"Jarní" uklid xD

Zpráva

Ryuu · #1 Příspěvek od **Ryuu** » 15 bře 2014 01:08

dobrý den prosil bych o pomoc s pročištěním začíná mě zlobit

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dead at 2014-03-15 01:14:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 88 GB (57%) free of 153 GB
Total RAM: 511 MB (32% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-14 3767096]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"nwiz"=nwiz.exe /install []
"mspebyaSrv"=C:\WINDOWS\system32\mspebya.vbe [2013-12-10 583]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Clownfish"= []
"Spotify Web Helper"=C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe [2014-03-02 1171968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\Program Files\Clownfish\Clownfish.exe [2013-12-17 1306360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-12-01 3093624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe [2012-08-25 545552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-07-25 20686704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Documents and Settings\Dead\Data aplikací\Spotify\Spotify.exe [2014-03-02 6118400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe [2014-03-02 1171968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^AudioDeck.lnk]
C:\PROGRA~1\VIATEC~1\VIAAUD~1\AUDIOD~1\AUDIOD~1.EXE [2003-07-08 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Documents and Settings\Dead\Games\Unreal Tournament 2004\System\UT2004.exe"="C:\Documents and Settings\Dead\Games\Unreal Tournament 2004\System\UT2004.exe:*:Enabled:UT2004"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Games\Counter-Strike 1.6 Non-Steam\hl.exe"="C:\Games\Counter-Strike 1.6 Non-Steam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Dead\Plocha\Ekura\client.bin"="C:\Documents and Settings\Dead\Plocha\Ekura\client.bin:*:Enabled:client"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Games\Tunngle\TnglCtrl.exe"="C:\Games\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service"
"C:\Games\Tunngle\Tunngle.exe"="C:\Games\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Games\Warcraft III Frozen Throne\Warcraft III.exe"="C:\Games\Warcraft III Frozen Throne\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Dead\Data aplikací\Spotify\spotify.exe"="C:\Documents and Settings\Dead\Data aplikací\Spotify\spotify.exe:*:Enabled:Spotify"
"C:\Games\GameforgeLive\gfl_client.exe"="C:\Games\GameforgeLive\gfl_client.exe:*:Enabled:Gameforge Live"
"C:\Games\Elsword_EN\data\x2.exe"="C:\Games\Elsword_EN\data\x2.exe:*:Enabled:Elsword"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======List of files/folders created in the last 1 months======

2014-03-06 20:15:52 ----D---- C:\Program Files\ASIO4ALL v2
2014-03-03 12:23:52 ----A---- C:\WINDOWS\system32\rewire.dll
2014-03-03 12:22:09 ----D---- C:\Documents and Settings\Dead\Data aplikací\Image-Line
2014-03-03 12:19:24 ----D---- C:\Documents and Settings\Dead\Data aplikací\FlowStone
2014-03-03 12:19:21 ----D---- C:\Program Files\DSPRobotics
2014-03-03 11:51:37 ----D---- C:\Program Files\Image-Line
2014-03-02 23:26:35 ----D---- C:\Documents and Settings\Dead\Data aplikací\Spotify
2014-03-02 21:25:03 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\POP3Profiles
2014-03-02 03:33:36 ----A---- C:\WINDOWS\system32\javaws.exe
2014-03-02 03:33:18 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-03-02 03:33:18 ----A---- C:\WINDOWS\system32\javaw.exe
2014-03-02 03:33:18 ----A---- C:\WINDOWS\system32\java.exe
2014-02-19 21:11:06 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\YTD Video Downloader
2014-02-19 21:10:13 ----D---- C:\Program Files\GreenTree Applications
2014-02-18 14:55:24 ----D---- C:\suntemp

======List of files/folders modified in the last 1 months======

2014-03-15 01:14:09 ----D---- C:\Program Files\trend micro
2014-03-15 01:10:33 ----D---- C:\Documents and Settings\Dead\Data aplikací\Skype
2014-03-14 22:43:42 ----D---- C:\WINDOWS\Temp
2014-03-14 21:38:56 ----D---- C:\WINDOWS\system32\drivers
2014-03-14 14:04:15 ----D---- C:\WINDOWS\system32\CatRoot2
2014-03-14 13:58:38 ----D---- C:\Documents and Settings\Dead\Data aplikací\Winamp
2014-03-14 13:58:38 ----D---- C:\Documents and Settings\Dead\Data aplikací\DAEMON Tools Lite
2014-03-14 13:58:30 ----D---- C:\Documents and Settings\Dead\Data aplikací\uTorrent
2014-03-14 13:58:29 ----D---- C:\Documents and Settings\Dead\Data aplikací\TS3Client
2014-03-14 13:58:28 ----D---- C:\WINDOWS\system32
2014-03-14 13:57:37 ----D---- C:\WINDOWS
2014-03-14 12:21:07 ----RD---- C:\Games
2014-03-14 12:17:53 ----D---- C:\WINDOWS\Prefetch
2014-03-12 09:05:38 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-11 13:23:08 ----D---- C:\Documents and Settings\Dead\Data aplikací\vlc
2014-03-09 07:28:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-06 20:15:52 ----D---- C:\Program Files
2014-03-06 20:14:10 ----HD---- C:\WINDOWS\inf
2014-03-05 14:53:54 ----SHD---- C:\WINDOWS\Installer
2014-03-05 14:53:06 ----D---- C:\Program Files\LogMeIn Hamachi
2014-03-03 12:34:45 ----D---- C:\Program Files\VST
2014-03-03 01:13:23 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MAGIX
2014-03-03 01:10:36 ----D---- C:\Program Files\Common Files
2014-03-02 21:21:30 ----HD---- C:\Program Files\InstallShield Installation Information
2014-03-02 14:19:11 ----D---- C:\Documents and Settings\Dead\Data aplikací\dvdcss
2014-03-02 03:33:18 ----D---- C:\Program Files\Java
2014-02-23 15:43:02 ----D---- C:\Program Files\Alawar
2014-02-23 05:09:47 ----D---- C:\WINDOWS\Logs
2014-02-16 07:53:19 ----D---- C:\WINDOWS\system32\DirectX
2014-02-16 07:53:15 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-11-30 242240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2013-08-25 13120]
R3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-09-02 12648960]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-06-16 369920]
S3 apjyltih;apjyltih; C:\WINDOWS\system32\drivers\apjyltih.sys []
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 Cap7134;Cap7134 Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2005-02-16 346304]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
S3 SAA713x;Behold TV WDM Capture (SAA713x); C:\WINDOWS\system32\DRIVERS\saa713x.sys [2009-05-18 421896]
S3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Vsp;Vsp; \??\C:\WINDOWS\system32\drivers\Vsp.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-14 50344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-02-04 66872]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-09-23 164200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2012-11-25 3995760]
S3 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2012-08-25 85776]
S3 TunngleService;TunngleService; C:\Games\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 15 bře 2014 02:52

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Ryuu · #3 Příspěvek od **Ryuu** » 15 bře 2014 13:14

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Dead on so 15.03.2014 at 11:34:01,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Dead\Data aplikacˇ\fighters"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 15.03.2014 at 13:06:29,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ryuu · #4 Příspěvek od **Ryuu** » 15 bře 2014 13:24

# AdwCleaner v3.022 - Report created 15/03/2014 at 13:25:01
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dead - CAPTAIN
# Running from : C:\Documents and Settings\Dead\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Documents and Settings\Dead\Local Settings\Data aplikací\AlawarWrapper

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\Software\Uniblue

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

*************************

AdwCleaner[R0].txt - [1155 octets] - [15/03/2014 13:21:10]
AdwCleaner[S0].txt - [1096 octets] - [15/03/2014 13:25:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1156 octets] ##########

Ryuu · #5 Příspěvek od **Ryuu** » 15 bře 2014 22:46

nezaspal jsi ?

#6 Příspěvek od **vyosek** » 15 bře 2014 23:22

Ano, spal jsem po nocni a co...My mame forum jako svuj konicek, ve svem VOLNEM case a ZDARMA...

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Ryuu · #7 Příspěvek od **Ryuu** » 16 bře 2014 00:29

sorry nemyslel jsem to zle

jo ten zoek mi nejde stáhnout zkoušel jsem to i z jiného prohlížeče a nic

#8 Příspěvek od **vyosek** » 16 bře 2014 08:31

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Ryuu · #9 Příspěvek od **Ryuu** » 16 bře 2014 14:08

OTL logfile created on: 16.3.2014 12:41:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dead\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,49 Mb Total Physical Memory | 228,88 Mb Available Physical Memory | 44,75% Memory free
1,22 Gb Paging File | 0,89 Gb Available in Paging File | 73,15% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 84,21 Gb Free Space | 56,50% Space Free | Partition Type: NTFS

Computer Name: CAPTAIN | User Name: Dead | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.03.16 12:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dead\Plocha\OTL.exe
PRC - [2014.03.02 23:27:16 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014.02.26 09:50:00 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2014.02.14 20:01:04 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.02.14 20:01:03 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.08.07 10:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.11.26 14:09:45 | 000,878,480 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2014.03.14 12:55:19 | 002,186,752 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14031400\algo.dll
MOD - [2013.10.30 09:49:45 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2012.09.23 15:28:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Services (SafeList) ==========

SRV - [2014.03.12 09:05:47 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.26 19:57:30 | 001,678,672 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.02.26 09:50:00 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014.02.14 20:01:03 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.11.06 18:30:44 | 000,758,224 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Games\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013.08.07 10:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.07.25 09:40:44 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.25 18:07:15 | 003,995,760 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2012.08.25 21:27:58 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewdcsc.sys -- (Huawei)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap52q8t5)
DRV - [2014.02.14 20:02:44 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014.02.14 20:01:09 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.02.14 20:01:09 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014.02.14 20:01:09 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.02.14 20:01:09 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014.02.14 20:01:09 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.10.30 09:49:48 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.10.27 13:55:16 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013.08.25 10:30:48 | 000,013,120 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2013.07.18 08:23:44 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.11.30 05:03:50 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.08.25 21:27:54 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009.09.16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2009.05.18 15:45:24 | 000,421,896 | ---- | M] (Beholder) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\saa713x.sys -- (SAA713x)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.04.14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006.10.17 13:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2005.02.16 16:19:08 | 000,346,304 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)
DRV - [2005.01.04 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2003.07.01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2003.06.16 04:05:40 | 000,369,920 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudios.sys -- (VIAudio)
DRV - [2003.05.27 16:45:06 | 000,003,351 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vsp.sys -- (Vsp)
DRV - [2001.08.17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.atarata.com/?pid=1550
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.atarata.com/?pid=1550
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Games\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Dead\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

O1 HOSTS File: ([2001.10.25 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKU\S-1-5-21-854245398-1897051121-842925246-1003..\Run: [Clownfish] File not found
O4 - HKU\S-1-5-21-854245398-1897051121-842925246-1003..\Run: [Spotify Web Helper] C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-1897051121-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FDDCA80-A340-4AE5-82A4-E9BD45B6EAD2}: DhcpNameServer = 213.46.172.37 213.46.172.36
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Dead\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dead\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.11.26 13:46:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.03.16 12:28:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dead\Plocha\OTL.exe
[2014.03.16 10:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dead\Data aplikací\12143
[2014.03.15 11:35:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.03.15 11:33:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.03.14 14:01:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dead\Recent
[2014.03.14 12:21:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Elsword_EN
[2014.03.14 12:19:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dead\Dokumenty\Gameforge Live

========== Files - Modified Within 7 Days ==========

[2014.03.16 13:04:39 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.03.16 12:47:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.03.16 12:42:05 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
[2014.03.16 12:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dead\Plocha\OTL.exe
[2014.03.16 10:36:17 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2014.03.16 10:36:16 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.03.16 10:36:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.03.16 04:09:28 | 000,078,848 | ---- | M] () -- C:\Documents and Settings\Dead\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.03.16 03:55:40 | 000,053,814 | ---- | M] () -- C:\Documents and Settings\Dead\Plocha\TesT.flp
[2014.03.15 09:46:29 | 000,369,280 | ---- | M] () -- C:\Documents and Settings\Dead\Plocha\Elsword-group1.jpg
[2014.03.14 12:47:49 | 000,485,778 | ---- | M] () -- C:\Documents and Settings\Dead\Plocha\5cVgTNK.png
[2014.03.14 12:47:42 | 000,251,331 | ---- | M] () -- C:\Documents and Settings\Dead\Plocha\ElswordTree.png
[2014.03.14 12:47:34 | 000,478,991 | ---- | M] () -- C:\Documents and Settings\Dead\Plocha\b8tq4kU.png
[2014.03.14 12:47:26 | 000,383,692 | ---- | M] () -- C:\Documents and Settings\Dead\Plocha\ChungTree-2.png
[2014.03.14 12:21:08 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Elsword.lnk
[2014.03.14 07:35:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.03.12 09:05:38 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.03.12 09:05:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

File not found -- C:\WINDOWS\System32\msmfieji.vbe
[2014.03.16 12:47:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.03.16 10:01:16 | 000,000,374 | ---- | C] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2014.03.15 09:46:29 | 000,369,280 | ---- | C] () -- C:\Documents and Settings\Dead\Plocha\Elsword-group1.jpg
[2014.03.14 12:47:49 | 000,485,778 | ---- | C] () -- C:\Documents and Settings\Dead\Plocha\5cVgTNK.png
[2014.03.14 12:47:41 | 000,251,331 | ---- | C] () -- C:\Documents and Settings\Dead\Plocha\ElswordTree.png
[2014.03.14 12:47:34 | 000,478,991 | ---- | C] () -- C:\Documents and Settings\Dead\Plocha\b8tq4kU.png
[2014.03.14 12:47:26 | 000,383,692 | ---- | C] () -- C:\Documents and Settings\Dead\Plocha\ChungTree-2.png
[2014.03.14 12:21:08 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Elsword.lnk
[2013.12.21 17:09:14 | 000,013,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2013.11.19 23:34:13 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2013.11.11 18:43:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2013.11.11 06:02:41 | 000,208,104 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.09.02 16:25:17 | 000,000,170 | ---- | C] () -- C:\WINDOWS\System32\nvUnsupRes.dat
[2013.07.21 21:19:31 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Dead\default.pls
[2013.06.05 02:01:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.05.29 14:12:05 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.05.29 14:12:04 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.04.10 17:15:09 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2013.04.02 18:39:37 | 000,000,108 | ---- | C] () -- C:\WINDOWS\disney.ini
[2013.04.02 18:39:14 | 000,000,191 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2013.03.24 15:44:21 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013.03.24 15:43:51 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Dead\Data aplikací\PnkBstrK.sys
[2013.03.24 15:42:49 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2013.03.24 15:42:14 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2013.03.10 17:52:31 | 000,000,530 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2013.03.10 13:20:14 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini
[2013.01.13 22:17:18 | 000,919,530 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-854245398-1897051121-842925246-1003-0.dat
[2013.01.13 21:27:19 | 000,004,366 | ---- | C] () -- C:\Documents and Settings\Dead\Data aplikací\C
[2013.01.13 21:27:17 | 002,416,640 | ---- | C] () -- C:\Documents and Settings\Dead\Data aplikací\bflusb.dll
[2013.01.13 21:27:16 | 002,265,088 | ---- | C] () -- C:\Documents and Settings\Dead\Data aplikací\bfluart.dll
[2013.01.13 21:27:16 | 002,248,704 | ---- | C] () -- C:\Documents and Settings\Dead\Data aplikací\bfldongle.dll
[2013.01.13 21:27:15 | 002,171,392 | ---- | C] () -- C:\Documents and Settings\Dead\Data aplikací\bfldb.dll
[2013.01.13 16:35:29 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\Dead\Data aplikací\room_v3.dat
[2012.12.24 09:49:52 | 000,123,970 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.12.18 10:06:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.12.18 10:06:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.12.18 10:06:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.12.18 10:06:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012.12.10 21:46:18 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2012.12.09 20:02:45 | 000,001,410 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.12.03 17:37:01 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2012.12.03 17:37:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2012.11.29 16:57:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.11.28 20:25:44 | 000,077,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.11.27 16:08:18 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.11.27 14:59:32 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012.11.27 14:44:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2012.11.27 14:44:19 | 000,003,351 | ---- | C] () -- C:\WINDOWS\System32\drivers\vsp.sys
[2012.11.27 14:06:25 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.11.27 14:06:24 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.11.27 14:06:24 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.11.27 14:05:37 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.11.26 17:21:12 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.11.26 17:14:14 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\Dead\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.26 14:18:40 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.11.26 13:50:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.11.26 13:42:36 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.07.02 21:11:02 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\theowl.dll

========== ZeroAccess Check ==========

[2012.11.28 20:21:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.26 02:59:11 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008.04.14 07:51:42 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.01.14 18:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Acoustica
[2013.10.30 09:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2013.12.21 17:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Canneverbe Limited
[2013.06.04 21:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Caphyon
[2012.11.26 14:17:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2012.12.03 17:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
[2013.06.08 14:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\FarmFrenzy2
[2013.01.14 17:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Garena
[2013.06.24 00:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\GarenaMessenger
[2013.07.18 05:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2013.05.29 19:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit
[2013.10.04 09:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\LogMeIn
[2014.03.03 01:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MAGIX
[2012.11.26 14:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2013.03.10 12:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MGS
[2013.02.16 00:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PMB Files
[2014.03.02 21:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\POP3Profiles
[2013.05.13 16:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\POPWWPROFILES
[2013.01.13 22:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Samsung
[2013.10.15 14:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\SystemRequirementsLab
[2014.01.30 09:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Tunngle
[2014.03.06 22:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\YTD Video Downloader
[2014.03.16 10:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\12143
[2014.02.14 09:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Audacity
[2013.10.31 09:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\AVAST Software
[2012.11.29 01:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\BitTorrent
[2013.12.21 17:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Canneverbe Limited
[2014.03.14 13:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\DAEMON Tools Lite
[2013.04.29 09:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\fizzy
[2014.03.03 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\FlowStone
[2012.11.27 13:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\GHISLER
[2013.08.01 21:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\GlarySoft
[2014.03.03 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Image-Line
[2013.06.05 06:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\IObit
[2013.11.21 10:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\MAGIX
[2012.11.26 14:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Opera
[2012.12.09 19:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Pamela
[2013.01.13 22:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Samsung
[2014.03.12 15:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Spotify
[2014.01.14 18:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\SynthMaker
[2013.09.01 16:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\TeamViewer
[2013.01.13 21:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\temp
[2014.03.15 19:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\TS3Client
[2013.12.22 15:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Tunngle
[2012.12.01 20:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Unity
[2014.03.16 05:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\uTorrent
[2013.05.29 19:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\IObit
[2012.11.30 12:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}

========== Purity Check ==========

========== Custom Scans ==========

< >
[2012.11.26 13:44:25 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.11.26 13:54:02 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.06.05 00:15:27 | 000,032,480 | ---- | C] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2013.10.13 08:48:50 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.10.30 09:46:27 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2014.03.16 10:01:16 | 000,000,374 | ---- | C] () -- C:\WINDOWS\Tasks\AmiUpdXp.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.03.16 10:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\12143
[2012.12.25 17:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Adobe
[2012.11.27 14:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Ahead
[2013.05.29 19:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Apple Computer
[2014.02.14 09:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Audacity
[2013.10.31 09:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\AVAST Software
[2012.11.29 01:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\BitTorrent
[2013.12.21 17:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Canneverbe Limited
[2014.03.14 13:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\DAEMON Tools Lite
[2014.03.02 14:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\dvdcss
[2013.04.29 09:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\fizzy
[2014.03.03 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\FlowStone
[2012.11.27 13:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\GHISLER
[2013.08.01 21:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\GlarySoft
[2012.11.26 17:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Help
[2012.11.26 14:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Identities
[2014.03.03 12:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Image-Line
[2013.06.05 06:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\IObit
[2012.11.28 16:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Macromedia
[2013.11.21 10:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\MAGIX
[2013.04.18 15:27:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dead\Data aplikací\Microsoft
[2013.07.31 23:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Mozilla
[2012.11.28 19:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\NVIDIA
[2012.11.26 14:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Opera
[2012.12.09 19:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Pamela
[2013.01.13 22:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Samsung
[2014.03.16 12:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Skype
[2013.03.13 16:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\skypesender
[2014.03.12 15:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Spotify
[2012.11.28 23:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Sun
[2014.01.14 18:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\SynthMaker
[2013.09.01 16:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\TeamViewer
[2013.01.13 21:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\temp
[2014.03.15 19:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\TS3Client
[2013.12.22 15:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Tunngle
[2012.12.01 20:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Unity
[2014.03.16 05:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\uTorrent
[2013.03.21 00:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Ventrilo
[2014.03.15 19:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\vlc
[2014.03.14 13:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Winamp
[2012.11.28 16:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2014.03.16 10:00:48 | 000,288,840 | ---- | M] () -- C:\Documents and Settings\Dead\Data aplikací\12143\a14211.exe
[2014.03.02 23:27:25 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Dead\Data aplikací\Spotify\spotify.exe
[2014.03.02 23:27:24 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Dead\Data aplikací\Spotify\SpotifyLauncher.exe
[2014.03.02 23:27:16 | 000,603,648 | ---- | M] () -- C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyHelper.exe
[2014.03.02 23:27:16 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe
[2014.03.02 03:30:50 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Dead\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.03.16 13:04:39 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.03.16 10:36:17 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\AmiUpdXp.job
[2014.03.16 10:36:16 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2012.11.26 13:50:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.11.26 13:50:16 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.11.26 13:50:16 | 000,495,616 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.03.14 07:35:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Clownfish" =
"Spotify Web Helper" = "C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe" -- [2014.03.02 23:27:16 | 001,171,968 | ---- | M] (Spotify Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008.04.14 07:52:28 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=414AFE6E8CCDE984E16D5ED08624CEC6 -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.11.26 14:09:45 | 000,878,480 | ---- | M] (Opera Software) MD5=E96462DD021F65D61D3F97056C3EF236 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.03.16 12:47:15 | 000,000,512 | ---- | M] () MD5=8B24E8CA1E492762EC3F5082814CEB47 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.03.10 17:31:33 | 000,013,561 | ---- | M] () -- \Documents and Settings\Dead\Data aplikací\uTorrent\SimCity 4 Deluxe + Crack.torrent
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Documents and Settings\Dead\Dokumenty\Image-Line\Data\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2013.03.12 11:47:38 | 000,007,624 | ---- | M] () -- \Program Files\Image-Line\FL Studio 11\Data\Patches\Packs\Drums\Percussion\FPC Ice Crack.wav
[2012.10.02 09:41:48 | 000,000,400 | ---- | M] () -- \Program Files\Image-Line\FL Studio 11\Data\Patches\Plugin presets\Generators\Drumpad\Sound FX\Crack.fst
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files\Image-Line\FL Studio 11\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files\Image-Line\FL Studio 11\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files\Image-Line\FL Studio 11\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch

< *keygen* /s >

< *loader* /s >
[2013.01.15 06:50:05 | 000,020,813 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\GarenaMessenger\update\12169\FileLoader.dll
[2013.01.31 06:02:47 | 000,945,655 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\GarenaMessenger\update\12177\ggdownloader.dll
[2013.01.31 05:51:17 | 000,027,494 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\GarenaMessenger\update\12177\bbtalk\BTalkLoader.exe
[2013.06.24 00:19:54 | 000,080,425 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\GarenaMessenger\update\12226\bbtalk\GarenaTalkLoader.exe
[2013.06.24 00:11:00 | 000,020,929 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\GarenaMessenger\UpdateManager\12184\FileLoader.dll
[2013.06.24 00:16:07 | 000,080,425 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\GarenaMessenger\UpdateManager\12226\bbtalk\GarenaTalkLoader.exe
[2013.03.10 13:00:22 | 000,000,305 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\MGS\cache\l\lobby_loader.6216dae748b24fc9c595db78b2b0c194.inf
[2013.03.10 13:00:24 | 000,004,554 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2013.06.19 15:59:00 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.06.19 15:59:00 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\Skype\Apps\login\images\loader.png
[2013.06.19 15:59:00 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2014.02.19 21:10:37 | 000,001,880 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\YTD Video Downloader\YTD Video Downloader.lnk
[2014.03.06 20:19:50 | 000,000,244 | ---- | M] () -- \Documents and Settings\Dead\Data aplikacÃ\Image-Line\Downloader\Temp\fldownloader_downloader_win_free.zip
[2013.01.13 21:29:12 | 000,006,612 | ---- | M] () -- \Documents and Settings\Dead\Data aplikací\temp\flashloader.log.2013-01-13_21.27.19.csv
[2013.01.13 21:45:18 | 000,006,481 | ---- | M] () -- \Documents and Settings\Dead\Data aplikací\temp\flashloader.log.2013-01-13_21.38.40.csv
[2013.05.29 20:53:40 | 000,003,026 | ---- | M] () -- \Documents and Settings\Dead\Dokumenty\záložky\Downloads\World of Warcraft 3.3.5a (no install)\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2013.05.29 20:53:40 | 000,004,261 | ---- | M] () -- \Documents and Settings\Dead\Dokumenty\záložky\Downloads\World of Warcraft 3.3.5a (no install)\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2013.09.10 14:27:40 | 000,000,338 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fdownloader.zex.cz%2Ffavicon.png
[2014.03.01 01:15:55 | 000,000,214 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fstep.yourfiledownloader.com%2Fstatic%2Fa%2Fimages%2Ffavicon.png
[2014.02.19 21:09:12 | 000,000,749 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2014.02.19 21:11:49 | 000,000,749 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.ytddownloader.com%2Ffavicon.png
[2013.10.16 18:03:17 | 000,012,811 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Data aplikací\Overwolf\InstallerCache\preloader_3337.gif
[2014.03.14 22:45:52 | 000,001,870 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Temp\Temporary Internet Files\Content.IE5\SRQISTSO\AdLoader[1].htm
[2014.03.14 20:15:53 | 000,112,122 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Temp\Temporary Internet Files\Content.IE5\SXTTLO52\AdLoader-7b473315d0084c71df83cdee72aab144.min[2].js
[2014.03.15 15:22:54 | 000,112,122 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Temporary Internet Files\Content.IE5\M1MZE7SJ\AdLoader-7b473315d0084c71df83cdee72aab144.min[2].js
[2014.03.16 12:43:52 | 000,001,870 | ---- | M] () -- \Documents and Settings\Dead\Local Settings\Temporary Internet Files\Content.IE5\M1MZE7SJ\AdLoader[1].htm
[2013.11.05 07:07:22 | 000,009,454 | ---- | M] () -- \Documents and Settings\Dead\Plocha\G@M€S\Game Dev Tycoon\libs\html5Preloader.js
[2014.02.19 21:10:37 | 000,000,942 | ---- | M] () -- \Documents and Settings\Dead\Plocha\Programi\YTD Video Downloader.lnk
[2003.09.15 14:02:00 | 000,169,384 | ---- | M] () -- \Games\Counter-Strike 1.6 Non-Steam\cstrike\models\qloader.mdl
[2003.09.15 13:55:50 | 000,352,548 | ---- | M] () -- \Games\Counter-Strike 1.6 Non-Steam\valve\models\loader.mdl
[2003.09.15 13:56:04 | 000,012,764 | ---- | M] () -- \Games\Counter-Strike 1.6 Non-Steam\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 13:56:04 | 000,012,164 | ---- | M] () -- \Games\Counter-Strike 1.6 Non-Steam\valve\sound\ambience\loader_step1.wav
[2014.02.17 15:17:36 | 000,192,384 | ---- | M] () -- \Games\GameforgeLive\MultiHTTPDownloader.exe
[2014.02.13 13:32:54 | 000,006,490 | ---- | M] () -- \Games\GameforgeLive\HTML\css\downloader.css
[2007.03.12 13:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.dll
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.tlb
[2010.11.30 00:32:34 | 000,170,288 | ---- | M] () -- \Program Files\Cheat Engine 6.2\Kernelmoduleunloader.exe
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014.03.06 20:14:30 | 000,030,908 | ---- | M] () -- \WINDOWS\Prefetch\ILDOWNLOADER_INSTALL.EXE-119A28D2.pf
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< End of report >

Ryuu · #10 Příspěvek od **Ryuu** » 16 bře 2014 14:09

OTL Extras logfile created on: 16.3.2014 12:41:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dead\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,49 Mb Total Physical Memory | 228,88 Mb Available Physical Memory | 44,75% Memory free
1,22 Gb Paging File | 0,89 Gb Available in Paging File | 73,15% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 84,21 Gb Free Space | 56,50% Space Free | Partition Type: NTFS

Computer Name: CAPTAIN | User Name: Dead | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Games\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Games\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57059:TCP" = 57059:TCP:*:Enabled:Pando Media Booster
"57059:UDP" = 57059:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"57059:TCP" = 57059:TCP:*:Enabled:Pando Media Booster
"57059:UDP" = 57059:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe" = C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess -- (PandoraTV)
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe" = C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService -- (Pandora.TV)
"C:\Documents and Settings\Dead\Games\Unreal Tournament 2004\System\UT2004.exe" = C:\Documents and Settings\Dead\Games\Unreal Tournament 2004\System\UT2004.exe:*:Enabled:UT2004
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Games\Counter-Strike 1.6 Non-Steam\hl.exe" = C:\Games\Counter-Strike 1.6 Non-Steam\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Documents and Settings\Dead\Plocha\Ekura\client.bin" = C:\Documents and Settings\Dead\Plocha\Ekura\client.bin:*:Enabled:client
"C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Games\Tunngle\TnglCtrl.exe" = C:\Games\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service -- (Tunngle.net GmbH)
"C:\Games\Tunngle\Tunngle.exe" = C:\Games\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client -- (Tunngle.net GmbH)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Games\Warcraft III Frozen Throne\Warcraft III.exe" = C:\Games\Warcraft III Frozen Throne\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Documents and Settings\Dead\Data aplikací\Spotify\spotify.exe" = C:\Documents and Settings\Dead\Data aplikací\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Games\GameforgeLive\gfl_client.exe" = C:\Games\GameforgeLive\gfl_client.exe:*:Enabled:Gameforge Live -- ()
"C:\Games\Elsword_EN\data\x2.exe" = C:\Games\Elsword_EN\data\x2.exe:*:Enabled:Elsword -- ()
"C:\Documents and Settings\Dead\Plocha\SpaceWorldLauncher.exe" = C:\Documents and Settings\Dead\Plocha\SpaceWorldLauncher.exe:*:Enabled:SpaceWorld Launcher

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43DEB1FB-DB13-8CBE-C3A3-D102F8BADED4}_is1" = Skype 6.7.0.0 version for Windows
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{91BA5476-8B26-49E4-84B2-9EFE10917B33}" = LogMeIn Hamachi
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.10.1 "Legend"
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{D6782F44-58DB-4DE5-A65C-890320CF3F99}" = Prince of Persia The Two Thrones
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E362724E-9320-4946-AF34-874E7B6B2927}" = System Requirements Lab CYRI
"{EA2D9BC0-75E9-4975-9A0A-DD82198DDC53}" = MSXML 6.0 Parser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Clownfish" = Clownfish for Skype
"Counter-Strike 1.6 Non-Steam 1.0" = Counter-Strike 1.6 Non-Steam 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"Elsword_EN_is1" = Elsword_EN
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"FormatFactory" = FormatFactory 2.95
"Fraps" = Fraps (remove only)
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MoodEditor" = Pamela RME 2.0
"NosTale(CZ)_is1" = Nostale(CZ)
"Opera 12.11.1661" = Opera 12.11
"Revo Uninstaller" = Revo Uninstaller 1.95
"Sandboxie" = Sandboxie 3.74 (32-bit)
"Skype 6.7.0.0" = Skype 6.7.0.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"Totalcmd" = Total Commander (Remove or Repair)
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 2.0.6
"Warcraft III eSK 1.26.0.6401" = Warcraft III eSK 1.26.0.6401
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18.2.2014 10:05:33 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 22.2.2014 14:37:44 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0020090d.

Error - 1.3.2014 13:36:40 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace skype.exe, verze 6.7.59.102, chybující modul kernel32.dll,
verze 5.1.2600.6293, adresa chyby 0x0000984e.

Error - 3.3.2014 8:33:33 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace fl.exe, verze 1.1.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x03a3ff2e.

Error - 3.3.2014 9:26:29 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace au_.exe, verze 11.0.0.0, chybující modul user32.dll,
verze 5.1.2600.5512, adresa chyby 0x0001401c.

Error - 4.3.2014 17:35:25 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace nero.exe, verze 7.8.5.0, chybující modul nerofiledialog.dll,
verze 2.0.5.0, adresa chyby 0x00013a37.

Error - 11.3.2014 8:10:28 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace fl.exe, verze 1.1.0.0, chybující modul kernel32.dll,
verze 5.1.2600.6293, adresa chyby 0x00012fd3.

Error - 11.3.2014 8:10:28 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace fl.exe, verze 1.1.0.0, chybující modul kernel32.dll,
verze 5.1.2600.6293, adresa chyby 0x00012fd3.

Error - 11.3.2014 8:10:28 | Computer Name = CAPTAIN | Source = Application Error | ID = 1000
Description = Chybující aplikace fl.exe, verze 1.1.0.0, chybující modul kernel32.dll,
verze 5.1.2600.6293, adresa chyby 0x00012fd3.

Error - 16.3.2014 5:26:27 | Computer Name = CAPTAIN | Source = .NET Runtime | ID = 1026
Description = Aplikace: SpaceWorldLauncher.exe Verze Framework: v4.0.30319 Popis:
Proces byl ukončen z důvodu neošetřené výjimky. Informace o výjimce: System.InvalidOperationException
Zásobník:

na Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()

na Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])

na . . (System.String[])

[ System Events ]
Error - 15.3.2014 8:25:11 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7034
Description = Služba LMIGuardianSvc byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 15.3.2014 8:25:11 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 15.3.2014 8:25:11 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 15.3.2014 8:25:11 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 15.3.2014 8:25:11 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7034
Description = Služba Jednoduché služby TCP/IP byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 15.3.2014 8:28:50 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.

Error - 16.3.2014 2:21:30 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.

Error - 16.3.2014 5:24:15 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7034
Description = Služba LogMeIn Hamachi Tunneling Engine byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 16.3.2014 5:38:01 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.

Error - 16.3.2014 5:59:00 | Computer Name = CAPTAIN | Source = Service Control Manager | ID = 7034
Description = Služba LogMeIn Hamachi Tunneling Engine byla neočekávaně ukončena.
Tento stav nastal již 1krát.

< End of report >

#11 Příspěvek od **vyosek** » 16 bře 2014 16:47

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewdcsc.sys -- (Huawei)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap52q8t5)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.atarata.com/?pid=1550
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.atarata.com/?pid=1550
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-854245398-1897051121-842925246-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O4 - HKU\S-1-5-21-854245398-1897051121-842925246-1003..\Run: [Clownfish] File not found
O4 - HKU\S-1-5-21-854245398-1897051121-842925246-1003..\Run: [Spotify Web Helper] C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
[2013.05.29 19:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit
[2012.11.26 14:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2013.06.05 06:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\IObit
[2014.03.12 15:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dead\Data aplikací\Spotify
[2014.03.16 10:00:48 | 000,288,840 | ---- | M] () -- C:\Documents and Settings\Dead\Data aplikací\12143\a14211.exe
[2014.03.02 23:27:25 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Dead\Data aplikací\Spotify\spotify.exe
[2014.03.02 23:27:24 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Dead\Data aplikací\Spotify\SpotifyLauncher.exe
[2014.03.02 23:27:16 | 000,603,648 | ---- | M] () -- C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyHelper.exe
[2014.03.02 23:27:16 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe
[2014.03.02 03:30:50 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Dead\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe
[2014.03.16 13:04:39 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.03.16 10:36:17 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\AmiUpdXp.job
[2014.03.16 10:36:16 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Ryuu · #12 Příspěvek od **Ryuu** » 16 bře 2014 17:32

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service hwusbdev stopped successfully!
Service hwusbdev deleted successfully!
File system32\DRIVERS\ewusbdev.sys not found.
Service hwdatacard stopped successfully!
Service hwdatacard deleted successfully!
File system32\DRIVERS\ewusbmdm.sys not found.
Service Huawei stopped successfully!
Service Huawei deleted successfully!
File system32\DRIVERS\ewdcsc.sys not found.
Service EagleXNt stopped successfully!
Service EagleXNt deleted successfully!
File C:\WINDOWS\system32\drivers\EagleXNt.sys not found.
Error: No service named ap52q8t5 was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ap52q8t5 deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-854245398-1897051121-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish deleted successfully.
Registry value HKEY_USERS\S-1-5-21-854245398-1897051121-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper deleted successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit\Game Booster 3 folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData\survey folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData\pack folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\IObit Uninstaller\Language folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\IObit Uninstaller folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\SmartRAM folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Registrycleaner\backup folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Registrycleaner folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Internet Booster folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Driver Manager\DriverBackup folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Driver Manager folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Cookies folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\suggest folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\share folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\search folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\radio folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\profile folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\playlist-header folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\notification-center folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\messages folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\follow folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\finder folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\feed folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\discover folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\artist folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps\album folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user\Apps folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users\11132744982-user folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Users folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\locales folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify\Data folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\Spotify folder moved successfully.
C:\Documents and Settings\Dead\Data aplikací\12143\a14211.exe moved successfully.
File C:\Documents and Settings\Dead\Data aplikací\Spotify\spotify.exe not found.
File C:\Documents and Settings\Dead\Data aplikací\Spotify\SpotifyLauncher.exe not found.
File C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyHelper.exe not found.
File C:\Documents and Settings\Dead\Data aplikací\Spotify\Data\SpotifyWebHelper.exe not found.
C:\Documents and Settings\Dead\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\AmiUpdXp.job moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: All Users.WINDOWS

User: Dead
->Temp folder emptied: 69422394 bytes
->Temporary Internet Files folder emptied: 12310098 bytes
->Opera cache emptied: 54100191 bytes
->Flash cache emptied: 3392 bytes

User: Default User

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NosTale
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 84313 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 130,00 mb

[EMPTYFLASH]

User: All Users

User: All Users.WINDOWS

User: Dead
->Flash cache emptied: 0 bytes

User: Default User

User: Default User.WINDOWS

User: LocalService

User: NetworkService

User: NosTale

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: All Users.WINDOWS

User: Dead

User: Default User

User: Default User.WINDOWS

User: LocalService

User: NetworkService

User: NosTale

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03162014_173022

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Dead\Local Settings\Temp\Temporary Internet Files\Content.IE5\MHMN41MR\c=0&u_tz=60&u_his=0&u_java=1&u_h=1024&u_w=1280&u_ah=994&u_aw=1280&u_cd=32&u_nplug=0&u_nmime=0&dff=arial&dfs=15&adx=0&ady=0&biw=775&bih=600&oid=3&rs=0&osd=1&vis=0&fu=0&ifi=1&dtd=1468 not found!
File\Folder C:\Documents and Settings\Dead\Local Settings\Temp\Temporary Internet Files\Content.IE5\0HUBO9K9\fc=1&u_tz=60&u_his=0&u_java=1&u_h=1024&u_w=1280&u_ah=994&u_aw=1280&u_cd=32&u_nplug=0&u_nmime=0&dff=arial&dfs=15&adx=0&ady=0&biw=775&bih=600&oid=3&rs=0&osd=1&vis=0&fu=0&ifi=1&dtd=250 not found!
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 16 bře 2014 17:41

Jak se chova PC??

Ryuu · #14 Příspěvek od **Ryuu** » 16 bře 2014 18:21

celkové zatížení se radikálně snížilo aj lagy částečně ustopily takže si myslím že dobře

#15 Příspěvek od **vyosek** » 16 bře 2014 18:39

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

"Jarní" uklid xD

"Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD

Re: "Jarní" uklid xD