Ono už to je bylo to rychlé já myslela že to bude na dlouho ...
OTL Extras logfile created on: 3.9.2013 23:02:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Morongajovi\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1015,23 Mb Total Physical Memory | 717,84 Mb Available Physical Memory | 70,71% Memory free
2,38 Gb Paging File | 2,20 Gb Available in Paging File | 92,14% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,78 Gb Total Space | 75,31 Gb Free Space | 73,27% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 7,72 Gb Free Space | 85,74% Space Free | Partition Type: NTFS
Computer Name: MORONGAJ-A3F4C6 | User Name: Morongajovi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57412:TCP" = 57412:TCP:*:Enabled:Pando Media Booster
"57412:UDP" = 57412:UDP:*:Enabled:Pando Media Booster
"58325:TCP" = 58325:TCP:*:Enabled:Pando Media Booster
"58325:UDP" = 58325:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57412:TCP" = 57412:TCP:*:Enabled:Pando Media Booster
"57412:UDP" = 57412:UDP:*:Enabled:Pando Media Booster
"58325:TCP" = 58325:TCP:*:Enabled:Pando Media Booster
"58325:UDP" = 58325:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Documents and Settings\Morongajovi\Dokumenty\Stažené soubory\Sindicate\client.bin" = C:\Documents and Settings\Morongajovi\Dokumenty\Stažené soubory\Sindicate\client.bin:*:Enabled:client
"C:\Documents and Settings\Morongajovi\Dokumenty\Stažené soubory\Sindicate\Sindicate\client.bin" = C:\Documents and Settings\Morongajovi\Dokumenty\Stažené soubory\Sindicate\Sindicate\client.bin:*:Enabled:client
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\Morongajovi\Data aplikací\Kalydo\KalydoPlayer\bin\kalydoloader.exe" = C:\Documents and Settings\Morongajovi\Data aplikací\Kalydo\KalydoPlayer\bin\kalydoloader.exe:*:Enabled:kalydoloader -- (Eximion B.V.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{13605214-8CA9-4B59-90A0-DEBB9A9F68E5}" = WebMate
"{17E113E6-CD0E-4045-B154-65F0E57959EF}_is1" = IMPI 2.0.0.429
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 F1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6382E782-E073-4494-BA54-B7B4769CFC91}" = TV Online
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}" = Eye 312
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"bi_uninstaller" = Bundled software uninstaller
"Broadcom 802.11 Application" = Bezdrátová služba Broadcom
"Broadcom 802.11b Network Adapter" = Bezdrátový adaptér Broadcom 802.11 LAN
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.6.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Notepad++" = Notepad++
"Origin" = Origin
"Picasa 3" = Picasa 3
"PROSet" = Intel(R) PRO Network Connections Drivers
"Revo Uninstaller" = Revo Uninstaller 1.95
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TV Online 1.7.0" = TV Online
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 2.0.7
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AppsHat Mobile Apps" = AppsHat Mobile Apps
"KalydoPlayer" = Kalydo Player 4.06.00
"SeznamInstall" = Seznam Software
"Square Enix Secure Launcher" = Square Enix Secure Launcher
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1.8.2013 23:41:14 | Computer Name = MORONGAJ-A3F4C6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.1.11.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 1.8.2013 23:48:15 | Computer Name = MORONGAJ-A3F4C6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.1.11.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 2.8.2013 1:21:01 | Computer Name = MORONGAJ-A3F4C6 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error - 2.8.2013 1:21:02 | Computer Name = MORONGAJ-A3F4C6 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error - 4.8.2013 9:46:50 | Computer Name = MORONGAJ-A3F4C6 | Source = .NET Runtime 4.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 relative world - launcher.exe, P2 1.0.0.0, P3
50029275, P4 mscorlib, P5 4.0.0.0, P6 517a1c71, P7 3fde, P8 1f4, P9 system.io.ioexception,
P10 NIL.
Error - 4.8.2013 9:46:56 | Computer Name = MORONGAJ-A3F4C6 | Source = .NET Runtime | ID = 1026
Description =
Error - 6.8.2013 0:23:42 | Computer Name = MORONGAJ-A3F4C6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace TV Online.exe, verze 1.7.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 7.8.2013 1:14:18 | Computer Name = MORONGAJ-A3F4C6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace DTLite.exe, verze 4.45.4.315, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.8.2013 7:57:04 | Computer Name = MORONGAJ-A3F4C6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 28.0.1500.95, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.8.2013 7:57:04 | Computer Name = MORONGAJ-A3F4C6 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 28.0.1500.95, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 2.9.2013 1:44:10 | Computer Name = MORONGAJ-A3F4C6 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.102 pro síťovou kartu se síťovou
adresou 0021003D6AB7 byla ukončena.
Error - 2.9.2013 10:24:14 | Computer Name = MORONGAJ-A3F4C6 | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume2. Sledování svazku bylo ukončeno.
Error - 2.9.2013 10:41:50 | Computer Name = MORONGAJ-A3F4C6 | Source = Service Control Manager | ID = 7034
Description = Služba IMPI Updater byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 2.9.2013 15:06:29 | Computer Name = MORONGAJ-A3F4C6 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 3.9.2013 2:32:36 | Computer Name = MORONGAJ-A3F4C6 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.102 pro síťovou kartu se síťovou
adresou 0021003D6AB7 byla ukončena.
Error - 3.9.2013 4:09:34 | Computer Name = MORONGAJ-A3F4C6 | Source = Service Control Manager | ID = 7034
Description = Služba Broadcom Wireless LAN Tray Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 3.9.2013 4:09:34 | Computer Name = MORONGAJ-A3F4C6 | Source = Service Control Manager | ID = 7034
Description = Služba IMPI Updater byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 3.9.2013 5:42:40 | Computer Name = MORONGAJ-A3F4C6 | Source = Service Control Manager | ID = 7034
Description = Služba Broadcom Wireless LAN Tray Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 3.9.2013 5:42:40 | Computer Name = MORONGAJ-A3F4C6 | Source = Service Control Manager | ID = 7034
Description = Služba IMPI Updater byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 3.9.2013 15:14:20 | Computer Name = MORONGAJ-A3F4C6 | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.
< End of report >
problém s NB log HJT Vyřešeno
Re: problém s NB log HJT
OTL logfile created on: 3.9.2013 23:02:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Morongajovi\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1015,23 Mb Total Physical Memory | 717,84 Mb Available Physical Memory | 70,71% Memory free
2,38 Gb Paging File | 2,20 Gb Available in Paging File | 92,14% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,78 Gb Total Space | 75,31 Gb Free Space | 73,27% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 7,72 Gb Free Space | 85,74% Space Free | Partition Type: NTFS
Computer Name: MORONGAJ-A3F4C6 | User Name: Morongajovi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Morongajovi\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\IMPI\ExtensionUpdaterService.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\IMPI\ExtensionUpdaterService.exe ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (IMPI Updater) -- C:\Program Files\IMPI\ExtensionUpdaterService.exe ()
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (EagleXNt) -- C:\WINDOWS\system32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (PAC7302) -- C:\WINDOWS\system32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKCU\..\SearchScopes\{5FB839B8-AEE4-4922-A817-C4E506D3E8EF}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js - File not found
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@coreonline.com/run3d,version=1.0: C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Square Enix\nprun3d.dll (Square Enix)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Documents and Settings\Morongajovi\Data aplikací\Kalydo\KalydoPlayer\bin\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.07.13 01:18:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF}: C:\Program Files\IMPI\Firefox [2013.02.06 21:01:43 | 000,000,000 | ---D | M]
[2011.02.03 22:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions
[2013.08.31 23:32:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.09.03 12:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions
[2013.09.03 12:29:51 | 000,000,000 | ---D | M] (AppsHat) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[2013.08.31 15:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\PLUGIN@GETWEBCAKE.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2013.02.06 21:01:43 | 000,000,000 | ---D | M] (IMPI) -- C:\PROGRAM FILES\IMPI\FIREFOX
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Documents and Settings\Morongajovi\Data aplikac\u00ED\Kalydo\KalydoPlayer\bin\npkalydo.dll
CHR - plugin: Square Enix Secure Launcher (Enabled) = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikac\u00ED\Square Enix\nprun3d.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WEBZEN Browser Extension (Enabled) = C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IE Tab = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.8.13.1_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hnjebfhieiaohnhafcolehbbcfkkkhje\2.2.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IE Tab = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.8.13.1_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hnjebfhieiaohnhafcolehbbcfkkkhje\2.2.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013.09.01 09:50:03 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IMPI) - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab (PCPitstop Utility)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51253DE9-07E5-41F9-9DE9-9E69B44945A7}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.03 20:43:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.09.03 22:59:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Morongajovi\Plocha\OTL.exe
[2013.09.03 22:51:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Morongajovi\Recent
[2013.09.03 22:50:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.09.03 21:17:23 | 001,898,112 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Morongajovi\Plocha\rkill.com
[2013.09.03 17:30:29 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013.09.03 17:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.09.03 17:13:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.09.03 17:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.09.03 16:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Nabídka Start\Programy\Revo Uninstaller
[2013.09.03 16:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013.09.03 13:40:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013.09.03 12:58:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Morongajovi\IECompatCache
[2013.09.03 12:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Minibar
[2013.09.03 12:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\7-Zip
[2013.09.03 12:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.09.03 12:29:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\AppsHat Mobile Apps
[2013.09.03 12:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Minibar
[2013.09.03 12:29:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Minibar
[2013.09.03 10:06:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.09.02 20:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013.09.01 23:13:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Plocha\údržba
[2013.09.01 19:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Nabídka Start\Programy\Notepad++
[2013.09.01 19:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Notepad++
[2013.09.01 19:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2013.09.01 19:48:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Notepad++
[2013.09.01 11:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013.09.01 10:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2013.09.01 00:04:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.08.31 23:27:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.08.31 22:37:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\TV_Online
[2013.08.31 22:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\TV Online
[2013.08.31 22:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2013.08.31 22:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\TV Online
[2013.08.31 21:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Thinstall
[2013.08.31 21:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Thinstall
[2013.08.31 19:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Malwarebytes
[2013.08.31 19:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.08.31 18:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PCPitstop
[2013.08.31 17:19:47 | 017,737,608 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013.08.31 15:57:12 | 000,000,000 | ---D | C] -- C:\56bf5a36fbecccfc9c5a469681dd45
[2013.08.31 15:50:46 | 000,000,000 | ---D | C] -- C:\e9828458a1963ff619df
[2013.08.31 15:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2013.08.31 15:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Nabídka Start\Programy\Total Commander
[2013.08.31 15:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2013.08.31 15:13:42 | 000,000,000 | ---D | C] -- C:\totalcmd
[2013.08.31 15:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2013.08.31 15:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2013.08.31 15:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.08.31 15:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2013.08.31 15:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2013.08.31 15:10:25 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.08.31 15:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.08.31 15:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\WEBZEN
[2013.08.31 15:08:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Avg2013
[2013.08.31 11:52:21 | 004,422,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100u.dll
[2013.08.31 10:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\PCHealth
[2013.08.29 22:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Big Fish
[2013.08.28 12:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.02.02 13:58:52 | 000,369,719 | ---- | C] (RAD Game Tools, Inc.) -- C:\Documents and Settings\Morongajovi\granny2.dll
[2013.02.02 13:58:51 | 000,843,892 | ---- | C] (PythonLabs at Zope Corporation) -- C:\Documents and Settings\Morongajovi\python22.dll
[2013.02.02 13:58:51 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Morongajovi\mscoree.dll
[2013.02.02 13:58:46 | 000,434,252 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Morongajovi\MSVCRTD.dll
[2013.02.02 13:58:46 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\Documents and Settings\Morongajovi\ijl15.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.09.03 22:59:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Morongajovi\Plocha\OTL.exe
[2013.09.03 22:56:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.09.03 22:52:37 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.09.03 22:19:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.09.03 21:17:36 | 001,898,112 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Morongajovi\Plocha\rkill.com
[2013.09.01 19:43:56 | 000,000,002 | ---- | M] () -- C:\boot.int
[2013.09.01 19:43:30 | 000,000,046 | ---- | M] () -- C:\forestgreen.frg
[2013.09.01 15:41:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.09.01 13:34:08 | 000,556,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.09.01 13:34:08 | 000,549,682 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.09.01 13:34:08 | 000,120,798 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.09.01 13:34:08 | 000,103,162 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.08.31 18:19:37 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.08.31 18:19:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.08.31 18:19:33 | 017,737,608 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.09.03 22:52:37 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.09.01 19:43:30 | 000,000,046 | ---- | C] () -- C:\forestgreen.frg
[2013.09.01 19:43:30 | 000,000,002 | ---- | C] () -- C:\boot.int
[2013.05.15 16:05:49 | 000,000,588 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2013.05.13 13:29:08 | 000,000,030 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.12 16:22:41 | 001,195,821 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-583907252-1078081533-839522115-1003-0.dat
[2013.03.12 16:22:34 | 000,274,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.08.26 17:43:39 | 000,060,864 | ---- | C] () -- C:\Documents and Settings\Morongajovi\g2mdlhlpx.exe
[2012.05.16 18:21:28 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\fusioncache.dat
[2012.02.15 10:48:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.26 20:52:43 | 000,000,857 | ---- | C] () -- C:\WINDOWS\client.config.ini
[2011.04.08 18:53:00 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\SRDownloader.nast
[2011.02.14 19:57:09 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2011.02.06 22:16:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.11.01 22:36:07 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.06.30 12:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2011.02.06 14:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2012.01.07 22:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2012.08.06 07:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2011.02.04 00:23:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.06.20 17:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.06.27 10:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2013.09.03 13:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2013.09.03 14:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.06.05 09:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Origin
[2013.05.26 16:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Particles
[2013.08.31 18:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PCPitstop
[2012.02.08 23:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
[2013.05.01 13:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2012.06.24 12:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.08.31 15:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WEBZEN
[2013.06.30 12:55:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013.08.26 19:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\8floor
[2013.06.08 13:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Artifex Mundi
[2012.01.31 00:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Artogon
[2013.06.30 12:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\AVG
[2011.02.04 00:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\AVG10
[2011.11.04 11:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\BSplayer Pro
[2013.09.01 08:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\DAEMON Tools Lite
[2011.05.12 20:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\DDMSettings
[2011.12.26 20:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Kalydo
[2013.09.03 13:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Minibar
[2013.09.01 19:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Notepad++
[2013.06.07 20:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Origin
[2013.08.31 23:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Seznam.cz
[2013.08.31 21:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Thinstall
[2013.06.30 17:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\TuneUp Software
[2013.08.31 22:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\TV Online
[2012.02.09 20:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Vogat Interactive
[2012.01.31 00:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\wrapper
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F26F5952
@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4A8EB1C4
@Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4CD3F344
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C78DADEA
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:87A3A233
@Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2D133896
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F610C203
@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:6EE8565A
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:FB4262DE
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DC7EDF41
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:65C4D44A
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A4E7D25F
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AD2DB2F9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4C3D5A8B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:12258D63
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A58B27C9
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:45912F61
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Morongajovi\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1015,23 Mb Total Physical Memory | 717,84 Mb Available Physical Memory | 70,71% Memory free
2,38 Gb Paging File | 2,20 Gb Available in Paging File | 92,14% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 102,78 Gb Total Space | 75,31 Gb Free Space | 73,27% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 7,72 Gb Free Space | 85,74% Space Free | Partition Type: NTFS
Computer Name: MORONGAJ-A3F4C6 | User Name: Morongajovi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Morongajovi\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\IMPI\ExtensionUpdaterService.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\IMPI\ExtensionUpdaterService.exe ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (IMPI Updater) -- C:\Program Files\IMPI\ExtensionUpdaterService.exe ()
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (EagleXNt) -- C:\WINDOWS\system32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (PAC7302) -- C:\WINDOWS\system32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKCU\..\SearchScopes\{5FB839B8-AEE4-4922-A817-C4E506D3E8EF}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js - File not found
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@coreonline.com/run3d,version=1.0: C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Square Enix\nprun3d.dll (Square Enix)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Documents and Settings\Morongajovi\Data aplikací\Kalydo\KalydoPlayer\bin\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.07.13 01:18:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{17E113E6-CD0E-4045-B154-65F0E57959EF}: C:\Program Files\IMPI\Firefox [2013.02.06 21:01:43 | 000,000,000 | ---D | M]
[2011.02.03 22:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions
[2013.08.31 23:32:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.09.03 12:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions
[2013.09.03 12:29:51 | 000,000,000 | ---D | M] (AppsHat) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[2013.08.31 15:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\PLUGIN@GETWEBCAKE.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2013.02.06 21:01:43 | 000,000,000 | ---D | M] (IMPI) -- C:\PROGRAM FILES\IMPI\FIREFOX
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Documents and Settings\Morongajovi\Data aplikac\u00ED\Kalydo\KalydoPlayer\bin\npkalydo.dll
CHR - plugin: Square Enix Secure Launcher (Enabled) = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikac\u00ED\Square Enix\nprun3d.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WEBZEN Browser Extension (Enabled) = C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IE Tab = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.8.13.1_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hnjebfhieiaohnhafcolehbbcfkkkhje\2.2.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IE Tab = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.8.13.1_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hnjebfhieiaohnhafcolehbbcfkkkhje\2.2.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013.09.01 09:50:03 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IMPI) - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab (PCPitstop Utility)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51253DE9-07E5-41F9-9DE9-9E69B44945A7}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.03 20:43:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.09.03 22:59:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Morongajovi\Plocha\OTL.exe
[2013.09.03 22:51:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Morongajovi\Recent
[2013.09.03 22:50:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.09.03 21:17:23 | 001,898,112 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Morongajovi\Plocha\rkill.com
[2013.09.03 17:30:29 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013.09.03 17:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.09.03 17:13:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.09.03 17:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.09.03 16:04:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Nabídka Start\Programy\Revo Uninstaller
[2013.09.03 16:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013.09.03 13:40:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013.09.03 12:58:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Morongajovi\IECompatCache
[2013.09.03 12:35:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Minibar
[2013.09.03 12:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\7-Zip
[2013.09.03 12:30:41 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.09.03 12:29:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\AppsHat Mobile Apps
[2013.09.03 12:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Minibar
[2013.09.03 12:29:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Minibar
[2013.09.03 10:06:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.09.02 20:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013.09.01 23:13:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Plocha\údržba
[2013.09.01 19:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Nabídka Start\Programy\Notepad++
[2013.09.01 19:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Notepad++
[2013.09.01 19:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2013.09.01 19:48:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Notepad++
[2013.09.01 11:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013.09.01 10:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2013.09.01 00:04:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.08.31 23:27:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.08.31 22:37:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\TV_Online
[2013.08.31 22:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\TV Online
[2013.08.31 22:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2013.08.31 22:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\TV Online
[2013.08.31 21:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Thinstall
[2013.08.31 21:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Thinstall
[2013.08.31 19:02:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Data aplikací\Malwarebytes
[2013.08.31 19:01:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.08.31 18:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PCPitstop
[2013.08.31 17:19:47 | 017,737,608 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013.08.31 15:57:12 | 000,000,000 | ---D | C] -- C:\56bf5a36fbecccfc9c5a469681dd45
[2013.08.31 15:50:46 | 000,000,000 | ---D | C] -- C:\e9828458a1963ff619df
[2013.08.31 15:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2013.08.31 15:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Nabídka Start\Programy\Total Commander
[2013.08.31 15:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2013.08.31 15:13:42 | 000,000,000 | ---D | C] -- C:\totalcmd
[2013.08.31 15:12:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2013.08.31 15:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2013.08.31 15:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.08.31 15:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2013.08.31 15:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2013.08.31 15:10:25 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.08.31 15:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.08.31 15:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\WEBZEN
[2013.08.31 15:08:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Avg2013
[2013.08.31 11:52:21 | 004,422,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100u.dll
[2013.08.31 10:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\PCHealth
[2013.08.29 22:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Big Fish
[2013.08.28 12:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.02.02 13:58:52 | 000,369,719 | ---- | C] (RAD Game Tools, Inc.) -- C:\Documents and Settings\Morongajovi\granny2.dll
[2013.02.02 13:58:51 | 000,843,892 | ---- | C] (PythonLabs at Zope Corporation) -- C:\Documents and Settings\Morongajovi\python22.dll
[2013.02.02 13:58:51 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Morongajovi\mscoree.dll
[2013.02.02 13:58:46 | 000,434,252 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Morongajovi\MSVCRTD.dll
[2013.02.02 13:58:46 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\Documents and Settings\Morongajovi\ijl15.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.09.03 22:59:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Morongajovi\Plocha\OTL.exe
[2013.09.03 22:56:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.09.03 22:52:37 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.09.03 22:19:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.09.03 21:17:36 | 001,898,112 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Morongajovi\Plocha\rkill.com
[2013.09.01 19:43:56 | 000,000,002 | ---- | M] () -- C:\boot.int
[2013.09.01 19:43:30 | 000,000,046 | ---- | M] () -- C:\forestgreen.frg
[2013.09.01 15:41:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.09.01 13:34:08 | 000,556,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.09.01 13:34:08 | 000,549,682 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.09.01 13:34:08 | 000,120,798 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.09.01 13:34:08 | 000,103,162 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.08.31 18:19:37 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.08.31 18:19:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.08.31 18:19:33 | 017,737,608 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.09.03 22:52:37 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.09.01 19:43:30 | 000,000,046 | ---- | C] () -- C:\forestgreen.frg
[2013.09.01 19:43:30 | 000,000,002 | ---- | C] () -- C:\boot.int
[2013.05.15 16:05:49 | 000,000,588 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2013.05.13 13:29:08 | 000,000,030 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.12 16:22:41 | 001,195,821 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-583907252-1078081533-839522115-1003-0.dat
[2013.03.12 16:22:34 | 000,274,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.08.26 17:43:39 | 000,060,864 | ---- | C] () -- C:\Documents and Settings\Morongajovi\g2mdlhlpx.exe
[2012.05.16 18:21:28 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\fusioncache.dat
[2012.02.15 10:48:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.26 20:52:43 | 000,000,857 | ---- | C] () -- C:\WINDOWS\client.config.ini
[2011.04.08 18:53:00 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\SRDownloader.nast
[2011.02.14 19:57:09 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2011.02.06 22:16:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.11.01 22:36:07 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.06.30 12:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2011.02.06 14:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2012.01.07 22:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2012.08.06 07:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2011.02.04 00:23:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.06.20 17:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.06.27 10:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2013.09.03 13:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2013.09.03 14:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.06.05 09:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Origin
[2013.05.26 16:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Particles
[2013.08.31 18:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PCPitstop
[2012.02.08 23:51:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
[2013.05.01 13:48:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2012.06.24 12:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.08.31 15:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WEBZEN
[2013.06.30 12:55:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013.08.26 19:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\8floor
[2013.06.08 13:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Artifex Mundi
[2012.01.31 00:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Artogon
[2013.06.30 12:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\AVG
[2011.02.04 00:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\AVG10
[2011.11.04 11:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\BSplayer Pro
[2013.09.01 08:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\DAEMON Tools Lite
[2011.05.12 20:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\DDMSettings
[2011.12.26 20:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Kalydo
[2013.09.03 13:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Minibar
[2013.09.01 19:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Notepad++
[2013.06.07 20:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Origin
[2013.08.31 23:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Seznam.cz
[2013.08.31 21:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Thinstall
[2013.06.30 17:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\TuneUp Software
[2013.08.31 22:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\TV Online
[2012.02.09 20:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\Vogat Interactive
[2012.01.31 00:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Morongajovi\Data aplikací\wrapper
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F26F5952
@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4A8EB1C4
@Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4CD3F344
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C78DADEA
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:87A3A233
@Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2D133896
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F610C203
@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:6EE8565A
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:FB4262DE
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DC7EDF41
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:65C4D44A
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A4E7D25F
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AD2DB2F9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4C3D5A8B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:12258D63
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A58B27C9
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:45912F61
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: problém s NB log HJT
Odinstaluj :
AppsHat z Mozzily Firefox
GETWEBCAKE.COM z Mozzily Firefox
Minibar
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\forestgreen.frg
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
AppsHat z Mozzily Firefox
GETWEBCAKE.COM z Mozzily Firefox
Minibar
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (EagleXNt) -- C:\WINDOWS\system32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKCU\..\SearchScopes\{5FB839B8-AEE4-4922-A817-C4E506D3E8EF}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
[2011.02.03 22:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions
[2013.08.31 23:32:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.09.03 12:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions
[2013.09.03 12:29:51 | 000,000,000 | ---D | M] (AppsHat) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[2013.08.31 15:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\PLUGIN@GETWEBCAKE.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MORONGAJOVI\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\RL2RZQW2.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
O9 - Extra Button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
[2013.09.01 13:34:08 | 000,556,248 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.09.01 13:34:08 | 000,549,682 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.09.01 13:34:08 | 000,120,798 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.09.01 13:34:08 | 000,103,162 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F26F5952
@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4A8EB1C4
@Alternate Data Stream - 180 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4CD3F344
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C78DADEA
@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:87A3A233
@Alternate Data Stream - 177 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2D133896
@Alternate Data Stream - 172 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F610C203
@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:6EE8565A
@Alternate Data Stream - 158 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:FB4262DE
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DC7EDF41
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:65C4D44A
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A4E7D25F
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AD2DB2F9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4C3D5A8B
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:12258D63
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A58B27C9
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:45912F61
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Program Files\Minibar
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Minibar
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Avg2013
C:\WINDOWS\wininit.ini
C:\Documents and Settings\Morongajovi\g2mdlhlpx.exe
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.06 14:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
C:\Documents and Settings\Morongajovi\Data aplikací\Minibar
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" =-
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\forestgreen.frg
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: problém s NB log HJT
log z opravy OTL
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service EagleXNt stopped successfully!
Service EagleXNt deleted successfully!
File C:\WINDOWS\system32\drivers\EagleXNt.sys File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\system32\drivers\EagleNT.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5FB839B8-AEE4-4922-A817-C4E506D3E8EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FB839B8-AEE4-4922-A817-C4E506D3E8EF}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0\ deleted successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions folder moved successfully.
Folder C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions folder moved successfully.
Folder C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}\ not found.
Folder C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}\ not found.
File C:\Program Files\Minibar\Minibar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:F26F5952 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4A8EB1C4 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4CD3F344 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:C78DADEA deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:87A3A233 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2D133896 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:F610C203 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:6EE8565A deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:FB4262DE deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DC7EDF41 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:65C4D44A deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A4E7D25F deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:AD2DB2F9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4C3D5A8B deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:12258D63 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A58B27C9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:45912F61 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Program Files\Minibar not found.
File\Folder C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Minibar not found.
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Avg2013\log folder moved successfully.
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Avg2013 folder moved successfully.
C:\WINDOWS\wininit.ini moved successfully.
C:\Documents and Settings\Morongajovi\g2mdlhlpx.exe moved successfully.
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File\Folder [2011.02.06 14:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10 not found.
File\Folder C:\Documents and Settings\Morongajovi\Data aplikací\Minibar not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Morongajovi
->Temp folder emptied: 270929 bytes
->Temporary Internet Files folder emptied: 262546 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 7277251 bytes
->Flash cache emptied: 506 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: Morongajovi
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 09042013_114952
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service EagleXNt stopped successfully!
Service EagleXNt deleted successfully!
File C:\WINDOWS\system32\drivers\EagleXNt.sys File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\system32\drivers\EagleNT.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5FB839B8-AEE4-4922-A817-C4E506D3E8EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FB839B8-AEE4-4922-A817-C4E506D3E8EF}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0\ deleted successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions folder moved successfully.
Folder C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions folder moved successfully.
Folder C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}\ not found.
Folder C:\Documents and Settings\Morongajovi\Data aplikací\Mozilla\Firefox\Profiles\rl2rzqw2.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}\ not found.
File C:\Program Files\Minibar\Minibar.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:F26F5952 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4A8EB1C4 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4CD3F344 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:C78DADEA deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:87A3A233 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2D133896 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:F610C203 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:6EE8565A deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:FB4262DE deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DC7EDF41 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:65C4D44A deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A4E7D25F deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:AD2DB2F9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4C3D5A8B deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:12258D63 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A58B27C9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:45912F61 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Program Files\Minibar not found.
File\Folder C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Minibar not found.
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Avg2013\log folder moved successfully.
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\Avg2013 folder moved successfully.
C:\WINDOWS\wininit.ini moved successfully.
C:\Documents and Settings\Morongajovi\g2mdlhlpx.exe moved successfully.
C:\Documents and Settings\Morongajovi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File\Folder [2011.02.06 14:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10 not found.
File\Folder C:\Documents and Settings\Morongajovi\Data aplikací\Minibar not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Morongajovi
->Temp folder emptied: 270929 bytes
->Temporary Internet Files folder emptied: 262546 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 7277251 bytes
->Flash cache emptied: 506 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: Morongajovi
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 09042013_114952
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: problém s NB log HJT
prosím ještě o radu když restartuji NB tak mi nejdou otevřít složky jako dokumenty nebo tento počítač ....skočí tam win.instaler nainstaluje něco a potom už to jde normálně? už jsem smazala skoro vše co by to mohlo brzdit a přesto se to ještě nějakou chvíli načítá mám nachystanej Avast ale bojím se teď něco instalovat ..mám udělat ještě sken nebo co s tím a ..děkuji za pomoc Petra
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: problém s NB log HJT
Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: problém s NB log HJT
Results of screen317's Security Check version 0.99.73
Windows XP Service Pack 3 x86
Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 7 Update 25
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.7 Adobe Reader out of Date!
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
Google Chrome Plugins...
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
Windows XP Service Pack 3 x86
Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 7 Update 25
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.7 Adobe Reader out of Date!
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
Google Chrome Plugins...
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
Re: problém s NB log HJT
----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2013/09/04 19:39:12
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8M 3 port Serial ATA Storage Controller - 2828 [ATA]
+ Primární kanál IDE (0)
- ST9120817AS
+ Sekundární kanál IDE (1)
- HL-DT-ST DVDRAM GSA-T40L
-- Disk List ---------------------------------------------------------------
(1) ST9120817AS : 120,0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST9120817AS
----------------------------------------------------------------------------
Model : ST9120817AS
Firmware : 3.AHC
Serial Number : 5RE0VE9D
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 18618 hod.
Power On Count : 7232 krát
Temparature : 41 C (105 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _92 _92 _20 0000000021C3 Počet spuštění/zastavení
05 _95 _95 _36 0000000000EA Počet přemapovaných sektorů
07 _87 _60 _30 000023D4C7D9 Počet chybných hledání
09 _79 _79 __0 0000000048BA Hodin v činnosti
0A 100 100 _34 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _93 _93 _20 000000001C40 Počet cyklů zapnutí zařízení
B8 100 253 _97 000000000000 Ukončovacích chyb
BB __1 __1 __0 000000002DB1 Ohlášeno neopravitelných chyb
BC 100 _98 __0 000000000010 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _59 _36 _40 0005400C0029 Teplota toku vzduchu
BF 100 100 __0 0000000001D9 Počet udalostí zaznamenaných otřesovým senzorem
C0 _99 _99 __0 0000000007F8 Počet vypnutí disku
C1 __1 __1 __0 00000007BD92 Počet cyklů načítání/vymazání
C2 _41 _64 __0 000C00000029 Teplota
C3 _58 _52 __0 00000204C62F Počet oprav chybného čtení
C5 100 100 __0 000000000001 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3552 4530 5645 3944 2020 2020 2020 2020 2020 2020
020: 0000 4000 0004 332E 4148 4320 2020 5354 3931 3230
030: 3831 3741 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 0048 0040
080: 01F8 0029 306B 7C09 6123 3069 B409 6123 203F 0016
090: 0016 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0000 4000 0000 5000 C500
110: 0E5E 354A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 4BB0
130: 0DF9 4BB0 0DF9 2020 0002 82B6 0002 0000 3C06 3C06
140: FFFF 07C6 0100 0000 100F 1800 0002 0080 0000 0000
150: 6080 0000 0000 0000 0000 0000 0000 0000 1E00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0FA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 64 FD 00 00 00 00 00 00 00 03 02
010: 00 63 63 00 00 00 00 00 00 00 04 33 00 5C 5C C3
020: 21 00 00 00 00 00 05 33 00 5F 5F EA 00 00 00 00
030: 00 00 07 0F 00 57 3C D9 C7 D4 23 00 00 00 09 32
040: 00 4F 4F BA 48 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 33 00 5D 5D 40 1C 00 00 00
060: 00 00 B8 33 00 64 FD 00 00 00 00 00 00 00 BB 3A
070: 00 01 01 B1 2D 00 00 00 00 00 BC 32 00 64 62 10
080: 00 00 00 00 00 00 BD 32 00 64 64 00 00 00 00 00
090: 00 00 BE 32 00 3B 24 29 00 0C 40 05 00 00 BF 32
0A0: 00 64 64 D9 01 00 00 00 00 00 C0 3A 00 63 63 F8
0B0: 07 00 00 00 00 00 C1 12 00 01 01 92 BD 07 00 00
0C0: 00 00 C2 3A 00 29 40 29 00 00 00 0C 00 00 C3 3E
0D0: 00 3A 34 2F C6 04 02 00 00 00 C5 32 00 64 64 01
0E0: 00 00 00 00 00 00 C6 3E 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AA 01 00 53
170: 03 00 01 00 02 2D 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 01 01 01 01 01 01 01 01 00
190: 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00
1A0: 01 00 8A E8 24 89 F6 07 00 00 01 00 00 00 D9 01
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 F4 A9 EB 9E 05 00
1D0: 00 00 51 63 24 04 00 00 00 00 00 00 00 00 00 00
1E0: 6D 5D 03 00 01 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 22 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 61 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E7
CrystalDiskInfo 5.6.1 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2013/09/04 19:39:12
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8M 3 port Serial ATA Storage Controller - 2828 [ATA]
+ Primární kanál IDE (0)
- ST9120817AS
+ Sekundární kanál IDE (1)
- HL-DT-ST DVDRAM GSA-T40L
-- Disk List ---------------------------------------------------------------
(1) ST9120817AS : 120,0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST9120817AS
----------------------------------------------------------------------------
Model : ST9120817AS
Firmware : 3.AHC
Serial Number : 5RE0VE9D
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 18618 hod.
Power On Count : 7232 krát
Temparature : 41 C (105 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _92 _92 _20 0000000021C3 Počet spuštění/zastavení
05 _95 _95 _36 0000000000EA Počet přemapovaných sektorů
07 _87 _60 _30 000023D4C7D9 Počet chybných hledání
09 _79 _79 __0 0000000048BA Hodin v činnosti
0A 100 100 _34 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _93 _93 _20 000000001C40 Počet cyklů zapnutí zařízení
B8 100 253 _97 000000000000 Ukončovacích chyb
BB __1 __1 __0 000000002DB1 Ohlášeno neopravitelných chyb
BC 100 _98 __0 000000000010 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _59 _36 _40 0005400C0029 Teplota toku vzduchu
BF 100 100 __0 0000000001D9 Počet udalostí zaznamenaných otřesovým senzorem
C0 _99 _99 __0 0000000007F8 Počet vypnutí disku
C1 __1 __1 __0 00000007BD92 Počet cyklů načítání/vymazání
C2 _41 _64 __0 000C00000029 Teplota
C3 _58 _52 __0 00000204C62F Počet oprav chybného čtení
C5 100 100 __0 000000000001 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3552 4530 5645 3944 2020 2020 2020 2020 2020 2020
020: 0000 4000 0004 332E 4148 4320 2020 5354 3931 3230
030: 3831 3741 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 0048 0040
080: 01F8 0029 306B 7C09 6123 3069 B409 6123 203F 0016
090: 0016 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0000 4000 0000 5000 C500
110: 0E5E 354A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 4BB0
130: 0DF9 4BB0 0DF9 2020 0002 82B6 0002 0000 3C06 3C06
140: FFFF 07C6 0100 0000 100F 1800 0002 0080 0000 0000
150: 6080 0000 0000 0000 0000 0000 0000 0000 1E00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0FA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 64 FD 00 00 00 00 00 00 00 03 02
010: 00 63 63 00 00 00 00 00 00 00 04 33 00 5C 5C C3
020: 21 00 00 00 00 00 05 33 00 5F 5F EA 00 00 00 00
030: 00 00 07 0F 00 57 3C D9 C7 D4 23 00 00 00 09 32
040: 00 4F 4F BA 48 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 33 00 5D 5D 40 1C 00 00 00
060: 00 00 B8 33 00 64 FD 00 00 00 00 00 00 00 BB 3A
070: 00 01 01 B1 2D 00 00 00 00 00 BC 32 00 64 62 10
080: 00 00 00 00 00 00 BD 32 00 64 64 00 00 00 00 00
090: 00 00 BE 32 00 3B 24 29 00 0C 40 05 00 00 BF 32
0A0: 00 64 64 D9 01 00 00 00 00 00 C0 3A 00 63 63 F8
0B0: 07 00 00 00 00 00 C1 12 00 01 01 92 BD 07 00 00
0C0: 00 00 C2 3A 00 29 40 29 00 00 00 0C 00 00 C3 3E
0D0: 00 3A 34 2F C6 04 02 00 00 00 C5 32 00 64 64 01
0E0: 00 00 00 00 00 00 C6 3E 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AA 01 00 53
170: 03 00 01 00 02 2D 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 01 01 01 01 01 01 01 01 00
190: 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00
1A0: 01 00 8A E8 24 89 F6 07 00 00 01 00 00 00 D9 01
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 F4 A9 EB 9E 05 00
1D0: 00 00 51 63 24 04 00 00 00 00 00 00 00 00 00 00
1E0: 6D 5D 03 00 01 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 22 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 61 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E7
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: problém s NB log HJT
05 _95 _95 _36 0000000000EA Počet přemapovaných sektorů
07 _87 _60 _30 000023D4C7D9 Počet chybných hledání
BB __1 __1 __0 000000002DB1 Ohlášeno neopravitelných chyb
BF 100 100 __0 0000000001D9 Počet udalostí zaznamenaných otřesovým senzorem
C3 _58 _52 __0 00000204C62F Počet oprav chybného čtení
C5 100 100 __0 000000000001 Počet podezřelých sektorů
disk odchází do kytek , to způsobuje ty problémy...reklamace , nebo nákup nového disku.
07 _87 _60 _30 000023D4C7D9 Počet chybných hledání
BB __1 __1 __0 000000002DB1 Ohlášeno neopravitelných chyb
BF 100 100 __0 0000000001D9 Počet udalostí zaznamenaných otřesovým senzorem
C3 _58 _52 __0 00000204C62F Počet oprav chybného čtení
C5 100 100 __0 000000000001 Počet podezřelých sektorů
disk odchází do kytek , to způsobuje ty problémy...reklamace , nebo nákup nového disku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: problém s NB log HJT
hezky zděleno nic méně ještě jednou děkuji za vaši pomoc a čas ..viry už jsou asi pryč tak snad mi ještě nějakou dobu vydrží ...Petra
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: problém s NB log HJT Vyřešeno
i za jara není zač. Jinak na ten disk bych moc nespoléhal. Ten stav opravdu není dobrý... Těch chyb už je tam moc... Zazálohoval bych data co nejdříve a opravdu se díval po jiném...
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 89 hostů