VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o pomoc

https://forum.viry.cz:443/viewtopic.php?t=132009

Stránka 2 z 2

Re: Prosím o pomoc

Napsal: 14 srp 2013 09:28
od SimčaBrunoMars
:arrow: log po oprava host

RogueKiller V8.6.5 [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Lenovo [Admin rights]
Mode : HOSTSFix -- Date : 08/14/2013 10:27:54
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\DOCUME~1\Lenovo\LOCALS~1\Temp\CmdLineExt.dll [x] -> UNLOADED

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Reset HOSTS: ¤¤¤
127.0.0.1 localhost


Finished : << RKreport[0]_H_08142013_102754.txt >>
RKreport[0]_D_08142013_095124.txt;RKreport[0]_S_08132013_100655.txt;RKreport[0]_S_08142013_095013.txt
RKreport[0]_S_08142013_100417.txt

Re: Prosím o pomoc

Napsal: 14 srp 2013 18:28
od Márty84
:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Prosím o pomoc

Napsal: 15 srp 2013 06:03
od SimčaBrunoMars
:arrow: log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lenovo at 2013-08-15 07:01:54
Microsoft Windows XP Professional Service Pack 3
System drive C: has 453 MB (1%) free of 33 GB
Total RAM: 1013 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:01:59, on 15.8.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lenovo\My Documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Lenovo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=SK
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=SK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5984967625
O20 - AppInit_DLLs: c:\progra~1\savesh~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Ltd. - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

--
End of file - 5795 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AmiUpdXp.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Symantec NetDetect.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-08 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-08 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-08 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-06-08 114688]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"AMSG"=C:\Program Files\ThinkVantage\AMSG\Amsg.exe [2005-10-05 487424]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2005-09-08 102400]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\savesh~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\SYSTEM32\igfxdev.dll [2005-06-08 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\SYSTEM32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe"="C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe"="C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.dvsd"=pdvcodec.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.ffds"=ffdshow.ax
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2013-08-14 12:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\Freemake
2013-08-14 12:54:08 ----D---- C:\Program Files\Freemake
2013-08-14 09:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2862772$
2013-08-14 09:50:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 09:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 09:48:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 09:47:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 15:56:57 ----D---- C:\Documents and Settings\Lenovo\Application Data\SwvUpdater
2013-08-13 15:26:59 ----D---- C:\Program Files\WebSearch
2013-08-13 10:20:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2013-08-12 07:53:47 ----D---- C:\Documents and Settings\Lenovo\Application Data\Malwarebytes
2013-08-12 07:53:30 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-08-11 16:37:49 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-08-11 16:37:49 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-08-11 16:37:47 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-08-11 16:37:46 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-08-11 16:37:46 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-08-11 16:37:46 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-08-11 16:37:45 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-08-11 16:37:44 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-08-11 16:37:44 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-08-11 16:37:04 ----A---- C:\WINDOWS\avastSS.scr
2013-08-11 16:35:22 ----D---- C:\Program Files\AVAST Software
2013-08-11 16:34:42 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2013-08-11 16:22:15 ----A---- C:\AdwCleaner[S1].txt
2013-08-10 11:21:21 ----D---- C:\Program Files\trend micro
2013-08-10 11:21:15 ----D---- C:\rsit
2013-08-10 11:11:41 ----A---- C:\AdwCleaner[R1].txt
2013-08-10 10:35:26 ----A---- C:\TDSSKiller.2.8.16.0_10.08.2013_10.35.26_log.txt
2013-08-10 10:24:30 ----A---- C:\WINDOWS\wininit.ini
2013-08-10 10:20:39 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2013-08-10 09:42:10 ----D---- C:\Program Files\Enigma Software Group
2013-08-10 09:41:11 ----D---- C:\WINDOWS\471D8B37C5B344579FA1B3C693334F4F.TMP
2013-08-10 09:41:01 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-08-09 11:19:04 ----D---- C:\Program Files\TuneUp Utilities 2013
2013-08-09 11:18:33 ----D---- C:\WINDOWS\system32\Extensions
2013-08-09 11:18:32 ----D---- C:\WINDOWS\system32\searchplugins
2013-08-09 11:17:08 ----D---- C:\Program Files\Mozilla Firefox
2013-08-09 11:14:45 ----D---- C:\Program Files\DVDVideoSoft
2013-08-09 11:13:35 ----D---- C:\Documents and Settings\Lenovo\Application Data\DVDVideoSoft
2013-08-08 12:36:46 ----D---- C:\WINDOWS\system32\MRT
2013-08-08 11:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2013-08-08 10:57:54 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-08-08 10:57:53 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-08-08 10:57:52 ----A---- C:\WINDOWS\system32\javaws.exe
2013-08-08 10:57:33 ----A---- C:\WINDOWS\system32\javaw.exe
2013-08-08 10:57:33 ----A---- C:\WINDOWS\system32\java.exe
2013-08-08 10:55:19 ----D---- C:\Program Files\Java
2013-08-08 10:44:20 ----D---- C:\Documents and Settings\Lenovo\Application Data\Sun
2013-08-08 10:23:56 ----D---- C:\Documents and Settings\Lenovo\Application Data\TuneUp Software
2013-08-08 10:23:33 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2013-08-08 10:23:21 ----SHD---- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-08 10:23:21 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files
2013-08-08 09:22:13 ----D---- C:\430e42cd5ef2561708c0ea2e
2013-08-07 22:39:46 ----D---- C:\WINDOWS\system32\XPSViewer
2013-08-07 22:39:41 ----D---- C:\Program Files\MSBuild
2013-08-07 22:39:32 ----D---- C:\Program Files\Reference Assemblies
2013-08-07 22:39:00 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2013-08-07 22:39:00 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2013-08-07 22:39:00 ----N---- C:\WINDOWS\system32\prntvpt.dll
2013-08-07 22:39:00 ----D---- C:\7cf3dc835a07b4ae2f20493eab
2013-08-07 20:00:47 ----D---- C:\3c2b788061bb4029ed9afa86fd
2013-08-07 20:00:42 ----D---- C:\f0592dee565404027c
2013-08-07 10:27:16 ----D---- C:\Program Files\directx
2013-08-07 10:23:35 ----D---- C:\Program Files\Rockstar Games
2013-08-07 10:15:12 ----D---- C:\WINDOWS\system32\LogFiles
2013-08-07 10:14:47 ----D---- C:\Documents and Settings\All Users\Application Data\Backup
2013-08-07 10:12:04 ----D---- C:\Program Files\Panda Security
2013-08-07 10:02:07 ----D---- C:\3a34bc99c8d9dca79d620b
2013-08-07 10:02:01 ----D---- C:\a7b7c114cd834d5c289b1ed2141e710f
2013-08-06 20:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2013-08-06 20:26:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2013-08-06 20:26:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2013-08-06 20:26:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2013-08-06 20:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2013-08-06 20:25:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2013-08-06 20:25:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2013-08-06 20:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2013-08-06 20:24:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2013-08-06 20:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2013-08-06 20:24:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2013-08-06 20:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2850851$
2013-08-06 20:24:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2013-08-06 20:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2013-08-06 20:24:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2013-08-06 20:23:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2013-08-06 20:23:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2013-08-06 20:23:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2013-08-06 20:23:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$
2013-08-06 20:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2013-08-06 20:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2013-08-06 20:23:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2013-08-06 20:23:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2013-08-06 20:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-08-06 20:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2013-08-06 20:22:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2013-08-06 20:22:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2013-08-06 20:22:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2013-08-06 20:22:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2013-08-06 20:22:20 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2013-08-06 20:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2013-08-06 20:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-08-06 20:22:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$
2013-08-06 20:21:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2013-08-06 20:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2013-08-06 20:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2013-08-06 20:21:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2013-08-06 20:21:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2013-08-06 20:21:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2013-08-06 20:21:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2013-08-06 20:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$
2013-08-06 20:20:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2013-08-06 20:20:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2013-08-06 20:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2839229$
2013-08-06 20:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2013-08-06 20:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2013-08-06 20:20:20 ----A---- C:\WINDOWS\system32\MRT.INI
2013-08-06 20:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2013-08-06 20:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2834902_WM10$
2013-08-06 20:16:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-08-06 20:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2013-08-06 20:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-08-06 20:16:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2013-08-06 20:16:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2013-08-06 20:16:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2013-08-06 20:16:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-08-06 20:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2013-08-06 20:15:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2013-08-06 20:15:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2013-08-06 20:15:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2013-08-06 20:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2013-08-06 20:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2013-08-06 20:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2013-08-06 20:15:09 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2013-08-06 20:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2013-08-06 20:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2013-08-06 20:14:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2013-08-06 20:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-08-06 20:14:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2013-08-06 20:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2013-08-06 20:14:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2013-08-06 20:14:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2013-08-06 20:14:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2013-08-06 20:13:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2013-08-06 20:13:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2013-08-06 20:13:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2013-08-06 20:13:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2013-08-06 20:13:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2846071$
2013-08-06 20:13:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2013-08-06 20:12:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2013-08-06 16:49:22 ----D---- C:\Documents and Settings\All Users\Application Data\StarApp
2013-08-06 16:48:37 ----D---- C:\Program Files\SaveShare
2013-08-06 16:48:10 ----D---- C:\Documents and Settings\All Users\Application Data\InstallMate
2013-08-06 15:03:10 ----D---- C:\Documents and Settings\Lenovo\Application Data\Unity
2013-08-06 14:27:25 ----N---- C:\WINDOWS\system32\iacenc.dll
2013-08-03 13:17:44 ----D---- C:\Program Files\KeyNote
2013-08-03 13:01:39 ----D---- C:\Program Files\project dogwaffle
2013-08-01 20:11:43 ----D---- C:\Program Files\Centauri
2013-08-01 19:43:10 ----D---- C:\Program Files\Eidos

======List of files/folders modified in the last 1 month======

2013-08-15 06:59:26 ----RSD---- C:\WINDOWS\assembly
2013-08-15 06:58:59 ----D---- C:\WINDOWS\Microsoft.NET
2013-08-15 06:56:52 ----D---- C:\WINDOWS\Temp
2013-08-14 12:54:08 ----RD---- C:\Program Files
2013-08-14 11:43:06 ----AD---- C:\WINDOWS
2013-08-14 11:41:25 ----AD---- C:\WINDOWS\system32
2013-08-14 11:40:27 ----D---- C:\WINDOWS\system32\CatRoot2
2013-08-14 11:40:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-08-14 10:03:45 ----D---- C:\WINDOWS\system32\drivers
2013-08-14 09:55:45 ----A---- C:\WINDOWS\system32\MRT.exe
2013-08-14 09:52:36 ----HD---- C:\WINDOWS\inf
2013-08-14 09:52:24 ----RSHD---- C:\WINDOWS\system32\dllcache
2013-08-14 09:50:55 ----A---- C:\WINDOWS\imsins.BAK
2013-08-14 09:45:24 ----SHD---- C:\WINDOWS\Installer
2013-08-14 09:43:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-14 09:42:33 ----D---- C:\WINDOWS\WinSxS
2013-08-13 15:58:29 ----SD---- C:\WINDOWS\Tasks
2013-08-13 15:26:44 ----D---- C:\WINDOWS\Prefetch
2013-08-13 09:31:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2013-08-13 07:46:30 ----SHD---- C:\System Volume Information
2013-08-13 07:46:30 ----D---- C:\WINDOWS\system32\Restore
2013-08-11 16:44:11 ----D---- C:\WINDOWS\system32\drivers\etc
2013-08-11 16:44:11 ----D---- C:\Program Files\Common Files
2013-08-11 14:52:50 ----D---- C:\Program Files\Lexmark X1100 Series
2013-08-10 10:24:52 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2013-08-10 10:20:18 ----D---- C:\WINDOWS\system32\config
2013-08-10 10:00:59 ----D---- C:\Temp
2013-08-10 09:26:59 ----D---- C:\WINDOWS\Help
2013-08-09 12:08:16 ----D---- C:\Program Files\Google
2013-08-09 11:56:32 ----D---- C:\Program Files\ePlaybus.com
2013-08-09 11:56:31 ----D---- C:\Program Files\Windows Media Connect
2013-08-09 11:56:30 ----D---- C:\Program Files\Messenger
2013-08-08 11:10:45 ----D---- C:\WINDOWS\system32\CatRoot
2013-08-08 11:03:00 ----D---- C:\WINDOWS\SoftwareDistribution
2013-08-08 11:02:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-08-08 10:56:55 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-08-08 10:22:52 ----D---- C:\ProgramData
2013-08-07 22:39:39 ----D---- C:\WINDOWS\system32\en-us
2013-08-07 22:39:37 ----RSD---- C:\WINDOWS\Fonts
2013-08-07 22:39:13 ----D---- C:\WINDOWS\system32\spool
2013-08-07 19:13:30 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2013-08-07 11:23:46 ----D---- C:\Program Files\EA GAMES
2013-08-07 10:23:34 ----HD---- C:\Program Files\InstallShield Installation Information
2013-08-07 10:07:03 ----D---- C:\WINDOWS\Minidump
2013-08-06 20:27:01 ----HD---- C:\WINDOWS\$hf_mig$
2013-08-06 20:15:11 ----D---- C:\Program Files\Movie Maker
2013-08-06 20:13:22 ----D---- C:\Program Files\Outlook Express
2013-08-06 14:46:53 ----SD---- C:\Documents and Settings\Lenovo\Application Data\Microsoft
2013-08-03 14:59:06 ----A---- C:\WINDOWS\win.ini
2013-08-02 10:11:31 ----D---- C:\Program Files\Pohadka
2013-08-01 20:14:04 ----D---- C:\Program Files\Windows Media Player
2013-07-25 01:13:01 ----A---- C:\WINDOWS\system32\wininet.dll
2013-07-25 01:13:00 ----A---- C:\WINDOWS\system32\urlmon.dll
2013-07-25 01:12:59 ----A---- C:\WINDOWS\system32\url.dll
2013-07-25 01:12:59 ----A---- C:\WINDOWS\system32\shdocvw.dll
2013-07-25 01:12:58 ----A---- C:\WINDOWS\system32\mstime.dll
2013-07-25 01:12:58 ----A---- C:\WINDOWS\system32\mshtmled.dll
2013-07-25 01:12:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-07-25 01:12:55 ----A---- C:\WINDOWS\system32\iepeers.dll
2013-07-25 01:12:54 ----A---- C:\WINDOWS\system32\ieencode.dll
2013-07-25 01:12:54 ----A---- C:\WINDOWS\system32\browseui.dll
2013-07-16 17:46:31 ----N---- C:\WINDOWS\system32\tzchange.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-11 175176]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-04-07 43872]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-11 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-11 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys []
R2 PROCDD;IPS Helper Driver; C:\WINDOWS\system32\DRIVERS\PROCDD.SYS [2005-09-02 5120]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-07-19 163840]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-03-31 180736]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-08 1050140]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 TPM12;NSC Integrated Trusted Platform Module 1.2; C:\WINDOWS\system32\DRIVERS\nsctpm12.sys [2005-04-21 13056]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 IPSSVC;IPS Core Service; C:\WINDOWS\system32\IPSSVC.EXE [2005-09-02 73728]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-08-08 182184]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-09 116648]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-09 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-07 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
S3 WmcCdsLs;Windows Media Connect (WMC) Helper; C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o pomoc

Napsal: 15 srp 2013 06:51
od SimčaBrunoMars
tu je polovica logu z otl.txt :arrow:
OTL logfile created on: 15.8.2013 7:05:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Lenovo\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

1012,67 Mb Total Physical Memory | 506,48 Mb Available Physical Memory | 50,01% Memory free
2,37 Gb Paging File | 1,94 Gb Available in Paging File | 81,97% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,61 Gb Total Space | 0,44 Gb Free Space | 1,35% Space Free | Partition Type: NTFS

Computer Name: LENOVO-47049E37 | User Name: Lenovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.08.15 07:04:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lenovo\My Documents\Downloads\OTL.exe
PRC - [2013.08.09 12:07:51 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013.08.08 10:56:50 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.07.24 17:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.05.09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008.04.13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.09.02 01:00:00 | 000,073,728 | ---- | M] (Lenovo Ltd.) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2003.08.19 08:00:40 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
PRC - [2003.08.19 07:36:22 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe


========== Modules (No Company Name) ==========

MOD - [2013.08.14 10:11:42 | 002,092,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13081401\algo.dll
MOD - [2013.07.24 17:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013.07.24 17:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013.07.24 17:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013.01.24 04:25:02 | 001,044,480 | ---- | M] () -- c:\Program Files\WebSearch\sprotector.dll
MOD - [2013.01.24 04:16:54 | 001,050,112 | ---- | M] () -- c:\Program Files\SaveShare\sprotector.dll
MOD - [2005.09.08 01:01:00 | 000,057,344 | ---- | M] () -- C:\Program Files\ThinkVantage\PrdCtr\US\LPRESMGR.DLL
MOD - [2005.09.02 01:00:00 | 000,131,072 | ---- | M] () -- C:\Program Files\Lenovo\AwayTask\AWAYDB.DLL
MOD - [2005.07.20 03:34:28 | 000,126,976 | ---- | M] () -- C:\Program Files\ThinkVantage\AMSG\ahlprunl.dll
MOD - [2005.06.30 03:54:50 | 000,180,224 | ---- | M] () -- C:\Program Files\ThinkVantage\AMSG\AcpPollingEngine.dll
MOD - [2003.08.03 12:58:08 | 000,065,536 | ---- | M] () -- C:\Program Files\Lexmark X1100 Series\ConvDIB.dll
MOD - [2003.07.29 06:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.08.08 10:56:50 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.05.09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2005.09.02 01:00:00 | 000,073,728 | ---- | M] (Lenovo Ltd.) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2004.08.11 00:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Windows Media Connect\mswmccds.exe -- (WmcCds)
SRV - [2004.08.10 21:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2013.08.11 16:45:13 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.11 16:45:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.11 16:45:13 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.05.09 01:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 01:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 01:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 01:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.05.09 01:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2005.09.02 01:00:00 | 000,005,120 | ---- | M] (Lenovo Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2005.08.11 13:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005.04.21 15:28:32 | 000,013,056 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nsctpm12.sys -- (TPM12)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=SK
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pur-esult.info/?l=1&q= ... g=EN&cc=SK


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=SK
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pur-esult.info/?l=1&q= ... g=EN&cc=SK
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Lenovo\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ [2013.08.14 12:55:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2013.08.14 12:55:35 | 000,000,000 | ---D | M]

[2013.08.09 11:17:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: http://google.sk/
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh\1.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jchepaljijgokkoflakjioknkfolenbk\1.7.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf\3.0.1.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok\4.2.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak\0.2.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pnfmmijkhkjjlbkcgpclhcpoaibflblc\1_0\

O1 HOSTS File: ([2013.08.14 10:27:54 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 5984967625 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED4D4B14-3A85-407C-9637-572EE4CCA7AA}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\Msdxm6.ocx (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\savesh~1\sprote~1.dll) - c:\Program Files\SaveShare\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\websea~1\sprote~1.dll) - c:\Program Files\WebSearch\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Lenovo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lenovo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.19 18:19:36 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: vidc.ffds - ffdshow.ax File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Ligos Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.08.14 12:55:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\My Documents\Freemake
[2013.08.14 12:55:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Start Menu\Programs\Freemake
[2013.08.14 12:55:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Freemake
[2013.08.14 12:55:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2013.08.14 12:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake
[2013.08.13 15:56:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Application Data\SwvUpdater
[2013.08.13 15:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\WebSearch
[2013.08.12 07:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Application Data\Malwarebytes
[2013.08.12 07:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013.08.11 16:37:49 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.08.11 16:37:49 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.08.11 16:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2013.08.11 16:37:47 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.08.11 16:37:46 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.08.11 16:37:46 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.08.11 16:37:44 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.08.11 16:37:44 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.08.11 16:37:04 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.08.11 16:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.08.11 16:34:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013.08.10 11:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.08.10 11:21:15 | 000,000,000 | ---D | C] -- C:\rsit
[2013.08.10 10:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Local Settings\Application Data\Norman Malware Cleaner
[2013.08.10 10:20:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013.08.10 09:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.08.10 09:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.08.09 12:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013.08.09 11:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2013.08.09 11:18:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
[2013.08.09 11:18:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
[2013.08.09 11:17:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.08.09 11:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.08.09 11:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Application Data\DVDVideoSoft
[2013.08.08 12:36:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013.08.08 10:57:55 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.08.08 10:57:54 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.08.08 10:57:53 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.08.08 10:57:52 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.08.08 10:57:33 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.08.08 10:57:33 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.08.08 10:55:19 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.08.08 10:44:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Application Data\Sun
[2013.08.08 10:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Application Data\TuneUp Software
[2013.08.08 10:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2013.08.08 10:23:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.08.08 10:23:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013.08.08 09:22:13 | 000,000,000 | ---D | C] -- C:\430e42cd5ef2561708c0ea2e
[2013.08.07 22:39:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013.08.07 22:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013.08.07 22:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013.08.07 22:39:00 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013.08.07 22:39:00 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013.08.07 22:39:00 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013.08.07 22:39:00 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013.08.07 22:39:00 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013.08.07 22:39:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2013.08.07 22:39:00 | 000,000,000 | ---D | C] -- C:\7cf3dc835a07b4ae2f20493eab
[2013.08.07 20:00:47 | 000,000,000 | ---D | C] -- C:\3c2b788061bb4029ed9afa86fd
[2013.08.07 20:00:42 | 000,000,000 | ---D | C] -- C:\f0592dee565404027c
[2013.08.07 10:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2013.08.07 10:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2013.08.07 10:15:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013.08.07 10:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Backup
[2013.08.07 10:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2013.08.07 10:02:07 | 000,000,000 | ---D | C] -- C:\3a34bc99c8d9dca79d620b
[2013.08.07 10:02:01 | 000,000,000 | ---D | C] -- C:\a7b7c114cd834d5c289b1ed2141e710f
[2013.08.06 16:49:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\StarApp
[2013.08.06 16:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\SaveShare
[2013.08.06 16:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013.08.06 15:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Application Data\Unity
[2013.08.06 14:34:10 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2013.08.06 14:34:09 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2013.08.06 14:32:40 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2013.08.06 14:31:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2013.08.06 14:30:18 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013.08.06 14:30:17 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.08.06 14:30:17 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013.08.06 14:28:59 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013.08.06 14:28:44 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013.08.06 14:27:27 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013.08.06 14:24:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013.08.06 14:04:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Local Settings\Application Data\Unity
[2013.08.06 04:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\My Documents\Downloads
[2013.08.06 04:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lenovo\Local Settings\Application Data\Deployment
[2013.08.03 13:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\KeyNote
[2013.08.03 13:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\project dogwaffle
[2013.08.01 20:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Čtyřlístek
[2013.08.01 20:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Centauri
[2013.08.01 19:44:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Eidos
[2013.08.01 19:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.08.15 07:08:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.08.15 06:54:30 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2013.08.15 06:53:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.08.15 06:53:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.15 06:53:24 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.08.15 06:48:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.08.15 06:48:22 | 1061,933,056 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.14 16:12:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.14 10:27:54 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.08.14 09:50:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.08.14 09:43:37 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.08.14 09:43:37 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.08.11 16:45:14 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.08.11 16:45:13 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.08.11 16:45:13 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.08.11 16:45:13 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.08.11 16:45:13 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.08.11 16:45:13 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.08.11 16:37:44 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.08.10 11:39:38 | 000,001,768 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2013.08.10 10:24:54 | 000,000,079 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.08.10 09:10:57 | 000,001,842 | ---- | M] () -- C:\Documents and Settings\Lenovo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.08.09 12:08:40 | 000,001,824 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013.08.09 10:51:41 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2013.08.08 12:06:28 | 001,001,985 | ---- | M] () -- C:\Documents and Settings\Lenovo\Desktop\tumblr_lxn42xJFvb1r3hz00o1_400.gif
[2013.08.08 12:01:54 | 000,029,171 | ---- | M] () -- C:\Documents and Settings\Lenovo\Desktop\1148904_580342042022934_1485877192_n.jpg
[2013.08.08 10:56:55 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.08.08 10:56:45 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.08.08 10:56:45 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.08.08 10:56:44 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.08.08 10:56:43 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.08.08 10:56:39 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.08.08 10:56:39 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.08.08 07:12:39 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.08.07 10:41:22 | 000,000,910 | ---- | M] () -- C:\Documents and Settings\Lenovo\Desktop\Play Hitman 2.lnk
[2013.08.07 10:40:36 | 050,724,155 | ---- | M] () -- C:\Documents and Settings\Lenovo\Desktop\hitman2demo.zip
[2013.08.06 20:20:20 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2013.08.06 14:47:16 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Lenovo\My Documents\Default.rdp
[2013.08.06 10:10:21 | 000,103,424 | ---- | M] () -- C:\Documents and Settings\Lenovo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.01 20:14:04 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Čtyřlístek a Strašidelný hrad.lnk
[2013.08.01 20:14:03 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Lenovo\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013.08.01 20:14:03 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Lenovo\Desktop\Windows Media Player.lnk
[2013.08.01 20:14:02 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.08.01 20:14:02 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.08.01 19:44:43 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\Lenovo\Desktop\Play Hitman Contracts demo.lnk
[2013.08.01 14:03:46 | 000,001,893 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ 2 Roční období.lnk
[2013.07.25 01:13:01 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013.07.25 01:13:00 | 000,852,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013.07.25 01:13:00 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013.07.25 01:12:59 | 001,510,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2013.07.25 01:12:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2013.07.25 01:12:59 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013.07.25 01:12:59 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013.07.25 01:12:58 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013.07.25 01:12:58 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013.07.25 01:12:58 | 000,449,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013.07.25 01:12:57 | 003,092,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013.07.25 01:12:55 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013.07.25 01:12:55 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013.07.25 01:12:54 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2013.07.25 01:12:54 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2013.07.25 01:12:54 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2013.07.24 08:48:47 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.08.15 07:08:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.08.13 15:56:58 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2013.08.11 16:45:22 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.08.11 16:45:19 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.08.11 16:45:15 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.08.11 16:37:46 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.08.11 16:37:45 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.08.11 16:37:45 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.08.10 10:24:30 | 000,000,079 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.08.09 12:08:40 | 000,001,842 | ---- | C] () -- C:\Documents and Settings\Lenovo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.08.09 12:08:40 | 000,001,824 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013.08.09 12:07:55 | 000,000,940 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.09 12:07:54 | 000,000,936 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.08 12:06:13 | 001,001,985 | ---- | C] () -- C:\Documents and Settings\Lenovo\Desktop\tumblr_lxn42xJFvb1r3hz00o1_400.gif
[2013.08.08 11:57:16 | 000,029,171 | ---- | C] () -- C:\Documents and Settings\Lenovo\Desktop\1148904_580342042022934_1485877192_n.jpg
[2013.08.07 10:40:19 | 050,724,155 | ---- | C] () -- C:\Documents and Settings\Lenovo\Desktop\hitman2demo.zip
[2013.08.07 10:34:58 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2013.08.06 20:20:20 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2013.08.06 14:47:16 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Lenovo\My Documents\Default.rdp
[2013.08.06 14:27:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.08.06 14:27:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.08.01 20:14:04 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Čtyřlístek a Strašidelný hrad.lnk
[2013.08.01 19:44:43 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\Lenovo\Desktop\Play Hitman Contracts demo.lnk
[2013.08.01 14:03:46 | 000,001,893 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ 2 Roční období.lnk
[2013.05.24 19:57:26 | 000,000,261 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2013.05.20 17:20:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.04.29 14:51:56 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
[2013.04.13 14:47:32 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2013.04.13 14:47:30 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2013.04.11 18:20:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\scummvm.ini
[2013.04.06 19:05:45 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013.04.06 19:04:25 | 000,000,071 | ---- | C] () -- C:\WINDOWS\SeeYa! Settings.ini
[2013.04.06 19:04:20 | 000,000,055 | ---- | C] () -- C:\WINDOWS\System32\SeeYa! Settings.ini
[2013.04.06 19:01:29 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2013.04.06 19:00:32 | 000,004,914 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bzoyeojg.eew
[2013.03.27 07:07:02 | 000,103,424 | ---- | C] () -- C:\Documents and Settings\Lenovo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.26 10:01:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2011.05.19 18:19:30 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Lenovo\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2011.05.19 17:07:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.07.25 01:12:59 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.05.19 17:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IBM
[2011.05.19 18:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ThinkVantage
[2013.07.01 13:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aliasworlds
[2013.08.11 16:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013.08.07 10:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2013.08.08 10:23:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013.07.04 13:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2013.08.14 12:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2013.08.13 16:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011.05.19 17:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2013.07.04 12:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logs
[2013.08.06 16:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\StarApp
[2013.08.07 19:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013.08.08 10:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2013.08.08 10:23:21 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2011.05.19 17:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\IBM
[2011.05.19 18:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\ThinkVantage
[2011.05.19 17:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto 2\Application Data\IBM
[2011.05.19 18:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Konto 2\Application Data\ThinkVantage
[2013.08.09 11:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\DVDVideoSoft
[2013.06.10 16:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\FreeBurner
[2011.05.19 17:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\IBM
[2013.03.27 07:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\InterVideo
[2013.04.06 19:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\MOVAVI
[2013.08.13 15:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\SwvUpdater
[2011.05.19 18:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\ThinkVantage
[2013.08.08 10:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\TuneUp Software
[2013.08.06 15:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Unity
[2013.07.04 13:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\uTorrent
[2011.05.19 17:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Lenovo

========== Purity Check ==========



========== Custom Scans ==========

< >
[1980.01.01 00:00:00 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2004.08.09 11:02:34 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.05.19 18:01:08 | 000,000,366 | ---- | C] () -- C:\WINDOWS\Tasks\Symantec NetDetect.job
[2013.08.09 12:07:54 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.08.09 12:07:55 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.08.11 16:37:45 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.08.13 15:56:58 | 000,000,400 | ---- | C] () -- C:\WINDOWS\Tasks\AmiUpdXp.job

< >

< MD5 for: AGP440.SYS >
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.13 17:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.13 17:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2004.08.04 05:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\I386\AUTOCHK.EXE
[2004.08.04 05:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 11:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 11:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.05.09 15:48:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.04 05:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.04 05:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.13 17:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.13 17:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:hal.dll
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 11:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 11:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:Changer.sys
[2004.08.04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 11:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2013.03.27 07:02:04 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 11:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 11:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.17 13:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.04 05:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.13 17:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 12:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 12:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 05:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 11:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 11:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 05:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.13 17:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.13 17:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 05:00:00 | 000,470,016 | ---- | M] (Microsoft Corporation) MD5=9A98937A980831729D21343754FF9D59 -- C:\I386\SYSTEM32\SMSS.EXE
[2004.08.04 05:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 03:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2005.05.25 12:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2008.06.20 03:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 12:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 12:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 12:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\ff0686f2f699fa07ed5ad0848fa3055b\sp3qfe\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.13 17:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.13 17:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 05:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[7 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2013.07.01 11:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2013.07.01 13:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aliasworlds
[2013.08.11 16:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013.08.07 10:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Backup
[2013.08.08 10:23:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013.07.04 13:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2013.08.14 12:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2013.08.13 16:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011.05.19 17:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2013.07.04 12:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Logs
[2013.08.12 07:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013.08.10 10:24:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2004.08.09 11:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2013.08.10 10:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013.08.06 16:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\StarApp
[2013.04.08 14:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2013.08.07 19:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013.08.08 10:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2012.05.07 03:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013.04.17 13:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2013.08.08 10:23:21 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2013.07.31 13:33:52 | 000,101,888 | ---- | M] (Freemake) -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsServiceNew.exe
[2013.07.31 13:40:06 | 000,304,128 | ---- | M] (Freemake) -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\ErrorReporter\FreemakeErrorReporter.exe
[2013.03.12 01:59:14 | 000,015,968 | R-S- | M] (Tarma Software Research Pty Ltd) -- C:\Documents and Settings\All Users\Application Data\InstallMate\{166D2571-C3F8-4811-AAFA-8BDACD8E0787}\Setup.exe

< %APPDATA%\*. >
[2013.03.26 07:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Adobe
[2013.04.08 14:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\AdobeUM
[2013.08.09 11:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\DVDVideoSoft
[2013.06.10 16:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\FreeBurner
[2013.04.07 12:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\GRETECH
[2013.05.25 11:40:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Help
[2011.05.19 17:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\IBM
[2004.08.09 11:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Identities
[2013.03.27 07:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\InterVideo
[2011.05.23 05:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Macromedia
[2013.08.12 07:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Malwarebytes
[2013.04.11 18:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Media Player Classic
[2013.08.06 14:46:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Lenovo\Application Data\Microsoft
[2013.04.06 19:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\MOVAVI
[2013.08.08 10:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Sun
[2013.08.13 15:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\SwvUpdater
[2011.05.19 17:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Symantec
[2011.05.19 18:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\ThinkVantage
[2013.08.08 10:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\TuneUp Software
[2013.08.06 15:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Unity
[2013.07.04 13:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\uTorrent
[2013.07.02 11:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\WinRAR
[2013.04.17 13:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lenovo\Application Data\Yahoo!

< %APPDATA%\*.exe /s >
[2013.08.09 11:13:47 | 001,194,560 | ---- | M] (DVDVideoSoft Ltd. ) -- C:\Documents and Settings\Lenovo\Application Data\DVDVideoSoft\FreeYouTubeDownload.exe
[2007.03.22 03:46:42 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Lenovo\Application Data\GRETECH\GomPlayer\GrLauncher.exe
[2013.06.16 17:28:14 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Lenovo\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.08.13 15:56:27 | 000,305,192 | ---- | M] (Amonetize ltd.) -- C:\Documents and Settings\Lenovo\Application Data\SwvUpdater\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.08.09 10:45:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004.08.09 10:45:10 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004.08.09 10:45:10 | 000,876,544 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.08.14 09:55:45 | 075,778,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2013.08.14 09:43:37 | 000,071,482 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.08.14 09:43:37 | 000,441,546 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.08.14 09:43:37 | 000,501,506 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.08.14 09:48:54 | 000,016,542 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2013.08.15 06:53:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.13 17:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.13 17:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

Re: Prosím o pomoc

Napsal: 15 srp 2013 06:52
od SimčaBrunoMars
tu je 2 polovica logu z otl.txt :arrow:

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.08.15 07:08:22 | 000,000,512 | ---- | M] () MD5=E030A782E5F7E149D1A91B0918CBBE79 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.02.11 16:56:44 | 000,015,511 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2012.09.13 21:52:54 | 000,064,651 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2012.09.13 21:52:54 | 000,064,719 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2013.08.14 12:55:45 | 000,001,008 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2013.08.14 12:55:45 | 000,000,996 | ---- | M] () -- \Documents and Settings\Lenovo\Desktop\Unused Desktop Shortcuts\Freemake Video Downloader.lnk
[2013.08.14 14:14:59 | 000,121,344 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0\npFreemakeYoutubeDownloader.dll
[2013.08.12 09:44:32 | 000,000,730 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf\3.0.1.2_0\DownloadMaster\scripts\extension_loader.js
[2013.08.12 09:44:32 | 000,000,460 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf\3.0.1.2_0\DownloadMaster\scripts\galoader.js
[2013.08.14 12:54:04 | 014,250,424 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Temp\FreemakeVideoDownloader_3.5.3.3.exe
[234 \Documents and Settings\Lenovo\Local Settings\Temp\*.tmp files -> \Documents and Settings\Lenovo\Local Settings\Temp\*.tmp -> ]
[2013.08.09 11:14:43 | 023,088,120 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Temp\is-C7QVF.tmp\FreeYTVDownloaderBase.exe
[2012.08.29 10:57:16 | 000,010,819 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Temp\ish398906\images\loader.gif
[2013.08.14 14:14:50 | 000,121,344 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Temp\scoped_dir_3100_4146\CRX_INSTALL\npFreemakeYoutubeDownloader.dll
[2013.08.07 10:39:10 | 000,018,341 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Temporary Internet Files\Content.IE5\GHQ7O5QN\universaldownloader-prefetch[1].htm
[2013.08.06 04:00:04 | 000,003,061 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Temporary Internet Files\Content.IE5\WHAN8HYR\rmsloaderdelayeddiv[1].js
[2013.08.13 15:39:32 | 000,015,501 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Temporary Internet Files\Content.IE5\WHAN8HYR\universaldownloader-prefetch[1].htm
[2013.08.14 12:52:30 | 001,272,248 | ---- | M] () -- \Documents and Settings\Lenovo\My Documents\Downloads\FreemakeVideoDownloaderSetup.exe
[2013.08.08 10:07:15 | 000,665,816 | ---- | M] () -- \Documents and Settings\Lenovo\My Documents\Downloads\VDownloaderInstallerIC.exe
[2013.08.14 12:55:46 | 000,001,055 | ---- | M] () -- \Documents and Settings\Lenovo\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk
[2004.08.04 05:00:00 | 000,017,423 | ---- | M] () -- \I386\DMLOADER.DL_
[2004.08.04 05:00:00 | 000,114,717 | ---- | M] () -- \I386\OSLOADER.EX_
[2004.08.04 05:00:00 | 000,132,317 | ---- | M] () -- \I386\OSLOADER.NT_
[2013.07.31 13:43:20 | 002,089,024 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
[2013.02.05 14:05:50 | 000,007,379 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.js
[2012.09.13 20:17:00 | 000,000,402 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.xul
[2013.02.11 16:56:44 | 000,015,511 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2012.09.13 21:52:54 | 000,064,651 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2012.09.13 21:52:54 | 000,064,719 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2013.07.31 13:39:36 | 000,020,992 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Detector.dll
[2013.07.31 13:33:28 | 000,008,192 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.GlobalSettings.dll
[2013.07.31 13:39:38 | 000,014,336 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.HtmlParser.dll
[2013.07.31 13:39:32 | 000,041,984 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Interface.dll
[2013.07.31 13:33:30 | 000,020,480 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Miscellaneous.dll
[2013.07.31 13:39:34 | 000,066,048 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Core.dll
[2013.07.31 13:39:36 | 000,158,720 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Extensions.dll
[2013.07.31 13:39:38 | 000,141,312 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SupportedSite.dll
[2013.07.31 13:39:34 | 000,019,456 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.TrackDownloaderLib.dll
[2013.07.31 13:41:50 | 000,253,952 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Model.dll
[2013.07.31 13:39:40 | 000,019,968 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Tools.dll
[2013.07.31 13:41:58 | 000,010,752 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\cs\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:41:58 | 000,010,752 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\da\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:41:58 | 000,016,384 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\de-DE\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,013,312 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\el-GR\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,015,872 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\es-ES\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,016,384 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\fr-FR\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\hu\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,015,872 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\it\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,017,920 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ja-JP\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\nl\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pl\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:00 | 000,015,872 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pt-BR\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:02 | 000,018,944 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ru-RU\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:02 | 000,011,264 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\sk\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:02 | 000,012,800 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\uk\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:02 | 000,011,776 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\vi\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:02 | 000,010,240 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-CN\FreemakeVideoDownloader.resources.dll
[2013.07.31 13:42:02 | 000,010,240 | ---- | M] () -- \Program Files\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-TW\FreemakeVideoDownloader.resources.dll
[2013.02.08 18:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2004.08.04 05:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2002.02.01 18:22:20 | 000,009,728 | ---- | M] () -- \WINDOWS\mui\FALLBACK\0424\osloader.exe.mui
[2008.04.13 17:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 11:31:43 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 11:31:44 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.13 17:11:52 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.08.13 10:33:52 | 000,000,024 | ---- | M] () -- \Documents and Settings\Lenovo\Local Settings\Application Data\Google\Picasa2\cache\cacheindex_serial.pmp
[2004.08.04 05:00:00 | 000,024,869 | ---- | M] () -- \I386\DPSERIAL.DL_
[2004.08.04 05:00:00 | 000,030,067 | ---- | M] () -- \I386\SERIAL.SY_
[2004.08.04 05:00:00 | 000,006,409 | ---- | M] () -- \I386\SERIALUI.DL_
[2005.05.04 17:00:12 | 000,001,224 | ---- | M] () -- \ibmtools\apps\PCDRWIN\Conf0005\PCDrSerialPort.ini
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.04 05:00:00 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2011.05.19 17:15:08 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.14 09:42:17 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.08 12:04:58 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 07:27:09 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.15 06:59:25 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2010.04.07 23:48:30 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_133675_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.08.08 11:21:41 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_133676_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.04.07 23:48:30 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_147207_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2002.02.01 18:18:26 | 000,003,584 | ---- | M] () -- \WINDOWS\mui\FALLBACK\0424\dpserial.dll.mui
[2002.02.01 18:19:14 | 000,004,096 | ---- | M] () -- \WINDOWS\mui\FALLBACK\0424\grserial.sys.mui
[2002.02.01 18:23:10 | 000,010,240 | ---- | M] () -- \WINDOWS\mui\FALLBACK\0424\serial.sys.mui
[2002.02.01 18:23:10 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\0424\serialui.dll.mui
[2008.04.13 11:40:21 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.13 12:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 05:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2004.08.04 05:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2004.08.04 05:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.13 12:15:45 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Files - Unicode (All) ==========
[2013.08.11 16:39:37 | 000,056,010 | ---- | M] ()(C:\WINDOWS\Prefetch\SCHATZJ?GER2.EXE-1F6F8E92.pf) -- C:\WINDOWS\Prefetch\SCHATZJДGER2.EXE-1F6F8E92.pf

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720

< End of report >

Re: Prosím o pomoc

Napsal: 15 srp 2013 06:53
od SimčaBrunoMars
tu je log z extras.txt :arrow:

OTL Extras logfile created on: 15.8.2013 7:05:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Lenovo\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

1012,67 Mb Total Physical Memory | 506,48 Mb Available Physical Memory | 50,01% Memory free
2,37 Gb Paging File | 1,94 Gb Available in Paging File | 81,97% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,61 Gb Total Space | 0,44 Gb Free Space | 1,35% Space Free | Partition Type: NTFS

Computer Name: LENOVO-47049E37 | User Name: Lenovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1823023330-1460979184-14589832-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe" = C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe" = C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE -- (Lexmark International, Inc.)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{48118C84-264D-4D5F-BA66-A34920096995}" = Sven Kommt
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{5A76DA21-67C8-4CC3-9FDE-20EC8F7F6139}_is1" = City Siege 3 Jungle Siege
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{92FCA01B-8612-49A4-89DB-C9C589CB9A14}_is1" = City Siege
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A1E6130-8F5E-4076-899A-D51FF01EDA6C}" = System Migration Assistant 5.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6F5703D-A4B1-4857-9EDD-DC0ABBBB0D96}" = TuneUp Utilities Language Pack (en-US)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = The Sims 2 HomeCrafter Plus
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Around the World in 80 Days_is1" = Around the World in 80 Days
"avast" = avast! Free Antivirus
"AwayTask" = ThinkVantage Away Manager
"Free YouTube Download_is1" = Free YouTube Download version 3.2.8.717
"Freemake Video Downloader_is1" = Freemake Video Downloader
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Hitman 2: Silent Assassin" = Hitman 2: Silent Assassin
"Hitman 2: Silent Assassin Demo" = Hitman 2: Silent Assassin Demo
"Hitman: Contracts demo" = Hitman: Contracts demo
"HRAD" = Čtyřlístek a Strašidelný hrad
"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"Lexmark X1100 Series" = Lexmark X1100 Series
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Milky Bear Rescue Rocket_is1" = Milky Bear Rescue Rocket
"Milky Bear Riches Raider 2_is1" = Milky Bear Riches Raider 2
"Milky Bear Riches Rider 3_is1" = Milky Bear Riches Rider 3
"Milky Bear Riches Rider_is1" = Milky Bear Riches Rider
"PhotoFiltre" = PhotoFiltre
"Picasa 3" = Picasa 3
"PROSet" = Intel(R) PRO Network Connections Drivers
"Schatzjäger Demo Version" = Schatzjäger Demo Version
"SP_8e303e95" = SaveShare 1.74
"SP_b0285714" = Search Assistant WebSearch 1.74
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1823023330-1460979184-14589832-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.8.2013 12:25:02 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework PreXP' could not be installed. Error code 1603. Additional information
is available in the log file C:\WINDOWS\TEMP\dd_NET_Framework20_Setup767B.txt.

Error - 7.8.2013 12:25:05 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'Dr.
Watson' could not be installed. Error code 1603. Additional information is available
in the log file C:\WINDOWS\TEMP\dd_NET_Framework20_Setup767B.txt.

Error - 7.8.2013 12:25:05 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework 1' could not be installed. Error code 1603. Additional information is
available in the log file C:\WINDOWS\TEMP\dd_NET_Framework20_Setup767B.txt.

Error - 7.8.2013 12:25:05 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework 2' could not be installed. Error code 1603. Additional information is
available in the log file C:\WINDOWS\TEMP\dd_NET_Framework20_Setup767B.txt.

Error - 7.8.2013 12:25:05 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework ASP .NET' could not be installed. Error code 1603. Additional information
is available in the log file C:\WINDOWS\TEMP\dd_NET_Framework20_Setup767B.txt.

Error - 7.8.2013 12:25:08 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework WinForms' could not be installed. Error code 1603. Additional information
is available in the log file C:\WINDOWS\TEMP\dd_NET_Framework20_Setup767B.txt.

Error - 7.8.2013 13:12:55 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 11704
Description = Product: Panda Global Protection 2014 -- Error 1704.An installation
for Microsoft .NET Framework 2.0 Service Pack 2 is currently suspended. You must
undo the changes made by that installation to continue. Do you want to undo those
changes?

Error - 8.8.2013 13:23:32 | Computer Name = LENOVO-47049E37 | Source = MsiInstaller | ID = 11704
Description = Product: TuneUp Utilities Language Pack (en-US) -- Error 1704. An
installation for Microsoft .NET Framework 2.0 Service Pack 2 is currently suspended.
You must undo the changes made by that installation to continue. Do you want
to undo those changes?

Error - 8.8.2013 13:55:39 | Computer Name = LENOVO-47049E37 | Source = Application Hang | ID = 1002
Description = Hanging application chromeinstall-7u25.exe, version 7.0.250.17, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8.8.2013 13:55:40 | Computer Name = LENOVO-47049E37 | Source = Application Hang | ID = 1002
Description = Hanging application chromeinstall-7u25.exe, version 7.0.250.17, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 13.8.2013 19:12:00 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\AvastUI.exe.
Reference
error message: The operation completed successfully. .

Error - 14.8.2013 12:27:19 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.MFC could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 14.8.2013 12:27:19 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.MFC. Reference error
message: The referenced assembly is not installed on your system. .

Error - 14.8.2013 12:27:19 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\avastUI.exe.
Reference
error message: The operation completed successfully. .

Error - 14.8.2013 14:43:21 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.MFC could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 14.8.2013 14:43:21 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.MFC. Reference error
message: The referenced assembly is not installed on your system. .

Error - 14.8.2013 14:43:21 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\avastUI.exe.
Reference
error message: The operation completed successfully. .

Error - 15.8.2013 9:53:34 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.MFC could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 15.8.2013 9:53:34 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.MFC. Reference error
message: The referenced assembly is not installed on your system. .

Error - 15.8.2013 9:53:34 | Computer Name = LENOVO-47049E37 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\AVAST Software\Avast\avastUI.exe.
Reference
error message: The operation completed successfully. .


< End of report >

Re: Prosím o pomoc

Napsal: 15 srp 2013 10:58
od Márty84
:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
JavaQuickStarterService
gupdate
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\AmiUpdXp.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Symantec NetDetect.job
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=SK
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pur-esult.info/?l=1&q={searchTerms}&pid=724&r=2013/08/13&hid=1711329545&lg=EN&cc=SK
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=SK
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1823023330-1460979184-14589832-1005\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pur-esult.info/?l=1&q={searchTerms}&pid=724&r=2013/08/13&hid=1711329545&lg=EN&cc=SK
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[7 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.



:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte


20.10. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz