preventivka

Zpráva

goolman11 · #16 Příspěvek od **goolman11** » 02 zář 2013 23:40

RogueKiller V8.6.8 [Sep 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Normálny režim
Užívateľ : Klacka 2 [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 09/03/2013 00:40:26
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[0]_H_09032013_004026.txt >>
RKreport[0]_D_09032013_002410.txt;RKreport[0]_D_09032013_003921.txt;RKreport[0]_S_09022013_110514.txt
RKreport[0]_S_09032013_002534.txt

#17 Příspěvek od **Márty84** » 03 zář 2013 03:32

Dejte novy log z RSIT

goolman11 · #18 Příspěvek od **goolman11** » 03 zář 2013 10:27

Logfile of random's system information tool 1.09 (written by random/random)
Run by Klacka 2 at 2013-09-03 11:26:39
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 64 GB (64%) free of 100 GB
Total RAM: 3067 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:43, on 3. 9. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Genius\ioCentre4D\gBTMouseTask.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Genius\ioCentre4D\gBTAutoScroll.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Klacka 2\My Documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Klacka 2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: FBLayouts Plugin - {FF4E1D1D-705B-4379-AB33-22D98C1ABF55} - C:\Program Files\FBLayouts\fblayouts.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BTCentre] C:\Genius\ioCentre4D\gBTMouseTask.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5839 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-18.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-18.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1006.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1007.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1007.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-07-03 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF4E1D1D-705B-4379-AB33-22D98C1ABF55}]
FBLayouts Plugin - C:\Program Files\FBLayouts\fblayouts.dll [2010-06-15 98816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-11 13594624]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-11 86016]
"BTCentre"=C:\Genius\ioCentre4D\gBTMouseTask.exe [2008-05-13 483328]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-07-18 995184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-07-25 20684656]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-09-02 07:35:32 ----D---- C:\AdwCleaner
2013-09-01 09:37:03 ----D---- C:\Documents and Settings\Klacka 2\Application Data\Malwarebytes
2013-09-01 09:36:38 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-08-30 15:21:42 ----A---- C:\WINDOWS\system32\muweb.dll
2013-08-30 15:21:42 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-08-30 14:22:07 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-08-30 14:18:47 ----D---- C:\Program Files\Microsoft Security Client
2013-08-30 14:04:39 ----D---- C:\Program Files\trend micro
2013-08-30 14:04:38 ----D---- C:\rsit
2013-08-30 13:36:23 ----A---- C:\Documents and Settings\Klacka 2\Application Data\burnaware.ini
2013-08-30 13:29:45 ----D---- C:\WINDOWS\pss
2013-08-29 17:28:27 ----D---- C:\Program Files\CCleaner
2013-08-28 23:15:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
2013-08-19 18:34:42 ----D---- C:\WINDOWS\system32\MRT
2013-08-19 18:34:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2862772$
2013-08-19 18:33:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-08-19 18:33:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-08-19 18:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-08-19 18:32:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$
2013-08-17 22:50:35 ----D---- C:\Documents and Settings\Klacka 2\Application Data\Skype
2013-08-17 22:50:14 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2013-09-03 11:25:41 ----D---- C:\WINDOWS\system32
2013-09-03 11:24:44 ----D---- C:\WINDOWS\Prefetch
2013-09-03 00:25:32 ----D---- C:\WINDOWS\system32\drivers
2013-09-03 00:24:10 ----SD---- C:\WINDOWS\Tasks
2013-09-02 21:17:49 ----D---- C:\WINDOWS\Temp
2013-09-02 15:29:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-09-02 11:03:34 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-02 10:17:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-02 10:06:24 ----RD---- C:\Program Files
2013-09-01 19:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2013-08-31 22:01:08 ----D---- C:\WINDOWS
2013-08-30 22:11:11 ----SHD---- C:\WINDOWS\Installer
2013-08-30 22:11:11 ----SHD---- C:\Config.Msi
2013-08-30 22:11:10 ----D---- C:\WINDOWS\WinSxS
2013-08-30 15:21:42 ----HD---- C:\WINDOWS\inf
2013-08-30 14:07:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-08-30 14:07:11 ----D---- C:\Program Files\Common Files\System
2013-08-30 14:07:09 ----RSD---- C:\WINDOWS\Fonts
2013-08-30 14:06:27 ----D---- C:\Program Files\Common Files
2013-08-30 14:06:17 ----A---- C:\WINDOWS\win.ini
2013-08-30 13:30:30 ----SH---- C:\boot.ini
2013-08-30 13:30:30 ----A---- C:\WINDOWS\system.ini
2013-08-30 13:27:25 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2013-08-30 13:27:08 ----D---- C:\Program Files\DivX
2013-08-29 18:23:39 ----D---- C:\ProgramData
2013-08-29 18:15:35 ----SD---- C:\Documents and Settings\Klacka 2\Application Data\Microsoft
2013-08-29 17:38:22 ----D---- C:\Documents and Settings\Klacka 2\Application Data\Real
2013-08-29 17:31:58 ----D---- C:\WINDOWS\Minidump
2013-08-29 17:31:58 ----D---- C:\WINDOWS\Logs
2013-08-29 17:31:58 ----D---- C:\WINDOWS\Debug
2013-08-28 23:15:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-08-28 22:58:57 ----D---- C:\Documents and Settings
2013-08-24 17:29:51 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-24 17:29:47 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-08-19 18:45:38 ----RSD---- C:\WINDOWS\assembly
2013-08-19 18:43:16 ----D---- C:\WINDOWS\Microsoft.NET
2013-08-19 18:34:37 ----A---- C:\WINDOWS\system32\MRT.exe
2013-08-17 22:50:22 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2013-08-17 22:50:14 ----RD---- C:\Program Files\Skype
2013-08-14 16:25:07 ----A---- C:\prefs.js

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-11 717296]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 MpKsl93a4c418;MpKsl93a4c418; \??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{03C87CC1-B011-4174-94E7-8FAB82382A30}\MpKsl93a4c418.sys []
R1 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-11 6249728]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-12-29 1346464]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2009-04-02 37160]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-04-02 991136]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAU32.sys [2009-03-09 805888]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 ab5tg66b;ab5tg66b; C:\WINDOWS\system32\drivers\ab5tg66b.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2009-04-02 534312]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-04-02 156816]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2009-04-02 57384]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2009-04-02 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-04-02 47272]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 gBTMouUsb;BT Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gBTMouUsb.sys [2006-12-05 9856]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-04-07 39424]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-04-16 22784]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2009-03-23 349528]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-07-18 22216]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-11 168005]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-24 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#19 Příspěvek od **Márty84** » 03 zář 2013 18:19

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

goolman11 · #20 Příspěvek od **goolman11** » 04 zář 2013 13:28

OTL Extras logfile created on: 4. 9. 2013 14:13:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Klacka 2\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 73,45% Memory free
4,84 Gb Paging File | 4,24 Gb Available in Paging File | 87,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 62,22 Gb Free Space | 63,72% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 200,29 Gb Free Space | 99,93% Space Free | Partition Type: NTFS

Computer Name: PC-ECA07D7D2305 | User Name: Klacka 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.Klacka 2] -- C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B71F326-E41E-42D5-8446-75444C6F8C83}" = OMEGA komponenty
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E782E5-95A5-4B32-B493-DA05F9A6B560}" = ioCentre4D
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{59D268DF-CCA9-44C5-8F96-2E51BB34C829}" = Microsoft Security Client
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BurnAware Free_is1" = BurnAware Free 3.3
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.0.0
"EasyLanguage_is1" = EasyLanguage
"Elcomm" = Elcomm
"FBLayouts" = FBLayouts Plugin
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28. 8. 2013 17:03:22 | Computer Name = PC-ECA07D7D2305 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19

Error - 28. 8. 2013 17:03:22 | Computer Name = PC-ECA07D7D2305 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20

Error - 28. 8. 2013 17:03:22 | Computer Name = PC-ECA07D7D2305 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21

Error - 28. 8. 2013 17:03:22 | Computer Name = PC-ECA07D7D2305 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22

Error - 28. 8. 2013 17:03:22 | Computer Name = PC-ECA07D7D2305 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23

Error - 28. 8. 2013 17:03:22 | Computer Name = PC-ECA07D7D2305 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24

Error - 28. 8. 2013 17:05:46 | Computer Name = PC-ECA07D7D2305 | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(7c:11:be:a3:be:98@fe80::7e11:beff:fea3:be98._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 29. 8. 2013 12:14:41 | Computer Name = PC-ECA07D7D2305 | Source = MsiInstaller | ID = 10005
Description = Produkt: Microsoft Office Professional Edition 2003 - Chyba 25090.
Instalační program sady Office zjistil potíže se zdrojovým modulem Office; systémová
chyba: -2147023179. Otevřete složku C:\Program Files\Microsoft Office\OFFICE11\1029\SETUP.CHM
a vyhledejte téma Zdrojový modul Office, kde najdete informace týkající se řešení
tohoto problému.

Error - 30. 8. 2013 8:19:05 | Computer Name = PC-ECA07D7D2305 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.3.216.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 30. 8. 2013 8:19:08 | Computer Name = PC-ECA07D7D2305 | Source = Microsoft Security Client | ID = 5000
Description =

[ System Events ]
Error - 30. 8. 2013 8:08:16 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126

Error - 30. 8. 2013 8:24:26 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 31. 8. 2013 13:18:56 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 31. 8. 2013 16:00:18 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 1. 9. 2013 13:12:56 | Computer Name = PC-ECA07D7D2305 | Source = Sr | ID = 1
Description = Pri spracovaní súboru „“ vo zväzku „HarddiskVolume1“ filtrom služby
Obnovovanie systému sa vyskytla neočakávaná chyba „0xC0000001“. Služba prestala
sledovať zväzok.

Error - 1. 9. 2013 13:13:08 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 2. 9. 2013 1:18:18 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 2. 9. 2013 1:28:28 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 2. 9. 2013 4:13:55 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 4. 9. 2013 8:02:39 | Computer Name = PC-ECA07D7D2305 | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

< End of report >

goolman11 · #21 Příspěvek od **goolman11** » 04 zář 2013 13:28

OTL logfile created on: 4. 9. 2013 14:13:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Klacka 2\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041b | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 73,45% Memory free
4,84 Gb Paging File | 4,24 Gb Available in Paging File | 87,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 62,22 Gb Free Space | 63,72% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 200,29 Gb Free Space | 99,93% Space Free | Partition Type: NTFS

Computer Name: PC-ECA07D7D2305 | User Name: Klacka 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.04 14:04:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klacka 2\My Documents\Downloads\OTL.exe
PRC - [2013.09.04 12:02:46 | 000,772,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.157.1029.0.exe
PRC - [2013.08.24 19:49:56 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2013.07.18 16:49:42 | 000,312,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013.07.18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.07.18 16:49:24 | 000,995,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.05.02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MpSigStub.exe
PRC - [2009.03.23 18:41:06 | 000,603,488 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.05.13 17:33:56 | 000,483,328 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre4D\gBTMouseTask.exe
PRC - [2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.17 16:58:02 | 000,331,776 | ---- | M] () -- C:\Genius\ioCentre4D\gBTAutoScroll.exe

========== Modules (No Company Name) ==========

MOD - [2013.08.24 19:49:53 | 000,410,576 | ---- | M] () -- C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.62\ppgooglenaclpluginchrome.dll
MOD - [2013.08.24 19:49:51 | 004,053,456 | ---- | M] () -- C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.62\pdf.dll
MOD - [2013.08.24 19:48:58 | 001,604,560 | ---- | M] () -- C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.03.23 18:40:06 | 002,854,976 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2009.03.23 18:38:08 | 000,069,697 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.01.17 16:58:02 | 000,331,776 | ---- | M] () -- C:\Genius\ioCentre4D\gBTAutoScroll.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.08.24 17:29:51 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.07.18 16:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a2k8uiha)
DRV - [2010.01.11 18:43:58 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.04.07 22:04:00 | 000,039,424 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009.04.02 03:50:00 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009.04.02 03:50:00 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009.04.02 03:50:00 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2009.04.02 03:50:00 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2009.04.02 03:50:00 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009.04.02 03:50:00 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2009.04.02 03:50:00 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2009.03.09 07:32:00 | 000,805,888 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAU32.sys -- (CnxtHdAudService)
DRV - [2008.12.29 15:32:32 | 001,346,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2006.12.05 11:47:22 | 000,009,856 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gBTMouUsb.sys -- (gBTMouUsb)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.05.15 17:02:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.07.03 20:33:24 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.62\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.09.03 00:40:26 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (FBLayouts Plugin) - {FF4E1D1D-705B-4379-AB33-22D98C1ABF55} - C:\Program Files\FBLayouts\fblayouts.dll (HotLayouts2U)
O3 - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BTCentre] C:\Genius\ioCentre4D\gBTMouseTask.exe (TODO: <Company name>)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-854245398-113007714-1606980848-1008..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-854245398-113007714-1606980848-1008..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nltide_3] C:\WINDOWS\System32\advpack.dll (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAFE9A1F-FB2B-4716-973E-F5A83BE383C7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuálna domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Klacka 2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.29 23:32:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.09.02 11:03:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klacka 2\Desktop\RK_Quarantine
[2013.09.02 07:35:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.01 09:37:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klacka 2\Application Data\Malwarebytes
[2013.09.01 09:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013.08.31 19:20:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Klacka 2\Recent
[2013.08.30 15:21:42 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013.08.30 15:21:42 | 000,017,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013.08.30 14:22:07 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013.08.30 14:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.08.30 14:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.08.30 14:04:38 | 000,000,000 | ---D | C] -- C:\rsit
[2013.08.30 13:29:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013.08.29 17:28:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2013.08.29 17:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.08.28 22:48:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klacka 2\Desktop\NEVYMAZAT
[2013.08.25 22:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klacka 2\My Documents\vymazat
[2013.08.19 18:34:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013.08.17 22:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klacka 2\Application Data\Skype
[2013.08.17 22:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.08.17 22:50:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.09.04 14:15:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.04 14:12:30 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.09.04 14:06:38 | 000,435,952 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.09.04 14:06:38 | 000,068,848 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.09.04 14:02:39 | 000,201,426 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.09.04 14:02:33 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2013.09.04 14:02:33 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-18.job
[2013.09.04 14:02:32 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1007.job
[2013.09.04 14:02:32 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1006.job
[2013.09.04 14:02:31 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2013.09.04 14:02:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.09.04 14:02:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.09.03 14:02:30 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.09.02 15:59:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2013.09.01 18:37:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-18.job
[2013.09.01 18:36:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2013.08.30 18:48:39 | 000,002,327 | ---- | M] () -- C:\Documents and Settings\Klacka 2\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.08.30 18:48:39 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Klacka 2\Desktop\Google Chrome.lnk
[2013.08.30 14:24:46 | 002,062,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.08.30 14:19:26 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013.08.30 14:09:00 | 000,000,231 | ---- | M] () -- C:\Documents and Settings\Klacka 2\Application Data\burnaware.ini
[2013.08.30 13:30:30 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013.08.29 17:28:29 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013.08.28 23:03:52 | 006,737,821 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Zendaya - Replay (Lyrics Video).mp3
[2013.08.26 17:48:38 | 019,876,488 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Zendaya - Replay (Lyrics Video).mp4
[2013.08.25 22:35:38 | 008,847,768 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Wisin Y Yandel ft Chris Brown, T-Pain - Algo Me Gusta De Ti (Los Lideres) 2012.mp3
[2013.08.25 22:07:57 | 010,916,440 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Wisin Y Yandel ft Chris Brown, T-Pain - Algo Me Gusta De Ti (Los Lideres) 2012.flv
[2013.08.25 21:56:32 | 007,495,069 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Celeste and Carmel Buckingham - Gone (Official Music Video).mp3
[2013.08.25 16:21:48 | 008,805,277 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\DJ YAKSHA ft. MAJK SPIRIT , BEN CRISTOVAO , DELIK , OTECKO - FCKNG PRBLM ( PAY. REMIX ).mp3
[2013.08.25 12:53:48 | 008,274,589 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Wale Feat. Tiara Thomas - Bad [Lyrics]_.mp3
[2013.08.25 12:53:42 | 005,831,831 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Drake - Started From The Bottom (Lyrics).mp3
[2013.08.25 12:32:53 | 007,615,645 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Imagine Dragons - It's Time.mp3
[2013.08.25 12:24:25 | 006,224,797 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Summer Hit 2013 _Amame_ (feat Gipsy Queen _ latino).mp3
[2013.08.25 12:20:04 | 007,282,333 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\The Other Side-Jason Derulo Audio HD HQ(lyrics in description).mp3
[2013.08.25 12:16:44 | 006,537,373 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Axwell-Center of universe LYRICS.mp3
[2013.08.24 17:29:51 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.08.24 17:29:50 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.08.24 17:29:47 | 017,737,608 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013.08.14 18:46:18 | 006,841,501 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Lady Gaga - Applause (Lyrics Video).mp3
[2013.08.14 18:32:02 | 009,639,325 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Knife Party - Internet Friends (Original Mix).mp3
[2013.08.14 18:17:42 | 011,717,533 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\[HQ] Tiesto & Hardwell - Zero 76 (Original Mix Length) [HQ].mp3
[2013.08.14 17:58:07 | 014,213,015 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Pryda & Empire Of The Sun - We are the Mirage (Roman Kay Intro Bootleg ).mp3
[2013.08.14 17:57:22 | 006,835,607 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Keri Hilson - Lose Control (feat. Nelly) [MUSIC VIDEO].mp3
[2013.08.14 17:52:06 | 012,142,237 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Vicetone ft. Matthew Koma vs. Basto - SparkChaser (Shockstorm Mashup) FREE DL.mp3
[2013.08.14 17:49:07 | 011,143,069 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Basto - Stormchaser (Original Mix).mp3
[2013.08.14 16:25:07 | 000,000,359 | ---- | M] () -- C:\prefs.js
[2013.08.13 00:17:40 | 004,267,933 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\MISS DANCE SR 2013 [SEMIFINÁLE] 27.1.2013.mp3
[2013.08.12 23:24:07 | 008,611,992 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Chris Brown - Without you ♥ ..mp3
[2013.08.12 23:00:21 | 011,633,821 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Sebastian Ingrosso - Tommy Trash Feat John Martin - Reload (Original Vocal Mix) Lyrics and Download.mp3
[2013.08.12 19:25:52 | 004,939,933 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Strapo - Loading (prod. Emeres).mp3
[2013.08.12 19:18:09 | 007,559,064 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\H16 ANGEL feat. IGOR KMEŤO PROD.GRIMASO).mp3
[2013.08.12 19:11:05 | 007,247,256 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\H16 TIETO CHVÍLE feat. TINA PROD.GRIMASO).mp3
[2013.08.12 19:10:19 | 008,008,093 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\H16 - NA DNE feat. MOJA REČ _PROD.GRIMASO_ + Text.mp3
[2013.08.12 18:22:00 | 007,245,720 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Afrojack ft. Chris Brown - As Your Friend (Lyrics).mp3
[2013.08.12 18:20:21 | 009,826,968 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\will.i.am - Fall Down ft. Miley Cyrus (Audio) w_DL+Lyrics.mp3
[2013.08.12 18:15:06 | 010,515,613 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Jay-Z - Holy Grail ft. Justin Timberlake (Clean) w_DL+Lyrics.mp3
[2013.08.11 23:39:44 | 007,564,440 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Ellie Goulding - Burn lyrics.mp3
[2013.08.11 23:35:39 | 006,355,357 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Enrique Iglesias - Turn The Night Up lyrics.mp3
[2013.08.11 23:30:41 | 006,473,629 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Massari - Brand New Day.mp3
[2013.08.11 23:28:17 | 006,480,791 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Don't call me baby - Kreesha Turner.mp3
[2013.08.11 23:20:53 | 010,435,990 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Eminem_ Lose Yourself (lyrics).mp3
[2013.08.11 23:20:28 | 005,916,829 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Imagine Dragons - Radioactive.mp3
[2013.08.09 20:14:06 | 008,558,749 | ---- | M] () -- C:\Documents and Settings\Klacka 2\My Documents\Daniel Powter _Crazy All My Life_.mp3
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.09.04 14:15:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.08.30 14:34:47 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.08.30 14:19:26 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2013.08.30 14:19:07 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013.08.30 13:36:23 | 000,000,231 | ---- | C] () -- C:\Documents and Settings\Klacka 2\Application Data\burnaware.ini
[2013.08.29 17:28:29 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013.08.28 23:03:29 | 006,737,821 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Zendaya - Replay (Lyrics Video).mp3
[2013.08.26 17:47:55 | 019,876,488 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Zendaya - Replay (Lyrics Video).mp4
[2013.08.25 22:35:09 | 008,847,768 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Wisin Y Yandel ft Chris Brown, T-Pain - Algo Me Gusta De Ti (Los Lideres) 2012.mp3
[2013.08.25 22:04:46 | 010,916,440 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Wisin Y Yandel ft Chris Brown, T-Pain - Algo Me Gusta De Ti (Los Lideres) 2012.flv
[2013.08.25 21:56:07 | 007,495,069 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Celeste and Carmel Buckingham - Gone (Official Music Video).mp3
[2013.08.25 16:21:22 | 008,805,277 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\DJ YAKSHA ft. MAJK SPIRIT , BEN CRISTOVAO , DELIK , OTECKO - FCKNG PRBLM ( PAY. REMIX ).mp3
[2013.08.25 12:53:15 | 005,831,831 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Drake - Started From The Bottom (Lyrics).mp3
[2013.08.25 12:53:05 | 008,274,589 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Wale Feat. Tiara Thomas - Bad [Lyrics]_.mp3
[2013.08.25 12:32:15 | 007,615,645 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Imagine Dragons - It's Time.mp3
[2013.08.25 12:23:58 | 006,224,797 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Summer Hit 2013 _Amame_ (feat Gipsy Queen _ latino).mp3
[2013.08.25 12:19:32 | 007,282,333 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\The Other Side-Jason Derulo Audio HD HQ(lyrics in description).mp3
[2013.08.25 12:16:16 | 006,537,373 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Axwell-Center of universe LYRICS.mp3
[2013.08.14 18:45:47 | 006,841,501 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Lady Gaga - Applause (Lyrics Video).mp3
[2013.08.14 18:31:29 | 009,639,325 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Knife Party - Internet Friends (Original Mix).mp3
[2013.08.14 18:16:55 | 011,717,533 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\[HQ] Tiesto & Hardwell - Zero 76 (Original Mix Length) [HQ].mp3
[2013.08.14 17:57:12 | 014,213,015 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Pryda & Empire Of The Sun - We are the Mirage (Roman Kay Intro Bootleg ).mp3
[2013.08.14 17:56:57 | 006,835,607 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Keri Hilson - Lose Control (feat. Nelly) [MUSIC VIDEO].mp3
[2013.08.14 17:51:18 | 012,142,237 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Vicetone ft. Matthew Koma vs. Basto - SparkChaser (Shockstorm Mashup) FREE DL.mp3
[2013.08.14 17:48:18 | 011,143,069 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Basto - Stormchaser (Original Mix).mp3
[2013.08.13 00:17:27 | 004,267,933 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\MISS DANCE SR 2013 [SEMIFINÁLE] 27.1.2013.mp3
[2013.08.12 23:23:40 | 008,611,992 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Chris Brown - Without you ♥ ..mp3
[2013.08.12 22:59:30 | 011,633,821 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Sebastian Ingrosso - Tommy Trash Feat John Martin - Reload (Original Vocal Mix) Lyrics and Download.mp3
[2013.08.12 19:25:29 | 004,939,933 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Strapo - Loading (prod. Emeres).mp3
[2013.08.12 19:17:25 | 007,559,064 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\H16 ANGEL feat. IGOR KMEŤO PROD.GRIMASO).mp3
[2013.08.12 19:10:36 | 007,247,256 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\H16 TIETO CHVÍLE feat. TINA PROD.GRIMASO).mp3
[2013.08.12 19:09:42 | 008,008,093 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\H16 - NA DNE feat. MOJA REČ _PROD.GRIMASO_ + Text.mp3
[2013.08.12 18:21:30 | 007,245,720 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Afrojack ft. Chris Brown - As Your Friend (Lyrics).mp3
[2013.08.12 18:19:35 | 009,826,968 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\will.i.am - Fall Down ft. Miley Cyrus (Audio) w_DL+Lyrics.mp3
[2013.08.12 18:14:23 | 010,515,613 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Jay-Z - Holy Grail ft. Justin Timberlake (Clean) w_DL+Lyrics.mp3
[2013.08.11 23:39:10 | 007,564,440 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Ellie Goulding - Burn lyrics.mp3
[2013.08.11 23:34:59 | 006,355,357 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Enrique Iglesias - Turn The Night Up lyrics.mp3
[2013.08.11 23:30:17 | 006,473,629 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Massari - Brand New Day.mp3
[2013.08.11 23:27:59 | 006,480,791 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Don't call me baby - Kreesha Turner.mp3
[2013.08.11 23:20:20 | 010,435,990 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Eminem_ Lose Yourself (lyrics).mp3
[2013.08.11 23:20:08 | 005,916,829 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Imagine Dragons - Radioactive.mp3
[2013.08.09 20:13:37 | 008,558,749 | ---- | C] () -- C:\Documents and Settings\Klacka 2\My Documents\Daniel Powter _Crazy All My Life_.mp3
[2012.09.07 19:17:52 | 000,023,376 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012.05.14 17:43:29 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Klacka 2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.18 00:25:28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

========== ZeroAccess Check ==========

[2010.01.11 18:53:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.07.25 10:12:59 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.10.24 16:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011.09.01 21:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011.02.25 19:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011.09.09 12:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameXN
[2011.08.27 16:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2012.08.28 19:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD YouTube Downloader & Converter
[2012.03.04 14:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.04.10 20:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D9C99627-949D-458E-883C-40AB097FE49F}
[2010.07.27 17:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2011.11.07 21:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\YouTube Downloader

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.12.29 23:30:51 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.29 23:35:51 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.08.18 16:45:33 | 000,000,286 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1006.job
[2010.08.18 16:45:34 | 000,000,278 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1006.job
[2011.07.18 15:14:56 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1007.job
[2011.07.18 15:14:56 | 000,000,292 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1007.job
[2012.03.04 14:26:11 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012.05.14 18:03:16 | 000,000,292 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2012.05.14 18:03:17 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2012.12.30 19:37:41 | 000,000,280 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-18.job
[2012.12.30 19:37:41 | 000,000,288 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-18.job
[2012.12.30 19:38:09 | 000,000,292 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2012.12.30 19:38:10 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
[2013.03.09 20:32:06 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.08.30 14:34:47 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.02.08 03:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 01:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 01:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.04.15 10:37:44 | 000,425,984 | ---- | M] (KROS s. r. o.) -- C:\Crv2Kros.exe
[2009.03.26 11:19:00 | 001,543,728 | ---- | M] () -- C:\TeamViewerQS.EXE

< %ALLUSERSPROFILE%\Application Data\*. >
[2012.10.24 16:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.03.09 20:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012.03.04 14:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2012.10.24 16:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009.12.29 17:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Atheros
[2011.08.30 15:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2013.08.30 13:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2011.09.01 21:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011.02.25 19:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010.06.12 12:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2011.09.09 12:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameXN
[2011.08.27 16:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LangSoft
[2013.09.01 09:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012.01.27 19:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.03.07 11:49:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.06.27 07:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2013.08.17 22:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012.08.28 19:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD YouTube Downloader & Converter
[2012.03.04 14:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.04.10 20:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D9C99627-949D-458E-883C-40AB097FE49F}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.08.21 13:01:28 | 001,977,816 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe
[2012.08.21 13:01:22 | 000,115,672 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe
[2012.09.10 03:33:52 | 000,073,624 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.7.0.21\SetupAdmin.exe
[2013.08.30 13:25:46 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2011.09.01 21:18:04 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\GameXN\ezShell64Run.exe
[2011.09.01 21:18:04 | 000,347,008 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Application Data\GameXN\GameXNGO.exe
[2012.08.28 19:52:45 | 005,678,064 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\YTD YouTube Downloader & Converter\ytd_installer.exe

< %APPDATA%\*. >
[2013.07.23 00:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\Adobe
[2012.09.07 19:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\Apple Computer
[2012.05.23 21:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\DivX
[2012.05.14 17:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\Identities
[2012.05.15 10:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\Macromedia
[2013.09.01 09:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\Malwarebytes
[2013.08.29 18:15:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Klacka 2\Application Data\Microsoft
[2013.08.29 17:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\Real
[2013.08.29 17:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\Skype
[2012.05.23 21:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klacka 2\Application Data\WinRAR

< %APPDATA%\*.exe /s >
[2013.06.11 21:47:04 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Klacka 2\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
[2013.06.16 21:57:37 | 038,409,632 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Klacka 2\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\RealPlayer.exe
[2013.06.16 21:48:08 | 000,775,344 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Klacka 2\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_exe\RealPlayer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.11 18:43:58 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.12.30 00:19:17 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.30 00:19:17 | 001,064,960 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.30 00:19:17 | 000,917,504 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.09.04 14:02:39 | 000,201,426 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.09.04 14:06:38 | 000,068,848 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.09.04 14:06:38 | 000,435,952 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.09.04 14:06:38 | 000,513,964 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.09.04 14:02:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.04.15 10:37:44 | 000,425,984 | ---- | M] (KROS s. r. o.) -- C:\Crv2Kros.exe
[2009.03.26 11:19:00 | 001,543,728 | ---- | M] () -- C:\TeamViewerQS.EXE

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 06:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.04 14:15:49 | 000,000,512 | ---- | M] () MD5=F8616B93458F632904E6638E148B6AD2 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2010.07.03 20:33:24 | 000,001,399 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2010.07.03 20:33:24 | 000,000,319 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2013.06.19 15:59:00 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2013.06.19 15:59:00 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.png
[2013.06.19 15:59:00 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2011.10.29 15:35:22 | 003,471,872 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\07XM9YTR\youtubedownloaderToolbar[1].msi
[2012.02.18 13:59:54 | 000,015,498 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\1NRY83PZ\loader_1036[1].js
[2011.09.17 11:07:30 | 000,942,080 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\YUBU6392\Downloader[1].exe
[2011.10.29 15:33:38 | 005,342,064 | ---- | M] () -- \Documents and Settings\Owner\My Documents\Downloads\YouTubeDownloaderSetup34.exe
[2012.08.27 21:33:18 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.08.19 18:29:10 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.17 02:48:37 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.19 18:43:27 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC21702\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2003.08.01 13:54:06 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serialui.dll.mui
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

#22 Příspěvek od **Márty84** » 04 zář 2013 14:01

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
SkypeUpdate
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-18.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-18.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1006.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1007.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1007.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
IE - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll
O3 - HKU\S-1-5-21-854245398-113007714-1606980848-1008\..\Toolbar\ShellBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

goolman11 · #23 Příspěvek od **goolman11** » 05 zář 2013 00:11

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Klacka 2
->Temp folder emptied: 2053621 bytes
->Temporary Internet Files folder emptied: 33175 bytes
->Google Chrome cache emptied: 15763814 bytes
->Flash cache emptied: 647 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 500753 bytes

User: NetworkService
->Temp folder emptied: 29450 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
->Temp folder emptied: 70229704 bytes
->Temporary Internet Files folder emptied: 354006567 bytes
->FireFox cache emptied: 3398903 bytes
->Google Chrome cache emptied: 167693066 bytes
->Opera cache emptied: 369517 bytes
->Flash cache emptied: 19767 bytes

User: Uzivatel

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 607762 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 369600826 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 939,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Klacka 2
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Owner
->Flash cache emptied: 0 bytes

User: Uzivatel

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-18.job moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-18.job moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1006.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1007.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-854245398-113007714-1606980848-1008.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1006.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1007.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-113007714-1606980848-1008.job moved successfully.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-854245398-113007714-1606980848-1008\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-854245398-113007714-1606980848-1008\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
File C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll not found.
Registry value HKEY_USERS\S-1-5-21-854245398-113007714-1606980848-1008\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP248.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP318.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP408.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP425.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF08.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFEB.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSIC0.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\BIT90.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wt18.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wtBB.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 09052013_010806

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#24 Příspěvek od **Márty84** » 05 zář 2013 05:26

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

goolman11 · #25 Příspěvek od **goolman11** » 05 zář 2013 09:47

noo nemozem stiahnut pretoze mi notebook nechce spustit zasekne sa na - system windows sa spusta

goolman11 · #26 Příspěvek od **goolman11** » 05 zář 2013 13:37

uy ide v poriadku spravim defragmentaciu a napisem ako to ide

#27 Příspěvek od **Márty84** » 05 zář 2013 18:56

goolman11 píše:noo nemozem stiahnut pretoze mi notebook nechce spustit zasekne sa na - system windows sa spusta

Vzpmatovalo se to samo? Nebo jste pouzil bod obnovy?

goolman11 · #28 Příspěvek od **goolman11** » 05 zář 2013 23:41

same sa to spametalo. vsetko funguje ako ma.

#29 Příspěvek od **Márty84** » 06 zář 2013 09:53

Zkuste jeste radeji...

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

goolman11 · #30 Příspěvek od **goolman11** » 06 zář 2013 11:48

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/09/06 12:48:13

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M/M-E 2 port Serial ATA Storage Controller 1 - 2928 [ATA]
+ Primary IDE Channel (0)
- WDC WD3200BEVT-22ZCT0
+ Secondary IDE Channel (1)
- HL-DT-ST DVDRAM GT20N
+ Intel(R) ICH9M/M-E 2 port Serial ATA Storage Controller 2 - 292D [ATA]
- Primary IDE Channel (0)
- Secondary IDE Channel (1)
+ AUN7H1YS IDE Controller [SCSI]
- SL9094T WRL554N SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200BEVT-22ZCT0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-22ZCT0
Firmware : 11.01A11
Serial Number : WD-WXB0A69S4473
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 5564 hours
Power On Count : 2606 count
Temparature : 29 C (84 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 187 185 _21 000000000661 Spin-Up Time
04 _97 _97 __0 000000000D7F Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 __0 000000000000 Seek Error Rate
09 _93 _93 __0 0000000015BC Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _98 _98 __0 000000000A2E Power Cycle Count
C0 200 200 __0 000000000034 Power-off Retract Count
C1 169 169 __0 00000001711E Load/Unload Cycle Count
C2 118 _91 __0 00000000001D Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 _51 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4136 4136 3953 3434 3733
020: 0000 4000 0032 3131 2E30 3131 3131 5744 4320 5744
030: 3332 3030 4245 5654 2D32 4354 4354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 004C 0040
080: 01FE 0000 746B 7F09 6163 BC09 BC09 6163 407F 0033
090: 0033 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 5885 962D 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169E 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 96A5

VIRY.CZ

preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka

Re: preventivka