Prosím o kontrolu logu HJT

Příspěvekod **jaro3** » 28 srp 2010 14:08

Je to OK.

Vypni si obnovu systému--restartuj PC---zase si obnovu systému zapni.

vyčisti systém CCleanerem
klikni na aplikace , zda máš zatrhnuty u prohlížečů cookies.Pak vyčisti podle návodu.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Reklama

vašekp · Příspěvekod **vašekp** » 08 zář 2010 21:51

Je to pořád pomalé, nabíhání i další věci.
Vyčistil jsem disk, použil jsem ccleaner i s opravou registrů, v nouzovém režimu pustil avast rychle a pomalu, neměl by tam být vir.
Mám zkusit všechno co je tu popsané ještě jednou?
Dík.

bledulka · Příspěvekod **bledulka** » 08 zář 2010 22:17

Jak dlouho máš systém bez reinstalu?

vašekp · Příspěvekod **vašekp** » 09 zář 2010 18:56

Víc jak rok, možná dva.

Příspěvekod **jaro3** » 09 zář 2010 19:41

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

vašekp · Příspěvekod **vašekp** » 09 zář 2010 21:35

OTL logfile created on: 9.9.2010 21:09:53 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

990,00 Mb Total Physical Memory | 630,00 Mb Available Physical Memory | 64,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 41,62 Gb Total Space | 11,15 Gb Free Space | 26,79% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 8,53 Gb Free Space | 43,68% Space Free | Partition Type: NTFS
Drive E: | 87,89 Gb Total Space | 47,79 Gb Free Space | 54,38% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AMD
Current User Name: Vašek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

========== Driver Services (SafeList) ==========

DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (SysProtDrv.sys) -- C:\Program Files\SysProt\SysProtDrv.sys ()
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) -- C:\WINDOWS\System32\drivers\sfdrv01a.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTSLBCSP) -- C:\WINDOWS\system32\drivers\btslbcsp.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2010.08.18 16:30:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O12 - Plugin for: .pdf - C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll (Adobe Systems Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.09.09 21:05:52 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\OTL.exe
[2010.08.30 19:14:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Recent
[2010.08.29 12:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.08.29 12:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.08.29 12:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.08.29 12:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.08.29 11:50:01 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.08.29 11:49:58 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.08.29 11:49:56 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.08.29 11:49:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2010.08.29 11:49:49 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2010.08.29 11:49:49 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2010.08.29 11:49:49 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2010.08.29 11:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.08.29 11:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MicroWorld
[2010.08.27 22:36:00 | 000,000,000 | RH-D | C] -- C:\AHCache
[2010.08.27 22:35:11 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.08.27 17:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\GHISLER
[2010.08.26 19:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\SysProt
[2010.08.23 20:07:37 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010.08.23 20:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.08.20 20:13:56 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\StartUpLite.exe
[2010.08.17 22:16:50 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.08.17 18:23:40 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010.08.17 18:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Data aplikací\GHISLER
[2010.08.17 17:23:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Data aplikací\Malwarebytes
[2010.08.17 17:23:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.17 17:23:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.17 17:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.09 21:06:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\OTL.exe
[2010.09.09 20:49:53 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003UA.job
[2010.09.09 20:38:43 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.09.09 20:34:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.09 20:30:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.09 20:30:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.08 21:55:30 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\NTUSER.DAT
[2010.09.08 21:55:30 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\ntuser.ini
[2010.09.07 21:37:30 | 003,237,354 | -H-- | M] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\IconCache.db
[2010.09.04 19:47:00 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003Core.job
[2010.08.29 14:35:28 | 000,000,054 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.08.29 11:50:00 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.08.29 11:49:57 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.08.29 11:49:55 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.08.29 11:37:08 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\Zástupce - mwav.lnk
[2010.08.27 17:24:26 | 000,240,381 | -H-- | M] () -- C:\treeinfo.wc
[2010.08.27 04:49:54 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Combat Arms EU.lnk
[2010.08.27 00:48:49 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
[2010.08.25 20:30:53 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.08.25 20:30:52 | 000,000,461 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.25 20:30:52 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.08.24 22:34:53 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\settings.dat
[2010.08.24 19:58:04 | 000,002,406 | ---- | M] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\Google Chrome.lnk
[2010.08.23 20:07:52 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\iTunes.lnk
[2010.08.20 20:14:02 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\StartUpLite.exe
[2010.08.18 17:21:29 | 000,421,888 | ---- | M] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
[2010.08.18 16:30:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.08.17 18:24:07 | 000,000,579 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Total Commander.lnk
[2010.08.17 17:23:19 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Malwarebytes' Anti-Malware.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.29 12:05:02 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.08.29 11:49:56 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.08.29 11:37:08 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha\Zástupce - mwav.lnk
[2010.08.28 19:42:35 | 000,001,058 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003UA.job
[2010.08.28 19:42:34 | 000,001,006 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003Core.job
[2010.08.27 04:49:54 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Combat Arms EU.lnk
[2010.08.25 20:32:30 | 000,000,635 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
[2010.08.24 22:34:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\settings.dat
[2010.08.23 20:07:52 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\iTunes.lnk
[2010.08.17 22:17:13 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.08.17 22:17:09 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.08.17 18:23:42 | 000,000,579 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Total Commander.lnk
[2010.08.17 18:23:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2010.08.17 18:23:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2010.08.17 18:23:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2010.08.17 18:23:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2010.08.17 18:23:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2010.08.17 18:23:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2010.08.17 18:23:40 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2010.08.17 17:23:19 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.12.28 23:00:00 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.03 23:36:08 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.10.28 20:34:20 | 000,021,132 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.10.28 19:50:46 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.10.28 19:50:31 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.02.29 06:14:04 | 000,223,744 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll
[2007.12.06 23:24:54 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2007.11.26 22:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2006.05.12 13:23:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006.01.24 12:15:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.01.24 12:15:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.01.24 12:15:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.01.24 12:15:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.01.24 12:15:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.01.24 12:15:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.01.24 12:15:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004.08.17 15:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2002.05.15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001.11.23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2010.03.29 16:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2010.08.29 11:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MicroWorld
[2010.06.26 10:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Nexon
[2010.03.12 20:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NexonEU
[2009.12.21 21:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2010.07.30 12:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.12.09 18:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Data aplikací\Ashampoo
[2010.08.17 18:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Data aplikací\GHISLER
[2009.11.26 23:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vašek.HR-741A149DF0B3\Data aplikací\Opera

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:671329E4
< End of report >

OTL Extras logfile created on: 9.9.2010 21:09:53 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Vašek.HR-741A149DF0B3\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

990,00 Mb Total Physical Memory | 630,00 Mb Available Physical Memory | 64,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 41,62 Gb Total Space | 11,15 Gb Free Space | 26,79% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 8,53 Gb Free Space | 43,68% Space Free | Partition Type: NTFS
Drive E: | 87,89 Gb Total Space | 47,79 Gb Free Space | 54,38% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AMD
Current User Name: Vašek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"E:\Combat Arms EU\CombatArms.exe" = E:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"E:\Combat Arms EU\Engine.exe" = E:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"E:\Program Files\Combat Arms EU\CombatArms.exe" = E:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"E:\Program Files\Combat Arms EU\Engine.exe" = E:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"E:\Program Files\Metin2_CZ\metin2client.bin" = E:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
"E:\Program Files\uTorrent\uTorrent.exe" = E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine -- ()
"C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast!" = avast! Antivirus
"BitTorrent" = BitTorrent
"Burn4Free" = Burn4Free CD and DVD
"CCleaner" = CCleaner
"Combat Arms EU" = Combat Arms EU
"GameSpy Arcade" = GameSpy Arcade
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"RAY60N" = RAY60N
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"WIC" = Windows Imaging Component

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 20.8.2010 14:18:54 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\4JOT2BWL\RECENT_SEARCHES_1[1].JS
failed, 00000005.

Error - 20.8.2010 14:18:54 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\4JOT2BWL\GA[1].JS
failed, 00000005.

Error - 20.8.2010 20:01:13 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: Unhandled exception in AavmProviderStop [Inner],
MAIL.

Error - 20.8.2010 20:01:15 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: Unhandled exception in AavmProviderStop [Inner],
MAIL.

Error - 23.8.2010 10:32:12 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\Y3P53J2B\SEARCH_1[1].JS
failed, 00000005.

Error - 23.8.2010 10:32:12 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\LDQ3GHUJ\COOKIE_LIB[1].JS
failed, 00000005.

Error - 23.8.2010 10:32:12 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\4JOT2BWL\AC_ACTIVEX[1].JS
failed, 00000005.

Error - 23.8.2010 10:58:58 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\Y3P53J2B\SEARCH_1[1].JS
failed, 00000005.

Error - 23.8.2010 10:58:58 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\LDQ3GHUJ\COOKIE_LIB[1].JS
failed, 00000005.

Error - 23.8.2010 10:58:58 | Computer Name = AMD | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\MICHAL.AMD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\4JOT2BWL\AC_ACTIVEX[1].JS
failed, 00000005.

[ Application Events ]
Error - 29.8.2010 9:53:46 | Computer Name = AMD | Source = MsiInstaller | ID = 11500
Description = Produkt: Microsoft Office Professional Edition 2003 - Chyba 1500.
Probíhá již jiná instalace. Před spuštěním této instalace je třeba spuštěnou instalaci
dokončit.

Error - 29.8.2010 9:53:49 | Computer Name = AMD | Source = MsiInstaller | ID = 11500
Description = Produkt: Microsoft Office Professional Edition 2003 - Chyba 1500.
Probíhá již jiná instalace. Před spuštěním této instalace je třeba spuštěnou instalaci
dokončit.

Error - 29.8.2010 9:55:07 | Computer Name = AMD | Source = MsiInstaller | ID = 11500
Description = Produkt: Microsoft Office Professional Edition 2003 - Chyba 1500.
Probíhá již jiná instalace. Před spuštěním této instalace je třeba spuštěnou instalaci
dokončit.

Error - 29.8.2010 10:19:36 | Computer Name = AMD | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.8.2010 12:47:05 | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 31.8.2010 3:47:08 | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 31.8.2010 4:47:05 | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 31.8.2010 5:47:07 | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 31.8.2010 6:47:16 | Computer Name = AMD | Source = Google Update | ID = 20
Description =

Error - 31.8.2010 7:47:12 | Computer Name = AMD | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 7.9.2010 15:06:13 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Zařazování tisku neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 8.9.2010 7:57:05 | Computer Name = AMD | Source = Service Control Manager | ID = 7022
Description = Služba Plánovač úloh přestala během spouštění reagovat.

Error - 8.9.2010 7:57:05 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Zařazování tisku.

Error - 8.9.2010 7:57:05 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Zařazování tisku neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 8.9.2010 14:16:27 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Zařazování tisku.

Error - 8.9.2010 14:16:27 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Zařazování tisku neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 9.9.2010 14:41:42 | Computer Name = AMD | Source = Service Control Manager | ID = 7022
Description = Služba Plánovač úloh přestala během spouštění reagovat.

Error - 9.9.2010 14:41:42 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Zařazování tisku.

Error - 9.9.2010 14:41:42 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Zařazování tisku neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 9.9.2010 14:41:42 | Computer Name = AMD | Source = Service Control Manager | ID = 7022
Description = Služba Klient systému NetWare přestala během spouštění reagovat.

< End of report >

Příspěvekod **jaro3** » 09 zář 2010 22:40

Odinstaluj:
SysProt

V programu Combat Arms EU Ti chybějí 2 soubory , měl bys přeinstalovat.

Tuto složku znáš:
C:\Documents and Settings\Vašek.HR-741A149DF0B3\Recent ??

Tento program znáš:
RAY60N ?

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:671329E4

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\VDLL.DLL
C:\WINDOWS\System32\runouce.exe
C:\WINDOWS\tasks\SA.DAT
C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

vašekp · Příspěvekod **vašekp** » 11 zář 2010 19:41

SysProt jsem smazal, je to sysprotantirootkit
Combat Arms jsem odinstaloval
C:\Documents and Settings\Vašek.HR-741A149DF0B3\Recent nevidím
RAY60N je hra Rayman, odinstaloval jsem

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File C:\WINDOWS\System32\hidserv.dll File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\System32\drivers\EagleNT.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:671329E4 deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\tmpB5.tmp moved successfully.
C:\WINDOWS\System32\tmpB6.tmp moved successfully.
C:\WINDOWS\NV1500272.TMP folder moved successfully.
C:\WINDOWS\NV25923868.TMP folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003UA.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\VDLL.DLL folder moved successfully.
C:\WINDOWS\System32\runouce.exe folder moved successfully.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: All Users.WINDOWS

User: Andrea.AMD
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Google Chrome cache emptied: 110047421 bytes
->Opera cache emptied: 1613127 bytes
->Flash cache emptied: 15844906 bytes

User: Andy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 5410442 bytes
->Flash cache emptied: 1399 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Michal

User: Michal.AMD

User: Michal.NEW

User: n

User: Naďa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Naďa.AMD
->Temp folder emptied: 175700179 bytes
->Temporary Internet Files folder emptied: 80009938 bytes
->Google Chrome cache emptied: 31884589 bytes
->Opera cache emptied: 222439 bytes
->Flash cache emptied: 4485 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Vašek

User: Vašek.HR-741A149DF0B3
->Temp folder emptied: 94947 bytes
->Temporary Internet Files folder emptied: 1420147 bytes
->Google Chrome cache emptied: 38267816 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 19355 bytes

User: zombik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 21789574 bytes

Total Files Cleaned = 460,00 mb

[EMPTYFLASH]

User: All Users

User: All Users.WINDOWS

User: Andrea.AMD
->Flash cache emptied: 0 bytes

User: Andy

User: Default User

User: Default User.WINDOWS
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: LocalService

User: LocalService.NT AUTHORITY

User: Michal

User: Michal.AMD

User: Michal.NEW

User: n

User: Naďa

User: Naďa.AMD
->Flash cache emptied: 0 bytes

User: NetworkService

User: NetworkService.NT AUTHORITY

User: Vašek

User: Vašek.HR-741A149DF0B3
->Flash cache emptied: 0 bytes

User: zombik
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.11.0 log created on 09112010_190604

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_5b4.dat moved successfully.

Registry entries deleted on Reboot...

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File C:\WINDOWS\System32\hidserv.dll File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\System32\drivers\EagleNT.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:671329E4 deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\tmpB5.tmp moved successfully.
C:\WINDOWS\System32\tmpB6.tmp moved successfully.
C:\WINDOWS\NV1500272.TMP folder moved successfully.
C:\WINDOWS\NV25923868.TMP folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-602162358-448539723-839522115-1003UA.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\VDLL.DLL folder moved successfully.
C:\WINDOWS\System32\runouce.exe folder moved successfully.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\Documents and Settings\Vašek.HR-741A149DF0B3\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: All Users.WINDOWS

User: Andrea.AMD
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Google Chrome cache emptied: 110047421 bytes
->Opera cache emptied: 1613127 bytes
->Flash cache emptied: 15844906 bytes

User: Andy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 5410442 bytes
->Flash cache emptied: 1399 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Michal

User: Michal.AMD

User: Michal.NEW

User: n

User: Naďa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Naďa.AMD
->Temp folder emptied: 175700179 bytes
->Temporary Internet Files folder emptied: 80009938 bytes
->Google Chrome cache emptied: 31884589 bytes
->Opera cache emptied: 222439 bytes
->Flash cache emptied: 4485 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Vašek

User: Vašek.HR-741A149DF0B3
->Temp folder emptied: 94947 bytes
->Temporary Internet Files folder emptied: 1420147 bytes
->Google Chrome cache emptied: 38267816 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 19355 bytes

User: zombik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 21789574 bytes

Total Files Cleaned = 460,00 mb

[EMPTYFLASH]

User: All Users

User: All Users.WINDOWS

User: Andrea.AMD
->Flash cache emptied: 0 bytes

User: Andy

User: Default User

User: Default User.WINDOWS
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: LocalService

User: LocalService.NT AUTHORITY

User: Michal

User: Michal.AMD

User: Michal.NEW

User: n

User: Naďa

User: Naďa.AMD
->Flash cache emptied: 0 bytes

User: NetworkService

User: NetworkService.NT AUTHORITY

User: Vašek

User: Vašek.HR-741A149DF0B3
->Flash cache emptied: 0 bytes

User: zombik
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.11.0 log created on 09112010_190604

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_5b4.dat moved successfully.

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 11 zář 2010 23:07

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

PC by mělo být bez nákaz, jak to vypadá nyní??

vašekp · Příspěvekod **vašekp** » 12 zář 2010 11:52

Až počítač naběhne a otevřu internetový prohlížeč, tak se chová dobře.
Při startu počítače trvá načítání osobního nastavení desítky minut, harddisk stále pomrkává.
Mám zkusit opravit windows XP?
Pokud by nic nepomohlo, tak bych windows znovu nainstaloval.

Příspěvekod **jaro3** » 12 zář 2010 16:38

Zkus ještě:

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Start-spustit- napiš: cleanmgr a dej OK.
Vyber disk a nech skenovat svůj systém, aby se mohly soubory odstranit. Ujisti se , že Temporary Files, Temporary Internet Files, and Recycle Bin jsou zaškrtnuty. Klikni OK pro jejich odstranění. Klikni YES pro potvrzení výmazu.

Vytvoř si na disku novou složku a nějak si ji pojmenuj (např: C:\Bfu)
- Stáhni si Brute Force Uninstaller

http://www.majorgeeks.com/downloadget.p ... c2253cf345

- Rozbal si stažený soubor do již vytvořeného adresáře
- Pravým tlačítkem myši klikni zde http://metallica.geekstogo.com/EGDACCESS.bfu
a vyber možnost Uložit odkaz jako a ulož si ho opět do již vytvořeného adresáře
* Restartuj počítač do nouzového režimu
* Běž do adresáře kde kde máš stažený program
* Spusť program Brute Force Uninstaller (BFU.exe)
* Po zobrazeni okna programu klikni vpravo na ikonu adresáře (žlutá a Open script file...)
* Vyber tam soubor EGDACCESS.bfu a klikni na tlačítko Otevřít
* Dostaneš se zpět na úvodní obrazovku a tam klikni dole na tlačítko Execute a nech program pracovat
* Počkej až vyskočí okno Complete script execution a stiskni OK
* Pak zmáčkni tlačítko Exit kterým ukončíš program

Pak restartuj zpět do normálního režimu.

Jinak budeš muset zkusit udělat ten reinstal , pokud si dělal už Memtest a kontrolu HDD na chyby.

Prosím o kontrolu logu HJT Vyřešeno

Re: Prosím o kontrolu logu HJT Vyřešeno

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Kdo je online