virus - hlasenie program prestal pracovat

Zpráva

Peterovo · #1 Příspěvek od **Peterovo** » 02 dub 2013 16:06

Dobry den, chcel by som Vas poprosit o pomoc pri rieseni problemu s notebookom. Hlavny problem je v neustale vyskakujucich oknach oznamujucich nahle ukoncenie programov, ktore su v PC nainstalovane. Pripajam log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Peter at 2013-04-02 16:54:23
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 145 GB (49%) free of 295 GB
Total RAM: 3000 MB (42% free)

HijackThis download failed

======Scheduled tasks folder======

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
C:\windows\tasks\ReclaimerResumeInstallLogin_Peter.job
C:\windows\tasks\ReclaimerResumeInstall_Peter.job
C:\windows\tasks\{EB21FAAA-AF25-429A-86DC-CED3C5053900}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-11 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-11 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-05-08 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-02 10244096]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-11 148888]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-04-21 197904]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2008-06-10 150040]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2008-06-10 170520]
"Persistence"=C:\windows\system32\igfxpers.exe [2008-06-10 145944]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-09 54840]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 1848648]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"TkBellExe"=C:\Program Files\Real\RealPlayer\Update\realsched.exe [2012-05-11 296056]
"combofix"=C:\ComboFix\CF25708.3XE [2012-08-08 318976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Octoshape Streaming Services"=C:\Users\Peter\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Facebook Update"=C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11 138096]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Google Update"=C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2008-05-21 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

======List of files/folders modified in the last 3 months======

2013-04-02 16:54:40 ----D---- C:\windows\temp
2013-04-02 16:54:40 ----D---- C:\Program Files\trend micro
2013-04-02 16:54:02 ----D---- C:\windows\Prefetch
2013-04-02 16:53:37 ----D---- C:\windows\Tasks
2013-04-02 16:53:37 ----D---- C:\windows\system32\Tasks
2013-04-02 16:53:10 ----D---- C:\windows\system32\catroot
2013-04-02 16:53:09 ----D---- C:\windows\system32\catroot2
2013-04-02 16:53:03 ----D---- C:\windows\winsxs
2013-04-02 16:52:50 ----D---- C:\windows\System32
2013-04-02 16:52:49 ----D---- C:\windows\inf
2013-04-02 16:52:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-04-02 16:52:08 ----D---- C:\Users\Peter\AppData\Roaming\Skype
2013-04-02 16:46:26 ----A---- C:\windows\system32\rpcnetp.exe
2013-04-02 16:46:07 ----A---- C:\windows\system32\rpcnetp.dll
2013-04-02 16:46:07 ----A---- C:\windows\system32\rpcnet.dll
2013-04-02 16:44:08 ----A---- C:\windows\ntbtlog.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-14 12496]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2008-05-21 2369536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-01-17 298496]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
S3 catchme;catchme; \??\C:\Users\Peter\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [2011-01-14 196912]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\windows\system32\rpcnet.exe [2012-05-11 58288]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
S2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
S2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]
S3 WPFFontCache_v0400;@c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 02 dub 2013 16:17

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Prohledat
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Peterovo · #3 Příspěvek od **Peterovo** » 02 dub 2013 16:33

Dobry den, pripajam logy:

AdwCleaner:
# AdwCleaner v2.115 - Log vytvorený 02/04/2013 o 17:18:50
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Uživatel : Peter - KASTEN-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Peter\Desktop\adwcleaner.exe
# Volba [Preh3ada?]

***** [Služby] *****

***** [Súbory / Adresáre] *****

Adresár Nájdené : C:\ProgramData\ICQ\ICQToolbar

***** [Registre] *****

Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
K3úe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Nájdené : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
K3úe Nájdené : HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v9.0.8112.16450

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd

-\\ Google Chrome v22.0.1229.79

Súbor : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nájdené [l.68] : keyword = "icq.com",
Nájdené [l.71] : search_url = "hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd",

-\\ Opera v11.50.1074.0

Súbor : C:\Users\Peter\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [2400 octets] - [02/04/2013 17:18:50]

########## EOF - C:\AdwCleaner[R1].txt - [2460 octets] ##########

RogueKiller:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spustené v : Normálny režim
Užívateľ : Peter [Práva Správcu]
Režim : Kontrola -- Dátum : 04/02/2013 17:26:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3252GSX +++++
--- User ---
[MBR] ff3e41409be30bbcb91977376d8a2880
[BSP] 0a4c6d6b5cab4f4ba27e7d4a246ae340 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 295001 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 604164096 | Size: 1025 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 606263984 | Size: 9218 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1]_S_04022013_02d1726.txt >>
RKreport[1]_S_04022013_02d1726.txt

#4 Příspěvek od **vyosek** » 02 dub 2013 16:34

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Smazat
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Peterovo · #5 Příspěvek od **Peterovo** » 02 dub 2013 17:04

opat pripajam logy:

AdwCleaner:
# AdwCleaner v2.115 - Log vytvorený 02/04/2013 o 17:36:54
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Uživatel : Peter - KASTEN-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Peter\Desktop\adwcleaner.exe
# Volba [Vymaza?]

***** [Služby] *****

***** [Súbory / Adresáre] *****

Adresár Vymazané : C:\ProgramData\ICQ\ICQToolbar

***** [Registre] *****

Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
K3úe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Vymazané : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v9.0.8112.16450

Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.icq.com/ --> hxxp://www.google.com
Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.43

Súbor : C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazané [l.55] : keyword = "icq.com",
Vymazané [l.59] : search_url = "hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd",

-\\ Opera v11.50.1074.0

Súbor : C:\Users\Peter\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [2529 octets] - [02/04/2013 17:18:50]
AdwCleaner[S1].txt - [2391 octets] - [02/04/2013 17:36:54]

########## EOF - C:\AdwCleaner[S1].txt - [2451 octets] ##########

RogueKiller:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spustené v : Normálny režim
Užívateľ : Peter [Práva Správcu]
Režim : Odebrať -- Dátum : 04/02/2013 17:55:36
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZANÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3252GSX +++++
--- User ---
[MBR] ff3e41409be30bbcb91977376d8a2880
[BSP] 0a4c6d6b5cab4f4ba27e7d4a246ae340 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 295001 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 604164096 | Size: 1025 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 606263984 | Size: 9218 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[3]_D_04022013_02d1755.txt >>
RKreport[1]_S_04022013_02d1726.txt ; RKreport[2]_S_04022013_02d1753.txt ; RKreport[3]_D_04022013_02d1755.txt

#6 Příspěvek od **vyosek** » 02 dub 2013 18:07

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Peterovo · #7 Příspěvek od **Peterovo** » 02 dub 2013 19:15

Dobry den, scan prebehol, avsak trval podstatne dlhsie ako ste napisali (priblizne 40 minut), pocas ktorych niekolkokrat prestal program pracovat.
Pripajam logy:

OTL.txt (1. cast)
OTL logfile created on: 2. 4. 2013 19:27:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,93 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 62,21% Memory free
6,07 Gb Paging File | 4,95 Gb Available in Paging File | 81,56% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,09 Gb Total Space | 140,58 Gb Free Space | 48,80% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,97 Gb Free Space | 21,87% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: KASTEN-PC | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/04/02 19:24:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
PRC - [2012/05/11 22:31:04 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/11 10:12:15 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2011/01/14 13:35:56 | 000,196,912 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
PRC - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010/08/12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Users\Peter\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
PRC - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008/05/08 02:34:10 | 000,238,984 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008/05/02 22:17:02 | 010,244,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
PRC - [2008/03/31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2008/01/16 18:56:50 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/11 09:58:35 | 005,450,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/11 09:55:54 | 007,953,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/11 09:55:28 | 011,492,352 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2008/01/16 18:51:00 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2004/09/08 14:45:58 | 000,368,128 | ---- | M] () -- C:\Program Files\Filzip\fzshext.dll

========== Services (SafeList) ==========

SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/11 10:12:15 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet)
SRV - [2011/01/14 13:35:56 | 000,196,912 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe -- (NitroReaderDriverReadSpool)
SRV - [2010/08/12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010/08/12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2008/05/21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008/05/21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Stopped] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008/04/18 15:54:02 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/04/08 14:12:50 | 001,112,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Peter\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/07/29 13:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010/07/29 13:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010/07/29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/07/29 13:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010/07/29 13:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/03/27 06:48:22 | 001,810,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008/05/14 02:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008/05/14 02:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008/05/14 02:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008/05/14 02:36:18 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008/04/14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008/04/07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008/04/07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/02/29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Peter\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Peter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Peter\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Peter\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/07 05:55:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/03/28 22:20:55 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: ICQ Search (Enabled)
CHR - default_search_provider: search_url = http://www.icq.com/search/results.php?q ... &ch_id=osd
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Peter\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Peter\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Peter\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Peter\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Peter\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Peter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Peter\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/08/05 18:58:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CognizanceTS] c:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF25708.3XE (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004..\Run: [Facebook Update] C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004..\Run: [Octoshape Streaming Services] C:\Users\Peter\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004..\RunOnce: [FlashPlayerUpdate] C:\windows\System32\Macromed\Flash\FlashUtil10u_Plugin.exe (Adobe Systems, Inc.)
O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E534A69-C9F9-4304-B4FA-5561F3A56E8A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (APSHook.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Peter\Documents\plocha.jpg
O24 - Desktop BackupWallPaper: C:\Users\Peter\Documents\plocha.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

Peterovo · #8 Příspěvek od **Peterovo** » 02 dub 2013 19:16

OTL.txt (II. cast)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.divxa32 - C:\windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/04/02 19:23:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2013/04/02 18:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/04/02 17:21:24 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\RK_Quarantine

========== Files - Modified Within 7 Days ==========

[2013/04/02 19:29:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/04/02 19:24:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2013/04/02 19:22:00 | 000,000,946 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2013/04/02 17:46:31 | 000,634,650 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/04/02 17:46:31 | 000,120,214 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/04/02 17:46:29 | 000,000,370 | ---- | M] () -- C:\windows\tasks\ReclaimerUpdateFiles_Peter.job
[2013/04/02 17:40:23 | 000,000,376 | ---- | M] () -- C:\windows\tasks\RNUpgradeHelperLogonPrompt_Peter.job
[2013/04/02 17:40:23 | 000,000,366 | ---- | M] () -- C:\windows\tasks\ReclaimerUpdateXML_Peter.job
[2013/04/02 17:40:03 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe
[2013/04/02 17:40:01 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll
[2013/04/02 17:39:58 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/02 17:39:58 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/02 17:39:50 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/04/02 17:39:13 | 3147,055,104 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/02 17:38:08 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat
[2013/04/02 17:25:36 | 000,002,042 | ---- | M] () -- C:\Users\Peter\Desktop\Google Chrome.lnk
[2013/04/02 17:22:18 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
[2013/04/02 17:16:18 | 000,609,993 | ---- | M] () -- C:\Users\Peter\Desktop\adwcleaner.exe
[2013/04/02 17:11:01 | 000,001,042 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2013/04/02 16:46:07 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll

========== Files Created - No Company Name ==========

[2013/04/02 19:29:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/04/02 17:40:22 | 000,000,376 | ---- | C] () -- C:\windows\tasks\RNUpgradeHelperLogonPrompt_Peter.job
[2013/04/02 17:40:19 | 000,000,370 | ---- | C] () -- C:\windows\tasks\ReclaimerUpdateFiles_Peter.job
[2013/04/02 17:40:18 | 000,000,366 | ---- | C] () -- C:\windows\tasks\ReclaimerUpdateXML_Peter.job
[2013/04/02 17:17:15 | 000,609,993 | ---- | C] () -- C:\Users\Peter\Desktop\adwcleaner.exe
[2013/04/02 16:45:57 | 3147,055,104 | -HS- | C] () -- C:\hiberfil.sys
[2012/09/09 22:05:00 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2012/08/05 18:37:38 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/01/01 02:06:00 | 000,000,371 | ---- | C] () -- C:\Users\Peter\Dokumenty - odkaz.lnk
[2010/02/06 23:48:18 | 000,001,356 | ---- | C] () -- C:\Users\Peter\AppData\Local\d3d9caps.dat
[2009/11/25 16:26:06 | 000,001,024 | ---- | C] () -- C:\ProgramData\txtpdf2.dll
[2009/09/11 12:33:05 | 000,023,580 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\UserTile.png
[2008/11/28 23:23:02 | 000,237,056 | ---- | C] () -- C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 14:51:16 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/12/12 12:31:03 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\ESET
[2010/01/30 12:16:04 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\ICQ
[2009/09/03 21:16:11 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\InterVideo
[2009/06/03 10:04:45 | 000,000,000 | ---D | M] -- C:\Users\Julinka\AppData\Roaming\Opera
[2009/12/16 21:04:56 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Canon
[2011/05/04 14:48:26 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Downloaded Installations
[2009/12/09 19:26:29 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\ESET
[2009/03/30 17:01:18 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\GHISLER
[2010/02/15 22:22:11 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\ICQ
[2008/11/24 20:29:21 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\InterVideo
[2011/05/16 12:49:14 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Nitro PDF
[2011/02/11 23:38:28 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Octoshape
[2009/06/03 10:00:05 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Opera
[2009/08/22 20:38:40 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Stykz
[2012/05/28 00:08:47 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006/11/02 14:58:10 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2006/11/02 14:58:10 | 000,032,566 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2010/08/10 21:47:45 | 000,000,894 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
[2010/08/10 21:47:46 | 000,000,946 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2012/04/23 23:01:29 | 000,001,020 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
[2012/04/23 23:01:30 | 000,001,042 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2012/09/10 00:23:49 | 000,000,314 | ---- | C] () -- C:\windows\Tasks\{EB21FAAA-AF25-429A-86DC-CED3C5053900}.job
[2013/04/02 17:40:18 | 000,000,366 | ---- | C] () -- C:\windows\Tasks\ReclaimerUpdateXML_Peter.job
[2013/04/02 17:40:19 | 000,000,370 | ---- | C] () -- C:\windows\Tasks\ReclaimerUpdateFiles_Peter.job
[2013/04/02 17:40:22 | 000,000,376 | ---- | C] () -- C:\windows\Tasks\RNUpgradeHelperLogonPrompt_Peter.job

< >

< MD5 for: ATAPI.SYS >
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/01/21 04:34:33 | 000,642,560 | ---- | M] () MD5=41D968409C9846B49BC5F20137C72241 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=F9096C255E1C96A4B9318E653BDECDFE -- C:\Windows\System32\autochk.exe
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=F9096C255E1C96A4B9318E653BDECDFE -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009/04/11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: SCECLI.DLL >
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008/01/21 04:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012/03/30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013/01/04 13:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\SoftwareDistribution\Download\21aaa0bb30e2030a238d82fc38c295f1\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013/01/04 13:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\SoftwareDistribution\Download\21aaa0bb30e2030a238d82fc38c295f1\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008/04/26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2008/08/06 05:04:56 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys
[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012/03/30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008/01/21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< >

< %systemroot%*.* /U /s >
[12 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[18 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[129 C:\windows\temp\*.tmp files -> C:\windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/03/30 13:56:50 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Adobe
[2010/06/14 23:54:41 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Apple Computer
[2009/12/16 21:04:56 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Canon
[2011/05/04 14:48:26 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Downloaded Installations
[2009/12/09 19:26:29 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\ESET
[2009/03/30 17:01:18 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\GHISLER
[2008/12/12 00:36:53 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\GRETECH
[2010/02/23 16:44:33 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\HPQLOG
[2010/02/15 22:22:11 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\ICQ
[2008/11/24 20:17:58 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Identities
[2008/11/24 20:09:03 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\InstallShield
[2011/11/14 02:31:34 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Intelli-studio
[2008/11/24 20:29:21 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\InterVideo
[2011/02/20 17:41:17 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Macromedia
[2011/10/02 08:09:26 | 000,000,000 | --SD | M] -- C:\Users\Peter\AppData\Roaming\Microsoft
[2009/11/21 22:28:17 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Mozilla
[2011/05/16 12:49:14 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Nitro PDF
[2011/02/11 23:38:28 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Octoshape
[2009/06/03 10:00:05 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Opera
[2012/09/25 22:23:34 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Real
[2012/05/11 22:33:40 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\RealNetworks
[2013/04/02 18:42:46 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Skype
[2012/09/11 00:30:10 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\skypePM
[2009/08/22 20:38:40 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Stykz
[2012/05/28 00:08:47 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2012/01/10 09:03:34 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2007/03/22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011/07/20 16:13:21 | 017,983,128 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\Intelli-studio\iUpdate.exe
[2009/01/08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Users\Peter\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[2012/09/25 22:23:49 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2013/04/02 16:51:11 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2013/04/02 16:51:11 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe
[2013/04/02 17:46:13 | 038,454,704 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\RealPlayer.exe
[2013/04/02 17:40:40 | 000,766,128 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_exe\RealPlayer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012/09/27 23:11:00 | 000,001,020 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
[2013/04/02 17:11:01 | 000,001,042 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2013/04/02 17:22:18 | 000,000,894 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
[2013/04/02 19:22:00 | 000,000,946 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2013/04/02 17:46:29 | 000,000,370 | ---- | M] () -- C:\windows\Tasks\ReclaimerUpdateFiles_Peter.job
[2013/04/02 17:40:23 | 000,000,366 | ---- | M] () -- C:\windows\Tasks\ReclaimerUpdateXML_Peter.job
[2013/04/02 17:40:23 | 000,000,376 | ---- | M] () -- C:\windows\Tasks\RNUpgradeHelperLogonPrompt_Peter.job
[2012/09/10 00:23:49 | 000,000,314 | ---- | M] () -- C:\windows\Tasks\{EB21FAAA-AF25-429A-86DC-CED3C5053900}.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008/05/14 02:36:18 | 000,108,752 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\SafeBoot.sys

< %systemroot%\System32\config\*.sav >
[2008/01/21 05:31:11 | 015,716,352 | ---- | M] () -- C:\windows\System32\config\COMPONENTS.SAV
[2008/01/21 05:31:01 | 000,102,400 | ---- | M] () -- C:\windows\System32\config\DEFAULT.SAV
[2008/01/21 05:31:12 | 000,020,480 | ---- | M] () -- C:\windows\System32\config\SECURITY.SAV
[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\windows\System32\config\SOFTWARE.SAV
[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/04/02 19:43:31 | 000,003,216 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/02 19:43:31 | 000,003,216 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/02 17:46:31 | 000,120,214 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2013/04/02 17:46:31 | 000,634,650 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2013/04/02 17:46:30 | 000,759,698 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI
[2013/04/02 17:40:01 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\system32\rpcnet.dll
[2013/04/02 16:46:07 | 000,017,408 | ---- | M] () -- C:\windows\system32\rpcnetp.dll
[2013/04/02 17:40:03 | 000,017,408 | ---- | M] () -- C:\windows\system32\rpcnetp.exe

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009/04/11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2008/03/18 02:59:40 | 002,289,664 | ---- | M] (Hewlett-Packard Company)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012/07/13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)
"Octoshape Streaming Services" = "C:\Users\Peter\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun -- [2009/01/08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS)
"Facebook Update" = "C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2012/07/11 23:06:21 | 000,138,096 | ---- | M] (Facebook Inc.)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008/01/21 04:35:20 | 000,202,240 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010/08/10 21:47:40 | 000,136,176 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/08/24 09:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2011/07/23 17:03:29 | 000,947,056 | ---- | M] (Opera Software) MD5=1BE8F8E2758C352280990A170DDD696D -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/04/02 19:29:40 | 000,000,512 | ---- | M] () MD5=FF3E41409BE30BBCB91977376D8A2880 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008/09/08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files\Image-Line\Hardcore\Presets\I cracked my Tube!.hdprg
[2011/06/03 00:53:04 | 004,050,007 | ---- | M] () -- \Users\Peter\Downloads\1_mente_maravillosa\05 CRACKING THE RUSSIANS CODE.mp3
[2009/08/26 15:40:52 | 002,104,554 | ---- | M] () -- \Users\Peter\Downloads\The Invisible - Score - 2007\23. Mom Cracks.mp3
[2007/11/14 21:22:00 | 002,451,456 | ---- | M] () -- \Users\Peter\Music\Soundtracky\Randy Edelman - Balls of Fury (Original Motion Picture Score)\13 Cracking The Ice.mp3
[2007/11/14 21:22:00 | 002,451,456 | ---- | M] () -- \Users\Peter\Music\Soundtracky\Randy Edelman -Balls of Furry (Original Motion Picture Score)\13 Cracking The Ice.mp3

< *keygen* /s >

< *loader* /s >
[2008/04/08 11:47:54 | 000,053,511 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Generic\Images\themeloader_default_chapter.jpg
[2008/04/08 11:47:54 | 000,053,511 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Generic\Images\themeloader_default_menu.jpg
[2008/04/17 18:29:48 | 000,007,307 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1025\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:48 | 000,007,270 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1028\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:50 | 000,007,610 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1029\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:52 | 000,007,281 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1030\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:54 | 000,007,323 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1031\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:56 | 000,007,778 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1032\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:56 | 000,007,283 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1033\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:58 | 000,007,410 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1035\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:00 | 000,007,262 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1036\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:02 | 000,007,307 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1037\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:04 | 000,007,409 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1038\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:04 | 000,007,305 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1040\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:06 | 000,007,846 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1041\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:08 | 000,007,427 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1042\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:10 | 000,007,400 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1043\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:10 | 000,007,329 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1044\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:12 | 000,007,397 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1045\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:14 | 000,007,525 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1046\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:16 | 000,007,914 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1049\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:16 | 000,007,290 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1053\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:18 | 000,007,474 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\1055\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:20 | 000,007,227 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\2052\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:22 | 000,007,584 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\2070\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:22 | 000,007,654 | R--- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\Common Resources\Shared\Locale\3082\Strings\RCMFormatLoaderStrings.xml
[2008/04/08 14:11:52 | 000,215,536 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFileLoader.dll
[2008/04/08 14:11:54 | 000,084,464 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderBMP.dll
[2008/04/08 14:11:56 | 000,072,176 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderECDC.dll
[2008/04/08 14:11:58 | 000,092,656 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderGIF.dll
[2008/04/08 14:12:00 | 000,207,344 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderJPG2.dll
[2008/04/08 14:13:14 | 000,072,176 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderMDC.dll
[2008/04/08 14:12:02 | 000,133,616 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderPNG.dll
[2008/04/08 14:12:04 | 000,104,944 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderTIFF.dll
[2008/04/08 14:12:42 | 000,154,096 | ---- | M] () -- \Program Files\Common Files\Roxio Shared\10.0\SharedCOM\LeResourceLoader.dll
[2008/03/31 20:10:30 | 000,141,808 | ---- | M] () -- \Program Files\Roxio\VideoCore 10\VOBLoader.ax
[2008/04/01 21:01:32 | 000,170,480 | ---- | M] () -- \Program Files\Roxio\VideoUI 10\DSThemeLoader.dll
[2008/04/01 21:01:50 | 000,113,136 | ---- | M] () -- \Program Files\Roxio\VideoUI 10\DVDFormatLoaderPlugIn.dll
[2008/04/01 20:26:34 | 000,053,511 | R--- | M] () -- \Program Files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_default_chapter.jpg
[2008/04/01 20:26:34 | 000,053,511 | R--- | M] () -- \Program Files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_default_menu.jpg
[2008/04/01 20:26:34 | 000,040,000 | R--- | M] () -- \Program Files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_hourglass.jpg
[2012/05/11 22:31:34 | 000,012,512 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012/05/11 22:31:34 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012/06/18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/06/18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2008/04/08 11:47:54 | 000,053,511 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Generic\Images\themeloader_default_chapter.jpg
[2008/04/08 11:47:54 | 000,053,511 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Generic\Images\themeloader_default_menu.jpg
[2008/04/17 18:29:48 | 000,007,307 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1025\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:48 | 000,007,270 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1028\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:50 | 000,007,610 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1029\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:52 | 000,007,281 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1030\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:54 | 000,007,323 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1031\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:56 | 000,007,778 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1032\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:56 | 000,007,283 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1033\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:29:58 | 000,007,410 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1035\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:00 | 000,007,262 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1036\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:02 | 000,007,307 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1037\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:04 | 000,007,409 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1038\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:04 | 000,007,305 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1040\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:06 | 000,007,846 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1041\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:08 | 000,007,427 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1042\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:10 | 000,007,400 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1043\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:10 | 000,007,329 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1044\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:12 | 000,007,397 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1045\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:14 | 000,007,525 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1046\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:16 | 000,007,914 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1049\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:16 | 000,007,290 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1053\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:18 | 000,007,474 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\1055\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:20 | 000,007,227 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\2052\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:22 | 000,007,584 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\2070\Strings\RCMFormatLoaderStrings.xml
[2008/04/17 18:30:22 | 000,007,654 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\Common Resources\Shared\Locale\3082\Strings\RCMFormatLoaderStrings.xml
[2008/04/08 14:11:52 | 000,215,536 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFileLoader.dll
[2008/04/08 14:11:54 | 000,084,464 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderBMP.dll
[2008/04/08 14:11:56 | 000,072,176 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderECDC.dll
[2008/04/08 14:11:58 | 000,092,656 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderGIF.dll
[2008/04/08 14:12:00 | 000,207,344 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderJPG2.dll
[2008/04/08 14:13:14 | 000,072,176 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderMDC.dll
[2008/04/08 14:12:02 | 000,133,616 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderPNG.dll
[2008/04/08 14:12:04 | 000,104,944 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\CPSFormatLoaderTIFF.dll
[2008/04/08 14:12:42 | 000,154,096 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\Common\Roxio Shared\10.0\SharedCOM\LeResourceLoader.dll
[2008/03/31 20:10:30 | 000,141,808 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\program files\Roxio\VideoCore 10\VOBLoader.ax
[2008/04/01 21:01:32 | 000,170,480 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\program files\Roxio\VideoUI 10\DSThemeLoader.dll
[2008/04/01 21:01:50 | 000,113,136 | ---- | M] () -- \Swsetup\Roxio\EMC_HP_101\program files\Roxio\VideoUI 10\DVDFormatLoaderPlugIn.dll
[2008/04/01 20:26:34 | 000,053,511 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\program files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_default_chapter.jpg
[2008/04/01 20:26:34 | 000,053,511 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\program files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_default_menu.jpg
[2008/04/01 20:26:34 | 000,040,000 | R--- | M] () -- \Swsetup\Roxio\EMC_HP_101\program files\Roxio\VideoUI 10\Skins\Default\Generic\Images\themeloader_hourglass.jpg
[2012/05/11 22:31:34 | 000,012,512 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012/05/11 22:31:34 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012/06/18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/06/18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/08/07 00:13:44 | 000,000,121 | ---- | M] () -- \Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\R998DJJY\se-tv4.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2012/01/30 20:50:58 | 000,001,456 | ---- | M] () -- \Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9GP2MOOY\ajax-loader[1].gif
[2012/01/31 00:40:55 | 000,004,241 | ---- | M] () -- \Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NY8Y3Y3C\uploaderapi2[1].swf
[2012/05/29 15:35:59 | 000,000,121 | ---- | M] () -- \Users\Peter\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DL2FQ42M\se-aftonbladet.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2012/02/07 23:17:58 | 000,000,121 | ---- | M] () -- \Users\Peter\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DL2FQ42M\se-tv4.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2008/11/27 22:44:27 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008/01/21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008/01/21 04:36:41 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/01/21 04:36:41 | 000,026,112 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winload.exe.mui_3bc5b827
[2008/01/21 04:36:41 | 000,019,456 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673_winresume.exe.mui_ff8b5358
[2010/02/21 18:59:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2010/02/21 18:59:10 | 000,986,600 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winload.exe_75835076
[2010/02/21 18:59:13 | 000,926,184 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94_winresume.exe_85cd1215
[2008/01/21 04:36:35 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 04:36:35 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008/02/29 09:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008/02/29 09:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008/02/29 12:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008/02/29 12:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008/02/29 12:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008/02/29 10:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008/02/29 12:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008/02/29 09:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008/02/29 09:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008/02/29 11:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008/02/29 12:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008/02/29 12:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008/02/29 09:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008/02/29 11:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008/01/21 04:30:37 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_en-us_7698ba05e403d673.manifest
[2008/02/29 09:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008/02/29 09:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008/01/21 04:29:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008/02/29 10:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008/02/29 09:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009/04/11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006/11/02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008/01/21 04:27:10 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008/01/21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008/01/21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll

< End of report >

Peterovo · #9 Příspěvek od **Peterovo** » 02 dub 2013 19:17

Extras.txt

OTL Extras logfile created on: 2. 4. 2013 19:27:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,93 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 62,21% Memory free
6,07 Gb Paging File | 4,95 Gb Available in Paging File | 81,56% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,09 Gb Total Space | 140,58 Gb Free Space | 48,80% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,97 Gb Free Space | 21,87% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: KASTEN-PC | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{57B9CED6-00FE-4548-973A-29A364CB0362}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7288B730-E6D6-4F2F-A199-BF4DB0A7AA93}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1357FF31-4A37-439E-9415-5337A7CC3FD5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1AC689A4-BC47-4F3C-A447-D426BDB09BD3}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{478BBD26-2204-457C-99BA-1C162106D041}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{48550C10-C9AC-4038-AB7F-4FD26DF295AA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{5DE04A0E-0B75-427D-B835-0DB0AE4FC73D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66450FF0-8DC7-4709-BE99-AFABEC54F530}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8E6E778F-D741-449C-8D1F-94710E10C6DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{918155B4-8B3F-4BC0-86D8-7DCED2BCA427}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A2433E68-78B7-47D7-A3F2-F239646785CD}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{AC33F663-9E63-4FFB-84E0-D61D05D7ABF6}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{B4850E37-605D-4DF1-9B92-C7C76BA4F949}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C57C5468-BEF7-40D7-86B8-951CEDEF881E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{CC21BC86-5C01-4828-B795-6051267791A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD6A2A47-4E31-48D1-8BAB-0016F57F651E}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{F2870CAB-6602-43FF-8AE1-46222D14CC79}" = dir=in | app=c:\users\peter\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{FF723C6B-57B8-4965-870F-CBFC4C07C511}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"TCP Query User{44018F07-A053-4CA4-8729-01B4800FDC79}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{802D7417-D781-42F1-A1D5-45605B769776}C:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{FC5C5724-B29D-405E-8069-72BC56290D55}C:\users\peter\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\peter\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{05900E9B-B93E-4CFC-842B-081B6296CD69}C:\users\peter\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\peter\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{79EEADBF-740F-4D37-8B80-E1DE88171B02}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C38D3BC0-968B-4D2B-99BC-45E14733E71B}C:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002585F5-F2C2-4D7F-95D6-8018CDEB5EBD}" = Nitro PDF Reader
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0F98662A-EA83-414F-8766-3FCE46A32641}" = Credential Manager for HP ProtectTools
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series" = Canon MP240 series MP Drivers
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{207A8D54-51C9-48B6-80E6-CBA5403B3ED4}" = Vista Default Settings
"{2086797F-A4BA-4CD3-8104-09B8D39DA5D8}" = HP JavaCard for HP ProtectTools
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{44A69352-33DD-405E-ADB8-2D768643BBAE}_is1" = AnyBizSoft PDF to Word (Build 2.5.0.0)
"{4C203E35-B5C7-4E35-9834-619668C0FFEE}" = HP 3D DriveGuard
"{50EF1CF9-7BDD-49A2-953B-0B78C49B99F5}" = STORMWARE POHODA SK Start
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5AF8E290-3618-4263-B47D-68AEE9DE496D}" = STORMWARE POHODA SK Start
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FA0A6B4-6B0D-44F3-AD73-75EA730B5851}" = CLAN
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_HOMESTUDENTR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_HOMESTUDENTR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91E3041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{926F4D5F-C8FC-4FB7-8E09-BCB8A997D1C7}" = HP ProtectTools Security Manager
"{9826FB84-BE39-4864-ABB1-45B8F04F3098}" = OMEGA
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9DBD8BEE-B3EC-4D82-A81C-0F6250176DCC}" = Drive Encryption for HP ProtectTools
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9E693203-C3D6-4FCE-A2C0-AE819887BD3F}" = ESET Smart Security
"{A1410161-F615-4B91-A019-FA33833EF00D}" = BIOS Configuration for HP ProtectTools
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D3162DFC-7CA1-47A9-AA00-15BE80E3B1F8}" = 602XML Filler
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE132ABE-5452-4442-9AEC-2F65CFA8CC85}" = STORMWARE POHODA SK Start
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AOL Toolbar" = AOL Toolbar 5.0
"Applian FLV Player2.0.24" = Applian FLV Player
"ASIO4ALL" = ASIO4ALL
"Canon MP240 series User Registration" = Canon MP240 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Filzip 3.0.4.66_is1" = Filzip 3.04
"GOM Player" = GOM Player
"Hardcore" = Hardcore
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"hp print screen utility" = hp print screen utility
"IL Download Manager" = IL Download Manager
"JAR2EXE Converter_is1" = JAR2EXE Converter 1.0
"LastFM_is1" = Last.fm 1.5.4.27091
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Opera 11.50.1074" = Opera 11.50
"PDF Complete" = PDF Complete
"PoiZone" = PoiZone
"PSPad editor_is1" = PSPad editor
"RealPlayer 15.0" = RealPlayer
"Sakura" = Sakura
"Sawer" = Sawer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"TweakMP9" = Windows Media Player 9 Series TweakMP PowerToy
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape Streaming Services" = Octoshape Streaming Services

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2. 4. 2013 11:42:19 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia IAAnotif.exe, verzia 8.0.0.1039, časová značka 0x48054ce8,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x58c, čas spustenia
aplikácie 0x01ce2fb8a0b76ceb.

Error - 2. 4. 2013 11:42:19 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia CNSLMAIN.EXE, verzia 1.2.0.0, časová značka 0x47d108c4,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0xeec, čas spustenia
aplikácie 0x01ce2fb8a3ed14ab.

Error - 2. 4. 2013 11:42:30 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia HpqToaster.exe, verzia 1.10.1.6, časová značka 0x47ff6ba6,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0xef4, čas spustenia
aplikácie 0x01ce2fb8af4a718b.

Error - 2. 4. 2013 11:42:33 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia WiFiMsg.EXE, verzia 3.0.4.1, časová značka 0x45a2af2d,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x884, čas spustenia
aplikácie 0x01ce2fb8abccfafb.

Error - 2. 4. 2013 11:42:35 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia LightScribeControlPanel.exe, verzia 1.12.37.1, časová
značka 0x47df13fa, chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka
0x4ec3e3d5, kód výnimky 0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu
0xaf8, čas spustenia aplikácie 0x01ce2fb8a586812b.

Error - 2. 4. 2013 11:42:39 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia QlbPresOV.exe, verzia 6.4.5.1, časová značka 0x482a0518,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0xd5c, čas spustenia
aplikácie 0x01ce2fb8b223d04b.

Error - 2. 4. 2013 12:15:26 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x59c, čas spustenia
aplikácie 0x01ce2fbd4955ba6b.

Error - 2. 4. 2013 12:16:00 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x16fc, čas spustenia
aplikácie 0x01ce2fbd5dc3115b.

Error - 2. 4. 2013 12:25:45 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x134, čas spustenia
aplikácie 0x01ce2fbeba09b2bb.

Error - 2. 4. 2013 12:26:18 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x13b4, čas spustenia
aplikácie 0x01ce2fbecd9ed21b.

[ Credential Manager Events ]
Error - 24. 7. 2012 0:07:56 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 24. 7. 2012 0:07:56 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 12. 8. 2012 13:49:09 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 12. 8. 2012 13:49:09 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 16. 8. 2012 4:30:06 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 16. 8. 2012 4:30:06 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 4. 9. 2012 11:13:07 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 4. 9. 2012 11:13:07 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 14. 10. 2012 16:30:59 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 14. 10. 2012 16:30:59 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

[ OSession Events ]
Error - 25. 1. 2011 2:52:57 | Computer Name = Kasten-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 25. 1. 2011 2:53:29 | Computer Name = Kasten-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20070
Description = Point to Point Protocol engine was unable to load the C:\windows\System32\rastls.dll
module. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\windows\System32\rasppp.dll
returned an error while initializing. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20070
Description = Point to Point Protocol engine was unable to load the C:\windows\System32\rastls.dll
module. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\windows\System32\rasppp.dll
returned an error while initializing. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:44:48 | Computer Name = Kasten-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

< End of report >

Peterovo · #10 Příspěvek od **Peterovo** » 02 dub 2013 19:18

Extras.txt

OTL Extras logfile created on: 2. 4. 2013 19:27:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,93 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 62,21% Memory free
6,07 Gb Paging File | 4,95 Gb Available in Paging File | 81,56% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,09 Gb Total Space | 140,58 Gb Free Space | 48,80% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,97 Gb Free Space | 21,87% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: KASTEN-PC | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{57B9CED6-00FE-4548-973A-29A364CB0362}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7288B730-E6D6-4F2F-A199-BF4DB0A7AA93}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1357FF31-4A37-439E-9415-5337A7CC3FD5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1AC689A4-BC47-4F3C-A447-D426BDB09BD3}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{478BBD26-2204-457C-99BA-1C162106D041}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{48550C10-C9AC-4038-AB7F-4FD26DF295AA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{5DE04A0E-0B75-427D-B835-0DB0AE4FC73D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66450FF0-8DC7-4709-BE99-AFABEC54F530}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8E6E778F-D741-449C-8D1F-94710E10C6DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{918155B4-8B3F-4BC0-86D8-7DCED2BCA427}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A2433E68-78B7-47D7-A3F2-F239646785CD}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{AC33F663-9E63-4FFB-84E0-D61D05D7ABF6}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{B4850E37-605D-4DF1-9B92-C7C76BA4F949}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C57C5468-BEF7-40D7-86B8-951CEDEF881E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{CC21BC86-5C01-4828-B795-6051267791A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD6A2A47-4E31-48D1-8BAB-0016F57F651E}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{F2870CAB-6602-43FF-8AE1-46222D14CC79}" = dir=in | app=c:\users\peter\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{FF723C6B-57B8-4965-870F-CBFC4C07C511}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"TCP Query User{44018F07-A053-4CA4-8729-01B4800FDC79}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{802D7417-D781-42F1-A1D5-45605B769776}C:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{FC5C5724-B29D-405E-8069-72BC56290D55}C:\users\peter\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\peter\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{05900E9B-B93E-4CFC-842B-081B6296CD69}C:\users\peter\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\peter\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{79EEADBF-740F-4D37-8B80-E1DE88171B02}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C38D3BC0-968B-4D2B-99BC-45E14733E71B}C:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\peter\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002585F5-F2C2-4D7F-95D6-8018CDEB5EBD}" = Nitro PDF Reader
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0F98662A-EA83-414F-8766-3FCE46A32641}" = Credential Manager for HP ProtectTools
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series" = Canon MP240 series MP Drivers
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{207A8D54-51C9-48B6-80E6-CBA5403B3ED4}" = Vista Default Settings
"{2086797F-A4BA-4CD3-8104-09B8D39DA5D8}" = HP JavaCard for HP ProtectTools
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{44A69352-33DD-405E-ADB8-2D768643BBAE}_is1" = AnyBizSoft PDF to Word (Build 2.5.0.0)
"{4C203E35-B5C7-4E35-9834-619668C0FFEE}" = HP 3D DriveGuard
"{50EF1CF9-7BDD-49A2-953B-0B78C49B99F5}" = STORMWARE POHODA SK Start
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5AF8E290-3618-4263-B47D-68AEE9DE496D}" = STORMWARE POHODA SK Start
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FA0A6B4-6B0D-44F3-AD73-75EA730B5851}" = CLAN
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_HOMESTUDENTR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_HOMESTUDENTR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_HOMESTUDENTR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91E3041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{926F4D5F-C8FC-4FB7-8E09-BCB8A997D1C7}" = HP ProtectTools Security Manager
"{9826FB84-BE39-4864-ABB1-45B8F04F3098}" = OMEGA
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9DBD8BEE-B3EC-4D82-A81C-0F6250176DCC}" = Drive Encryption for HP ProtectTools
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9E693203-C3D6-4FCE-A2C0-AE819887BD3F}" = ESET Smart Security
"{A1410161-F615-4B91-A019-FA33833EF00D}" = BIOS Configuration for HP ProtectTools
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B79DB290-9F72-4B20-9776-848D7832705B}" = HP User Guides 0108
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D3162DFC-7CA1-47A9-AA00-15BE80E3B1F8}" = 602XML Filler
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE132ABE-5452-4442-9AEC-2F65CFA8CC85}" = STORMWARE POHODA SK Start
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AOL Toolbar" = AOL Toolbar 5.0
"Applian FLV Player2.0.24" = Applian FLV Player
"ASIO4ALL" = ASIO4ALL
"Canon MP240 series User Registration" = Canon MP240 series User Registration
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Filzip 3.0.4.66_is1" = Filzip 3.04
"GOM Player" = GOM Player
"Hardcore" = Hardcore
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"hp print screen utility" = hp print screen utility
"IL Download Manager" = IL Download Manager
"JAR2EXE Converter_is1" = JAR2EXE Converter 1.0
"LastFM_is1" = Last.fm 1.5.4.27091
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Opera 11.50.1074" = Opera 11.50
"PDF Complete" = PDF Complete
"PoiZone" = PoiZone
"PSPad editor_is1" = PSPad editor
"RealPlayer 15.0" = RealPlayer
"Sakura" = Sakura
"Sawer" = Sawer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"TweakMP9" = Windows Media Player 9 Series TweakMP PowerToy
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape Streaming Services" = Octoshape Streaming Services

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2. 4. 2013 11:42:19 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia IAAnotif.exe, verzia 8.0.0.1039, časová značka 0x48054ce8,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x58c, čas spustenia
aplikácie 0x01ce2fb8a0b76ceb.

Error - 2. 4. 2013 11:42:19 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia CNSLMAIN.EXE, verzia 1.2.0.0, časová značka 0x47d108c4,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0xeec, čas spustenia
aplikácie 0x01ce2fb8a3ed14ab.

Error - 2. 4. 2013 11:42:30 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia HpqToaster.exe, verzia 1.10.1.6, časová značka 0x47ff6ba6,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0xef4, čas spustenia
aplikácie 0x01ce2fb8af4a718b.

Error - 2. 4. 2013 11:42:33 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia WiFiMsg.EXE, verzia 3.0.4.1, časová značka 0x45a2af2d,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x884, čas spustenia
aplikácie 0x01ce2fb8abccfafb.

Error - 2. 4. 2013 11:42:35 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia LightScribeControlPanel.exe, verzia 1.12.37.1, časová
značka 0x47df13fa, chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka
0x4ec3e3d5, kód výnimky 0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu
0xaf8, čas spustenia aplikácie 0x01ce2fb8a586812b.

Error - 2. 4. 2013 11:42:39 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia QlbPresOV.exe, verzia 6.4.5.1, časová značka 0x482a0518,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0xd5c, čas spustenia
aplikácie 0x01ce2fb8b223d04b.

Error - 2. 4. 2013 12:15:26 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x59c, čas spustenia
aplikácie 0x01ce2fbd4955ba6b.

Error - 2. 4. 2013 12:16:00 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x16fc, čas spustenia
aplikácie 0x01ce2fbd5dc3115b.

Error - 2. 4. 2013 12:25:45 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x134, čas spustenia
aplikácie 0x01ce2fbeba09b2bb.

Error - 2. 4. 2013 12:26:18 | Computer Name = Kasten-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia PTServs.exe, verzia 4.0.1.23, časová značka 0x48222ceb,
chybový modul ntdll.dll, verzia 6.0.6002.18541, časová značka 0x4ec3e3d5, kód výnimky
0xc0000135, odstup chyby 0x00009f5d, identifikácia procesu 0x13b4, čas spustenia
aplikácie 0x01ce2fbecd9ed21b.

[ Credential Manager Events ]
Error - 24. 7. 2012 0:07:56 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 24. 7. 2012 0:07:56 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 12. 8. 2012 13:49:09 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 12. 8. 2012 13:49:09 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 16. 8. 2012 4:30:06 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 16. 8. 2012 4:30:06 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 4. 9. 2012 11:13:07 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 4. 9. 2012 11:13:07 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 14. 10. 2012 16:30:59 | Computer Name = Kasten-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. User:
Peter@KASTEN-PC Client GUID: {Password} Error: 0xC516020B Client Host: localhost Client
Address: 127.0.0.1 Authority: HP Server Host: localhost Protocol: HTTP

Error - 14. 10. 2012 16:30:59 | Computer Name = Kasten-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Peter@KASTEN-PC Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

[ OSession Events ]
Error - 25. 1. 2011 2:52:57 | Computer Name = Kasten-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 25. 1. 2011 2:53:29 | Computer Name = Kasten-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20070
Description = Point to Point Protocol engine was unable to load the C:\windows\System32\rastls.dll
module. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\windows\System32\rasppp.dll
returned an error while initializing. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:07 | Computer Name = Kasten-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20070
Description = Point to Point Protocol engine was unable to load the C:\windows\System32\rastls.dll
module. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\windows\System32\rasppp.dll
returned an error while initializing. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:43:08 | Computer Name = Kasten-PC | Source = RasMan | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. Zadaný modul sa nepodarilo nájsť.

Error - 2. 4. 2013 11:44:48 | Computer Name = Kasten-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

< End of report >

#11 Příspěvek od **vyosek** » 03 dub 2013 10:56

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Peter\AppData\Local\Temp\catchme.sys -- (catchme)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
CHR - default_search_provider: ICQ Search (Enabled)
CHR - default_search_provider: search_url = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
CHR - default_search_provider: suggest_url = 
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF25708.3XE (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O20 - AppInit_DLLs: (APSHook.dll) - File not found
[12 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[18 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[2012/09/25 22:23:49 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2013/04/02 16:51:11 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2013/04/02 16:51:11 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe
[2013/04/02 17:46:13 | 038,454,704 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\RealPlayer.exe
[2013/04/02 17:40:40 | 000,766,128 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_exe\RealPlayer.exe
[2012/09/27 23:11:00 | 000,001,020 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
[2013/04/02 17:11:01 | 000,001,042 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2013/04/02 17:22:18 | 000,000,894 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job
[2013/04/02 19:22:00 | 000,000,946 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job
[2013/04/02 17:46:29 | 000,000,370 | ---- | M] () -- C:\windows\Tasks\ReclaimerUpdateFiles_Peter.job
[2013/04/02 17:40:23 | 000,000,366 | ---- | M] () -- C:\windows\Tasks\ReclaimerUpdateXML_Peter.job
[2013/04/02 17:40:23 | 000,000,376 | ---- | M] () -- C:\windows\Tasks\RNUpgradeHelperLogonPrompt_Peter.job
[2012/09/10 00:23:49 | 000,000,314 | ---- | M] () -- C:\windows\Tasks\{EB21FAAA-AF25-429A-86DC-CED3C5053900}.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=-
"SunJavaUpdateSched"=-
"WatchDog"=-
"QuickTime Task"=-
"TkBellExe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"Octoshape Streaming Services"=-
"Facebook Update"=-
"WMPNSCFG"=-
"Google Update"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Peterovo · #12 Příspěvek od **Peterovo** » 03 dub 2013 14:59

Oprava sa dokoncila az na druhykrat. Prvykrat prestal program pracovat a pocitac som musel restartovat. Mam pocit, ze je tento stroj neopravitelny.

Pripajam log:
All processes killed
========== OTL ==========
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
File system32\DRIVERS\nwlnkfwd.sys not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
File system32\DRIVERS\nwlnkflt.sys not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
File system32\DRIVERS\ipinip.sys not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\Peter\AppData\Local\Temp\catchme.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-3103264409-3359254807-3729087245-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3103264409-3359254807-3729087245-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix not found.
File C:\ComboFix\CF25708.3XE not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\flags not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:APSHook.dll deleted successfully.
File/Folder C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
C:\windows\Installer\MSI51.tmp deleted successfully.
File C:\Users\Peter\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe not found.
File C:\Users\Peter\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe not found.
File C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe not found.
File C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\RealPlayer.exe not found.
File C:\Users\Peter\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_exe\RealPlayer.exe not found.
File C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job not found.
File C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job not found.
File C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004Core.job not found.
File C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103264409-3359254807-3729087245-1004UA.job not found.
File C:\windows\Tasks\ReclaimerUpdateFiles_Peter.job not found.
File C:\windows\Tasks\ReclaimerUpdateXML_Peter.job not found.
File C:\windows\Tasks\RNUpgradeHelperLogonPrompt_Peter.job not found.
File C:\windows\Tasks\{EB21FAAA-AF25-429A-86DC-CED3C5053900}.job not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PDF Complete not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WatchDog not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Octoshape Streaming Services not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Julinka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1941 bytes

User: Peter
->Temp folder emptied: 337076652 bytes
->Temporary Internet Files folder emptied: 119411023 bytes
->Java cache emptied: 44404474 bytes
->Google Chrome cache emptied: 6841432 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 86355 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6924642190 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 22739360 bytes

Total Files Cleaned = 7 110,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Julinka
->Flash cache emptied: 0 bytes

User: Peter
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Julinka
->Java cache emptied: 0 bytes

User: Peter
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 04032013_154919

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 03 dub 2013 15:01

Stahnete Service Repair http://kb.eset.com/library/ESET/KB%20Te ... Repair.exe

Ulozte nejlepe na Plochu
Spustte a potvrdte Yes abyste potvrdil reinstalaci sluzeb
Nasledne kliknutim na Yes potvrdte restart PC
Na Plose vznikne slozka CC Support, najdete tam log SvcRepair.txt - mel by byt CC Support\Logs\SvcRepair.txt - vlozte mi jej sem

Peterovo · #14 Příspěvek od **Peterovo** » 03 dub 2013 15:15

Neviem, ci udalost/proces prebehol. Program prestal znovu pracovat.

Pripajam log:
Log Opened: 2013-04-03 @ 16:06:02
16:06:02 - -----------------
16:06:02 - | Begin Logging |
16:06:02 - -----------------
16:06:02 - Fix started on a WIN_VISTA X86 computer
16:06:02 - Prep in progress. Please Wait.
16:06:04 - Prep complete
16:06:04 - Repairing Services Now. Please wait...
16:06:41 - Services Repair Complete.
16:06:45 - Reboot Initiated

#15 Příspěvek od **vyosek** » 03 dub 2013 20:14

Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe

Ulozte nejlepe na Plochu
U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
Kliknete na Scan
Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

VIRY.CZ

virus - hlasenie program prestal pracovat

virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat

Re: virus - hlasenie program prestal pracovat