 bytes
->Flash cache emptied: 6733 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 96088 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 683 bytes

Total Files Cleaned = 86,00 mb


OTL by OldTimer - Version 3.2.7.1 log created on 07072010_163944

Files\Folders moved on Reboot...
C:\Users\jarmill\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

//nedávej logy do code!!! jaro3
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43295
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jaro3 » 07 črc 2010 20:17

Smaž:
C:\IBLQA
C:\yt.htm

Smaž OTL
C:\_OTL

PC by mělo být čisté , jako jedinou chybu vidím nedostatek místa zvláště na systémovém disku (oddílu)
Drive C: | 312,50 Gb Total Space | 3,89 Gb Free Space | 1,24% Space Free | Partition Type: NTFS
Drive D: | 153,26 Gb Total Space | 5,59 Gb Free Space | 3,65% Space Free | Partition Type: NTFS

Máš tam 1,24% volného místa , doporučuje se mít alespoň 15% volného místa , jinak mohou vzniknout problémy- není kam ukládat dočasné soubory a složky atd.
Něco odinstaluj , smaž.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jarmilprdell
nováček
Příspěvky: 16
Registrován: červenec 10
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem

Příspěvekod jarmilprdell » 08 črc 2010 12:49

tak vse sem udelal, fps uz neklesaji ale stejne porad nemam stalych 250.. nahodou s cod2 configama si nevis rady? :) jinak moc dik za pomoc..
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43295
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - cod2 problem  Vyřešeno

Příspěvekod jaro3 » 08 črc 2010 12:55

hry nejsou můj obor , takže spíš zadej nové téma do sekce hry ap.

Pokud nejsou problémy(s viry) , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 6 hostů