========== Files Created - No Company Name ==========
[2013.11.20 03:43:49 | 000,000,801 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.11.20 03:43:37 | 000,035,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013.11.20 03:40:02 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\TrueSight.sys
[2013.11.20 01:07:00 | 000,066,560 | ---- | C] () -- C:\~ccetmp.dat
[2013.11.19 03:07:29 | 000,001,179 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Trend Micro Titanium Maximum Security Installer.lnk
[2013.11.18 22:04:46 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Comodo Dragon.lnk
[2013.11.18 20:10:43 | 021,806,706 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Uniblue-PowerSuite-Pro-2013-v4.1.7.1-with-Key.rar
[2013.11.18 19:46:07 | 000,268,968 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2013.11.18 19:34:07 | 000,099,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.11.17 23:53:25 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AVG 2014.lnk
[2013.11.17 21:00:48 | 000,001,863 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare 7.lnk
[2013.11.17 20:51:29 | 032,624,313 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Advanced-SystemCare-7-PRO-v7.0.5.360-CZ-Final-Serial.rar
[2013.11.17 20:04:29 | 126,729,240 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\avira_free_antivirus_en.exe
[2013.11.17 16:31:56 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\MBR.dat
[2013.11.17 14:30:49 | 000,083,246 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.11.16 13:38:35 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013.11.16 13:38:35 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013.11.16 13:38:35 | 000,001,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013.11.16 13:38:35 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013.11.16 13:38:34 | 000,674,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013.11.16 13:38:34 | 000,069,570 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013.11.16 13:38:34 | 000,028,164 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013.11.16 13:38:33 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013.11.16 13:38:33 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013.11.16 13:38:33 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013.11.16 13:38:33 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013.11.16 13:38:33 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013.11.16 13:38:33 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013.11.16 13:38:33 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013.11.16 13:38:33 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013.11.16 13:38:33 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013.11.16 13:38:33 | 000,058,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013.11.16 13:38:33 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013.11.16 13:38:33 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013.11.16 13:38:32 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013.11.16 13:38:32 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013.11.16 13:38:32 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013.11.16 13:38:32 | 000,086,446 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013.11.16 13:38:32 | 000,066,170 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013.11.16 13:38:32 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013.11.16 13:38:32 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013.11.16 13:38:32 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013.11.16 13:38:32 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013.11.16 13:38:32 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013.11.16 13:38:32 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013.11.16 13:38:32 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013.11.16 13:38:32 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013.11.16 13:38:32 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013.11.16 13:38:32 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013.11.16 13:38:32 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013.11.16 13:38:32 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013.11.16 13:38:32 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013.11.16 13:38:32 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013.11.16 13:38:32 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013.11.16 13:38:32 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013.11.16 13:38:32 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013.11.16 13:38:32 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013.11.16 13:38:32 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013.11.16 13:38:32 | 000,001,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013.11.16 13:38:32 | 000,001,480 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013.11.16 13:38:32 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013.11.16 13:38:32 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013.11.16 13:38:32 | 000,001,462 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013.11.16 13:38:32 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013.11.16 13:38:32 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013.11.16 13:38:32 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013.11.16 13:38:32 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013.11.16 13:38:32 | 000,001,263 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013.11.16 13:38:32 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013.11.16 13:38:32 | 000,001,059 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013.11.16 13:38:32 | 000,001,042 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013.11.16 13:38:32 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013.11.16 13:38:32 | 000,000,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013.11.16 13:38:32 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013.11.16 13:38:32 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013.11.16 13:38:32 | 000,000,777 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013.11.16 13:38:32 | 000,000,774 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013.11.16 13:38:32 | 000,000,722 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013.11.16 13:38:32 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013.11.16 13:38:31 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013.11.16 13:38:31 | 000,036,870 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013.11.16 13:38:31 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013.11.16 13:38:31 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013.11.16 13:38:31 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013.11.16 13:38:30 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013.11.16 13:38:30 | 000,184,130 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013.11.16 13:38:30 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013.11.16 13:38:30 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013.11.16 13:38:30 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013.11.16 13:38:30 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013.11.16 13:38:30 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013.11.16 13:38:30 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013.11.16 13:38:30 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013.11.16 13:38:30 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013.11.16 13:38:30 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013.11.15 12:23:55 | 001,085,542 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
[2013.11.15 03:19:27 | 000,000,022 | ---- | C] () -- C:\WINDOWS\tpcsd
[2013.11.14 23:26:11 | 000,008,627 | ---- | C] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2013.11.14 21:47:53 | 000,010,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2013.11.14 21:44:11 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013.11.14 03:28:40 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.11.14 02:09:29 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2013.11.14 02:09:25 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2013.11.14 02:07:18 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.11.14 01:57:36 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Outlook Express.lnk
[2013.11.14 01:56:43 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Internet Explorer.lnk
[2013.11.13 22:38:25 | 000,000,327 | ---- | C] () -- C:\Boot.bak
[2013.11.13 22:38:23 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.11.13 22:11:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.11.13 19:25:56 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2013.11.13 03:44:51 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013.11.13 03:44:51 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013.11.13 03:44:51 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013.11.13 03:31:30 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.11.13 03:31:28 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013.11.13 03:31:28 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013.11.13 03:31:28 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013.11.13 03:31:27 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013.11.13 03:31:12 | 000,001,592 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.11.13 03:31:01 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.11.13 03:31:01 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.11.13 03:31:01 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.11.13 03:31:01 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.11.13 03:31:01 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.11.13 03:31:01 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.11.13 03:31:01 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.11.13 03:31:00 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2013.11.13 03:29:51 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2013.11.13 03:29:48 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.11.13 03:16:13 | 000,073,451 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2013.11.13 03:15:52 | 000,016,960 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2013.11.13 03:14:46 | 000,008,824 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2013.11.13 02:44:25 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2013.11.13 02:44:25 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
[2013.11.13 02:43:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.11.13 02:42:41 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.11.13 02:42:18 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.11.13 02:42:08 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.11.13 02:42:07 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.11.13 02:42:05 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.11.13 02:41:55 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.11.13 02:41:50 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.11.13 02:41:32 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.11.13 02:40:33 | 000,002,504 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.11.13 02:40:33 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013.11.13 02:40:33 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.11.13 02:40:33 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013.11.13 02:40:33 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013.11.13 02:40:23 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.11.13 02:40:23 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.11.13 02:40:22 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.11.13 02:39:04 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Movie Maker.lnk
[2013.11.13 02:38:52 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.11.13 02:38:24 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.11.13 02:38:24 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.11.13 02:38:19 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.11.13 02:37:11 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Messenger.lnk
[2013.11.13 02:37:09 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.11.13 02:36:24 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prérijní vítr.bmp
[2013.11.13 02:36:24 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Omítka Santa Fe.bmp
[2013.11.13 02:36:24 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Řeka Sumida.bmp
[2013.11.13 02:36:24 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2013.11.13 02:36:24 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013.11.13 02:36:23 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Mýdlové bubliny.bmp
[2013.11.13 02:36:23 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Zelený kámen.bmp
[2013.11.13 02:36:23 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybách.bmp
[2013.11.13 02:36:23 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Zrnko kávy.bmp
[2013.11.13 02:36:23 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Textura peří.bmp
[2013.11.13 02:36:23 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Modrá krajka 16.bmp
[2013.11.13 02:36:21 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.11.13 02:36:21 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.11.13 02:36:20 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.11.13 02:36:14 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008.04.14 08:51:42 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.11.18 00:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG2014
[2013.11.14 02:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESET
[2013.11.20 03:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GetRightToGo
[2013.11.17 20:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\IObit
[2013.11.17 23:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2013.11.19 03:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VIPRE
[2013.11.18 19:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Vtools
[2013.11.18 00:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2013.11.14 23:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Backup
[2013.11.17 23:04:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.11.19 03:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2013.11.15 00:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.11.18 19:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.11.20 03:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Max Secure
[2013.11.19 02:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.11.14 23:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ProductData
[2013.11.19 03:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VIPRE
[2013.11.14 20:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 20.11.2013 15:34:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
895,48 Mb Total Physical Memory | 398,65 Mb Available Physical Memory | 44,52% Memory free
2,12 Gb Paging File | 1,60 Gb Available in Paging File | 75,59% Paging File free
Paging file location(s): C:\pagefile.sys 1342 1342 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 29,32 Gb Free Space | 78,71% Space Free | Partition Type: NTFS
Drive E: | 37,27 Gb Total Space | 17,45 Gb Free Space | 46,83% Space Free | Partition Type: NTFS
Computer Name: DK-D595C5267E89 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = DragonHTML] -- C:\Program Files\Comodo\Dragon\dragon.exe (Comodo)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = DragonHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Comodo\Dragon\dragon.exe" -- "%1" (Comodo)
https [open] -- "C:\Program Files\Comodo\Dragon\dragon.exe" -- "%1" (Comodo)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"" = 0
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05C8103C-9086-44C2-A034-75F1E9A91D8F}" = AVG 2014
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{EEAFDDCF-0B0E-44DB-995B-886FB139CF1F}" = AVG 2014
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"AVG" = AVG 2014
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10
"Comodo Dragon" = Comodo Dragon
"IObitUninstall" = IObit Uninstaller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 5.00 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.11.2013 9:12:25 | Computer Name = DK-D595C5267E89 | Source = Application Error | ID = 1000
Description = Chybující aplikace pev.exe, verze 0.0.0.0, chybující modul pev.exe,
verze 0.0.0.0, adresa chyby 0x0008d1c0.
Error - 17.11.2013 14:25:27 | Computer Name = DK-D595C5267E89 | Source = Application Error | ID = 1000
Description = Chybující aplikace mbamgui.exe, verze 1.70.0.0, chybující modul mbamgui.exe,
verze 1.70.0.0, adresa chyby 0x0003b525.
Error - 17.11.2013 14:54:10 | Computer Name = DK-D595C5267E89 | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF11 Description:. 0x8004FF11.
Error - 17.11.2013 14:55:41 | Computer Name = DK-D595C5267E89 | Source = MsiInstaller | ID = 1008
Description = Instalace C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\BB2F2041-4FB9-11E3-B7A7-003018AE366B\kavkis.msi
není povolena z důvodu chyby při zpracování zásad omezení softwaru. Objekt není
důvěryhodný
Error - 17.11.2013 15:08:08 | Computer Name = DK-D595C5267E89 | Source = MsiInstaller | ID = 11704
Description = Product: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
-- Error 1704.An installation for Microsoft Security Client is currently suspended.
You must undo the changes made by that installation to continue. Do you want
to undo those changes?
Error - 18.11.2013 21:33:55 | Computer Name = DK-D595C5267E89 | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2014 -- Chyba
27054. CA_Error27054: SetupAction(0xC0070642): Instalace selhala.
Error - 18.11.2013 22:16:02 | Computer Name = DK-D595C5267E89 | Source = MsiInstaller | ID = 11704
Description = Product: VIPRE Internet Security -- Error 1704. An installation for
Kaspersky Security Scan is currently suspended. You must undo the changes made
by that installation to continue. Do you want to undo those changes?
Error - 19.11.2013 5:26:24 | Computer Name = DK-D595C5267E89 | Source = VIPRE Internet Security | ID = 0
Description = ERROR 636 1 2013-11-19T10:26:24.5625000+01:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Authentication.FacebookProvider.GetApplicationDisplayName: Facebook.WebExceptionWrapper:
The remote name could not be resolved: 'graph.facebook.com' at Facebook.HttpHelper.OpenRead()
at Facebook.FacebookClient.Api(HttpMethod httpMethod, String path, Object parameters,
Type resultType) at Facebook.FacebookClient.Get(String path, Object parameters,
Type resultType) at Facebook.FacebookClient.Get(String path, Object parameters)
at Facebook.FacebookClient.Get(String path) at SocialWatch.Authentication.FacebookProvider.GetApplicationDisplayName()
Error - 19.11.2013 5:30:17 | Computer Name = DK-D595C5267E89 | Source = VIPRE Internet Security | ID = 0
Description = ERROR 2716 1 2013-11-19T10:30:17.5781250+01:00 SocialWatch.Authentication.FacebookProvider SocialWatch.Authentication.FacebookProvider.GetApplicationDisplayName: Facebook.WebExceptionWrapper:
The remote name could not be resolved: 'graph.facebook.com' at Facebook.HttpHelper.OpenRead()
at Facebook.FacebookClient.Api(HttpMethod httpMethod, String path, Object parameters,
Type resultType) at Facebook.FacebookClient.Get(String path, Object parameters,
Type resultType) at Facebook.FacebookClient.Get(String path, Object parameters)
at Facebook.FacebookClient.Get(String path) at SocialWatch.Authentication.FacebookProvider.GetApplicationDisplayName()
Error - 19.11.2013 18:59:29 | Computer Name = DK-D595C5267E89 | Source = Application Error | ID = 1000
Description = Chybující aplikace wordpad.exe, verze 5.1.2600.5512, chybující modul
, verze 0.0.0.0, adresa chyby 0x00000000.
[ System Events ]
Error - 20.11.2013 10:02:01 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7034
Description = Služba MaxMerger byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 20.11.2013 10:13:42 | Computer Name = DK-D595C5267E89 | Source = SRService | ID = 104
Description = Proces inicializace nástroje Obnovení systému se nezdařil.
Error - 20.11.2013 10:14:17 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7000
Description = Služba AVGIDSAgent neuspěla při spuštění v důsledku následující chyby:
%%3
Error - 20.11.2013 10:14:17 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7000
Description = Služba AVG WatchDog neuspěla při spuštění v důsledku následující chyby:
%%3
Error - 20.11.2013 10:14:17 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7023
Description = Služba Služba obnovení systému byla ukončena s následující chybou:
%%2
Error - 20.11.2013 10:14:43 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7034
Description = Služba SecureUpdate byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 20.11.2013 10:30:32 | Computer Name = DK-D595C5267E89 | Source = SRService | ID = 104
Description = Proces inicializace nástroje Obnovení systému se nezdařil.
Error - 20.11.2013 10:30:52 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7000
Description = Služba AVGIDSAgent neuspěla při spuštění v důsledku následující chyby:
%%3
Error - 20.11.2013 10:30:52 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7000
Description = Služba AVG WatchDog neuspěla při spuštění v důsledku následující chyby:
%%3
Error - 20.11.2013 10:30:52 | Computer Name = DK-D595C5267E89 | Source = Service Control Manager | ID = 7023
Description = Služba Služba obnovení systému byla ukončena s následující chybou:
%%2
< End of report >
Zpomalený startup, nefunkční antivir+aktualizace windows
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
# DelFix v10.6 - Logfile created 20/11/2013 at 20:14:31
# Updated 11/11/2013 by Xplode
# Username : Administrator - DK-D595C5267E89
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\Administrator\Plocha\TFC.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Cleaning system restore ...
Deleted : RP #9 [Uniblue Powersuite installation | 11/18/2013 19:16:44]
New restore point created !
########## - EOF - ##########
# Updated 11/11/2013 by Xplode
# Username : Administrator - DK-D595C5267E89
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\Administrator\Plocha\TFC.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Cleaning system restore ...
Deleted : RP #9 [Uniblue Powersuite installation | 11/18/2013 19:16:44]
New restore point created !
########## - EOF - ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
To je bordel.
Pokud najdeš , odinstaluj:
VIPRE
Panda Security
Spybot - Search & Destroy 2
ESET
KIS (Kaspersky Antivirus)
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
AVG přeinstalovat (opravit)
Vytvoř si na disku C novou složku a pojmenuj ji jako pch a do ní si ulož tento skript a hosts soubor.
Vytvoř si originální hosts soubor:
Spusť Poznámkový blok (Notepad): Start -> Spustit.. otevře se ti okno a do něj napiš notepad a dej Ok.
Otevře se ti poznámkový blok a do něj zkopíruj celý text
Zvol v menu záložku Soubor -> Uložit jako... a nastav/vyplň tyto údaje
Název souboru: hosts
Uložit jako typ: Všechny soubory
Ulož tento soubor do již předem vytvořeného adresáře (pch).
Pak jdi přes Start => Spustit a proveď tento příkaz.
proveď restart PC a po najetí zpět proveď tento příkaz.
a vlož sem ten log co se ti zobrazí.
Pokud najdeš , odinstaluj:
VIPRE
Panda Security
Spybot - Search & Destroy 2
ESET
KIS (Kaspersky Antivirus)
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe File not found
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
Hosts file not found
O2 - BHO: (VIPRE Search Guard Helper) - {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} - C:\Program Files\VIPRE\VSGN.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - No CLSID value found.
O4 - HKLM..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\vipresg {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files\VIPRE\VSGN.dll File not found
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Program Files\VIPRE
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE
C:\Documents and Settings\Administrator\Data aplikací\VIPRE
C:\found.000
C:\Program Files\Panda Security
C:\Program Files\Spybot - Search & Destroy 2
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\ESET
C:\Documents and Settings\Administrator\Data aplikací\ESET
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
C:\Documents and Settings\All Users\Data aplikací\ESET
C:\WINDOWS\System32\d3d9caps.dat
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\BB2F2041-4FB9-11E3-B7A7-003018AE366B\kavkis.msi
ipconfig /flushdns /c
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
AVG přeinstalovat (opravit)
Vytvoř si na disku C novou složku a pojmenuj ji jako pch a do ní si ulož tento skript a hosts soubor.
Vytvoř si originální hosts soubor:
Spusť Poznámkový blok (Notepad): Start -> Spustit.. otevře se ti okno a do něj napiš notepad a dej Ok.
Otevře se ti poznámkový blok a do něj zkopíruj celý text
Kód: Vybrat vše
# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost
Zvol v menu záložku Soubor -> Uložit jako... a nastav/vyplň tyto údaje
Název souboru: hosts
Uložit jako typ: Všechny soubory
Ulož tento soubor do již předem vytvořeného adresáře (pch).
Pak jdi přes Start => Spustit a proveď tento příkaz.
Kód: Vybrat vše
cmd /c copy c:\pch\hosts %WINDIR%\system32\drivers\etc\hostsproveď restart PC a po najetí zpět proveď tento příkaz.
Kód: Vybrat vše
cmd /c dir /a %WINDIR%\system32\drivers\etc>>dirl.txt&dirl.txt&del dirl.txta vlož sem ten log co se ti zobrazí.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service avgwd stopped successfully!
Service avgwd deleted successfully!
File C:\Program Files\AVG\AVG2014\avgwdsvc.exe File not found not found.
Service AVGIDSAgent stopped successfully!
Service AVGIDSAgent deleted successfully!
File C:\Program Files\AVG\AVG2014\avgidsagent.exe File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A924C17A-5E94-4E02-BED5-49720BA6F7FA}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AVG_UI not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vipresg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47BE2E5B-703B-444F-ABD3-05717D2191C6}\ deleted successfully.
File {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files\VIPRE\VSGN.dll File not found not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Game_Booster_AutoUpdate.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Program Files\VIPRE\Definitions folder moved successfully.
C:\Program Files\VIPRE folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup\CartSdk\i386 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup\CartSdk\amd64 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup\CartSdk folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\VIPRE\Logs folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\VIPRE folder moved successfully.
C:\found.000 folder moved successfully.
C:\Program Files\Panda Security\Panda Cloud Cleaner folder moved successfully.
C:\Program Files\Panda Security folder moved successfully.
C:\Program Files\Spybot - Search & Destroy 2 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET\ESET Smart Security\Quarantine folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Rogue Applications Remover folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET folder moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
File\Folder C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\BB2F2041-4FB9-11E3-B7A7-003018AE366B\kavkis.msi not found.
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS Při vykonávání funkce došlo k chybě.
nebyla vyprázdněna.
C:\Documents and Settings\Administrator\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\Plocha\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
========== COMMANDS ==========
Error: Unble to create default HOSTS file!
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 236695804 bytes
->Temporary Internet Files folder emptied: 33433 bytes
->Flash cache emptied: 492 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33535 bytes
User: NetworkService
->Temp folder emptied: 10480 bytes
->Temporary Internet Files folder emptied: 40555202 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 55725766 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 318,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11212013_180342
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Svazek v jednotce C je Windows+Utilities.
S‚riov‚ źˇslo svazku je A4B1-F593.
Věpis adres ýe C:\WINDOWS\system32\drivers
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service avgwd stopped successfully!
Service avgwd deleted successfully!
File C:\Program Files\AVG\AVG2014\avgwdsvc.exe File not found not found.
Service AVGIDSAgent stopped successfully!
Service AVGIDSAgent deleted successfully!
File C:\Program Files\AVG\AVG2014\avgidsagent.exe File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{963C8283-AE7F-4AA6-9B3B-847A8FC62C5E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A924C17A-5E94-4E02-BED5-49720BA6F7FA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A924C17A-5E94-4E02-BED5-49720BA6F7FA}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AVG_UI not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vipresg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47BE2E5B-703B-444F-ABD3-05717D2191C6}\ deleted successfully.
File {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files\VIPRE\VSGN.dll File not found not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Game_Booster_AutoUpdate.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Program Files\VIPRE\Definitions folder moved successfully.
C:\Program Files\VIPRE folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup\CartSdk\i386 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup\CartSdk\amd64 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup\CartSdk folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE\Setup folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\VIPRE folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\VIPRE\Logs folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\VIPRE folder moved successfully.
C:\found.000 folder moved successfully.
C:\Program Files\Panda Security\Panda Cloud Cleaner folder moved successfully.
C:\Program Files\Panda Security folder moved successfully.
C:\Program Files\Spybot - Search & Destroy 2 folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET\ESET Smart Security\Quarantine folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Rogue Applications Remover folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET folder moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
File\Folder C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\BB2F2041-4FB9-11E3-B7A7-003018AE366B\kavkis.msi not found.
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS Při vykonávání funkce došlo k chybě.
nebyla vyprázdněna.
C:\Documents and Settings\Administrator\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\Plocha\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
========== COMMANDS ==========
Error: Unble to create default HOSTS file!
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 236695804 bytes
->Temporary Internet Files folder emptied: 33433 bytes
->Flash cache emptied: 492 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33535 bytes
User: NetworkService
->Temp folder emptied: 10480 bytes
->Temporary Internet Files folder emptied: 40555202 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 55725766 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 318,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11212013_180342
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Svazek v jednotce C je Windows+Utilities.
S‚riov‚ źˇslo svazku je A4B1-F593.
Věpis adres ýe C:\WINDOWS\system32\drivers
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
A to další?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
to dalsi je tohle
Svazek v jednotce C je Windows+Utilities.
S‚riov‚ źˇslo svazku je A4B1-F593.
Věpis adres ýe C:\WINDOWS\system32cmd psal že nemůže najít soubor
Svazek v jednotce C je Windows+Utilities.
S‚riov‚ źˇslo svazku je A4B1-F593.
Věpis adres ýe C:\WINDOWS\system32cmd psal že nemůže najít soubor
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
Stáhni si zde soubor hosts:
http://leteckaposta.cz/771942860
rozbal a a vyjmi soubor ze složky.
Vlož ho do této složky:
C:\WINDOWS\system32\drivers\etc a potvrď přepsání.
Restartuj PC.
Pak jdi do složky
C:\WINDOWS\system32\drivers\etc
a soubor hosts otevři v pozn. bloku a vlož sem celý jeho obsah.
http://leteckaposta.cz/771942860
rozbal a a vyjmi soubor ze složky.
Vlož ho do této složky:
C:\WINDOWS\system32\drivers\etc a potvrď přepsání.
Restartuj PC.
Pak jdi do složky
C:\WINDOWS\system32\drivers\etc
a soubor hosts otevři v pozn. bloku a vlož sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
C:\WINDOWS\system32\drivers\etc - nenašel jsem tuto složku
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
Určitě tam je a ani by neměla být skrytá
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
Nevidím ji, ani přes cmd. Bude asi smazaná.
Mám reinstalovat windows?
Mám reinstalovat windows?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
Tak to máš pělně dodrbaný.
Tak stáhni celou složku:
http://leteckaposta.cz/984207473
Rozbal a celou složku etc vlož do:
C:\windows\system32\drivers
Tak stáhni celou složku:
http://leteckaposta.cz/984207473
Rozbal a celou složku etc vlož do:
C:\windows\system32\drivers
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zpomalený startup, nefunkční antivir+aktualizace windows
JJ, moc tomu nerozumím tak se to snažím pochopit tím že zkouším různé rady a programy z internetu a zkoumám to různě 
Občas udělám blbost...
Jinak ten soubor jsem zkopíroval, co ted?
Občas udělám blbost...
Jinak ten soubor jsem zkopíroval, co ted?
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 99 hostů