Prosím o kontolu logu - počítač je zasekanej

Příspěvekod **Žbeky** » 04 srp 2012 17:00

Opět nic

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Reklama

lakcod · Příspěvekod **lakcod** » 05 srp 2012 22:29

OTL logfile created on: 5.8.2012 21:36:41 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Dočkalovic\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,04% Memory free
4,00 Gb Paging File | 2,74 Gb Available in Paging File | 68,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 41,95 Gb Free Space | 56,36% Space Free | Partition Type: NTFS

Computer Name: DOČKALOVIC-PC | User Name: Dočkalovic | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Dočkalovic\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Guard-ICQ\GuardICQ.exe ()
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
PRC - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files\PC Tools Security\TFEngine\TFService.exe (PC Tools)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Windows\System32\lxcrcoms.exe ( )

========== Modules (No Company Name) ==========

MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()

========== Win32 Services (SafeList) ==========

SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Guard.Mail.ru) -- C:\Program Files\Guard-ICQ\GuardICQ.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (Browser Defender Update Service) -- C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (ThreatFire) -- C:\Program Files\PC Tools Security\TFEngine\TFService.exe (PC Tools)
SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxcr_device) -- C:\Windows\System32\lxcrcoms.exe ( )

========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (catchme) -- C:\Users\DOKALO~1\AppData\Local\Temp\catchme.sys File not found
DRV - (VIAudio) -- C:\Windows\System32\drivers\vinyl97.sys (VIA Technologies, Inc.)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (pctgntdi) -- C:\Windows\System32\drivers\pctgntdi.sys (PC Tools)
DRV - (TFSysMon) -- C:\Windows\System32\drivers\TfSysMon.sys (PC Tools)
DRV - (TfNetMon) -- C:\Windows\System32\drivers\TfNetMon.sys (PC Tools)
DRV - (TfFsMon) -- C:\Windows\System32\drivers\TfFsMon.sys (PC Tools)
DRV - (pctplsg) -- C:\Windows\System32\drivers\pctplsg.sys (PC Tools)
DRV - (PCTCore) -- C:\Windows\System32\drivers\PCTCore.sys (PC Tools)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (pctEFA) -- C:\Windows\System32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\System32\drivers\pctDS.sys (PC Tools)
DRV - (FETNDIS) -- C:\Windows\System32\drivers\fetnd6.sys (VIA Technologies, Inc. )
DRV - (FETND6V) -- C:\Windows\System32\drivers\fetnd6v.sys (VIA Technologies, Inc. )
DRV - (AF9035BDA) -- C:\Windows\System32\drivers\AF9035BDA.sys (AfaTech )
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80096&lng=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2012.06.17 21:58:53 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools Security\BDT\FireFox\ [2011.10.20 12:17:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.19 17:16:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.19 17:16:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.10.20 11:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dočkalovic\AppData\Roaming\Mozilla\Extensions
[2012.07.30 15:58:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dočkalovic\AppData\Roaming\Mozilla\Firefox\Profiles\4o8uis3i.default\extensions
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Dočkalovic\AppData\Roaming\Mozilla\Firefox\Profiles\4o8uis3i.default\searchplugins\icqplugin.gif
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Dočkalovic\AppData\Roaming\Mozilla\Firefox\Profiles\4o8uis3i.default\searchplugins\icqplugin.src
[2012.08.03 14:17:49 | 000,001,056 | ---- | M] () -- C:\Users\Dočkalovic\AppData\Roaming\Mozilla\Firefox\Profiles\4o8uis3i.default\searchplugins\icqplugin.xml
[2012.03.22 13:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.19 17:16:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.07.19 17:16:00 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.19 17:15:57 | 000,003,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.06.22 16:52:29 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.22 16:52:29 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.22 16:52:29 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.22 16:52:29 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.22 16:52:29 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.08.01 18:59:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Users\Dočkalovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.16.96.129 84.16.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA9797C0-19D4-4693-9F51-A77F6E13B8A5}: DhcpNameServer = 84.16.96.129 84.16.96.2
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.08.05 21:33:19 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Dočkalovic\Desktop\OTL.exe
[2012.08.05 21:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.05 21:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.04 13:59:34 | 009,827,016 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012.08.04 11:05:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.08.04 11:04:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.08.01 19:08:49 | 000,000,000 | ---D | C] -- C:\Users\Dočkalovic\AppData\Local\temp
[2012.08.01 18:25:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.08.01 18:25:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.08.01 18:25:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.08.01 18:25:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.08.01 18:17:07 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.08.01 18:05:05 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dočkalovic\Desktop\TDSSKiller.exe
[2012.07.30 16:09:02 | 000,000,000 | ---D | C] -- C:\Users\Dočkalovic\AppData\Roaming\Malwarebytes
[2012.07.30 16:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.30 16:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.30 16:08:01 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.30 16:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.29 12:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2012.07.29 12:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012.07.29 12:14:00 | 004,179,293 | ---- | C] (Lavalys, Inc. ) -- C:\Users\Dočkalovic\Desktop\everesthome220.exe
[2012.07.29 12:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012.07.29 12:00:30 | 000,000,000 | ---D | C] -- C:\Users\Dočkalovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.07.20 08:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2012.07.20 08:18:09 | 000,000,000 | ---D | C] -- C:\Users\Dočkalovic\AppData\Roaming\ICQ Search
[2012.07.20 08:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2012.07.20 08:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\Guard-ICQ
[2012.07.20 08:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2012.07.20 08:15:48 | 000,000,000 | ---D | C] -- C:\Users\Dočkalovic\AppData\Roaming\ICQ
[2012.07.20 08:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7M
[2012.07.11 19:56:09 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 14:48:46 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.11 14:48:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012.07.11 14:48:27 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012.07.07 19:31:21 | 000,000,000 | ---D | C] -- C:\Users\Dočkalovic\Desktop\Zell am See fotky 2012

========== Files - Modified Within 30 Days ==========

[2012.08.05 22:00:06 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.05 21:59:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.05 21:33:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Dočkalovic\Desktop\OTL.exe
[2012.08.05 21:30:04 | 000,100,864 | ---- | M] () -- C:\Users\Dočkalovic\Desktop\T-Cleaner.exe
[2012.08.05 21:15:17 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.05 21:14:15 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.05 21:00:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.05 12:33:20 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.05 12:33:20 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.05 12:25:16 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.04 13:59:37 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.04 13:59:37 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.04 13:59:34 | 009,827,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2012.08.01 18:59:42 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.07.30 16:08:09 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.29 12:15:24 | 000,001,076 | ---- | M] () -- C:\Users\Dočkalovic\Desktop\EVEREST Home Edition.lnk
[2012.07.29 12:14:23 | 004,179,293 | ---- | M] (Lavalys, Inc. ) -- C:\Users\Dočkalovic\Desktop\everesthome220.exe
[2012.07.29 12:00:30 | 000,002,987 | ---- | M] () -- C:\Users\Dočkalovic\Desktop\HiJackThis.lnk
[2012.07.24 13:22:36 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dočkalovic\Desktop\TDSSKiller.exe
[2012.07.20 08:18:10 | 000,001,763 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012.07.16 16:55:35 | 000,024,951 | ---- | M] () -- C:\Users\Dočkalovic\Documents\Dočkal.pdf
[2012.07.15 11:28:09 | 000,599,040 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2012.07.14 20:49:59 | 000,003,584 | ---- | M] () -- C:\Users\Dočkalovic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.14 20:32:08 | 000,001,326 | ---- | M] () -- C:\Users\Dočkalovic\Desktop\Windows DVD Maker.lnk
[2012.07.11 20:39:51 | 000,406,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.11 19:56:28 | 001,468,328 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012.07.07 19:39:43 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.07 19:39:42 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.07 19:39:41 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.07 19:39:40 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat

========== Files Created - No Company Name ==========

[2012.08.05 21:29:45 | 000,100,864 | ---- | C] () -- C:\Users\Dočkalovic\Desktop\T-Cleaner.exe
[2012.08.05 21:14:15 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.01 18:25:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.08.01 18:25:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.08.01 18:25:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.08.01 18:25:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.08.01 18:25:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.30 16:08:09 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.29 12:15:24 | 000,001,076 | ---- | C] () -- C:\Users\Dočkalovic\Desktop\EVEREST Home Edition.lnk
[2012.07.29 12:00:30 | 000,002,987 | ---- | C] () -- C:\Users\Dočkalovic\Desktop\HiJackThis.lnk
[2012.07.20 08:18:10 | 000,001,763 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012.07.16 17:00:04 | 000,024,951 | ---- | C] () -- C:\Users\Dočkalovic\Documents\Dočkal.pdf
[2012.07.14 20:49:59 | 000,003,584 | ---- | C] () -- C:\Users\Dočkalovic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.14 20:32:08 | 000,001,326 | ---- | C] () -- C:\Users\Dočkalovic\Desktop\Windows DVD Maker.lnk
[2012.06.17 10:02:51 | 000,000,376 | ---- | C] () -- C:\Windows\mozregistry.dat
[2011.12.26 01:51:24 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.12.26 01:51:09 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.11.07 09:12:06 | 000,000,000 | -H-- | C] () -- C:\Users\Dočkalovic\AppData\Roaming\E16g0HKGfDtG
[2011.11.02 19:45:23 | 000,303,104 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2011.11.02 19:41:33 | 000,040,960 | ---- | C] () -- C:\Windows\System32\LXPRMON.DLL
[2011.11.02 19:41:33 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXPMONUI.DLL
[2011.11.02 19:36:52 | 000,233,472 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2011.11.02 19:36:51 | 001,183,744 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2011.11.02 19:36:51 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2011.11.02 19:36:50 | 000,536,576 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2011.11.02 19:36:50 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2011.11.02 19:36:50 | 000,114,688 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2011.11.02 19:36:49 | 000,143,360 | ---- | C] () -- C:\Windows\System32\lxcrjswr.dll
[2011.11.02 19:36:49 | 000,106,496 | ---- | C] () -- C:\Windows\System32\lxcrinsr.dll
[2011.11.02 19:36:48 | 000,380,928 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2011.11.02 19:36:47 | 000,495,616 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2011.11.02 19:36:46 | 000,610,304 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2011.11.02 19:36:46 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2011.10.22 10:13:57 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011.10.20 13:32:03 | 000,036,864 | ---- | C] () -- C:\Windows\System32\UnAudioNT.dll
[2011.10.20 12:17:50 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll

========== LOP Check ==========

[2012.07.30 12:32:44 | 000,000,000 | ---D | M] -- C:\Users\Dočkalovic\AppData\Roaming\ICQ
[2012.07.20 08:18:09 | 000,000,000 | ---D | M] -- C:\Users\Dočkalovic\AppData\Roaming\ICQ Search
[2011.11.13 00:41:04 | 000,000,000 | ---D | M] -- C:\Users\Dočkalovic\AppData\Roaming\Skinux
[2012.06.05 10:10:23 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >

lakcod · Příspěvekod **lakcod** » 05 srp 2012 22:30

OTL Extras logfile created on: 5.8.2012 21:36:41 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Dočkalovic\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,04% Memory free
4,00 Gb Paging File | 2,74 Gb Available in Paging File | 68,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 41,95 Gb Free Space | 56,36% Space Free | Partition Type: NTFS

Computer Name: DOČKALOVIC-PC | User Name: Dočkalovic | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E2A6316-B0C2-4E59-8596-C9B08141C6DC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0F37205E-85A1-4810-8D5A-B2051E20A537}" = rport=137 | protocol=17 | dir=out | app=system |
"{2200C14A-ADE8-4E24-B2BD-C2C74BA9AB73}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27975ECE-253B-4F08-8188-6CFF8383A6B8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3784B735-D745-489E-B87F-E142BC568767}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3C8730AB-1F0C-4F11-8E74-126013359304}" = rport=445 | protocol=6 | dir=out | app=system |
"{4F6A2D97-5BB8-4D34-BBF8-BF99860DF319}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{644B579E-6975-42C4-92D5-0E86FB539280}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69E62506-3BED-45E8-AA43-EB5163CC6FDD}" = lport=445 | protocol=6 | dir=in | app=system |
"{6EAB89AE-444A-4C2A-9C22-4B1DF89401C5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73B38368-B2F1-474F-B68A-FE046BEB99C0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7930415D-6BE5-4CD3-AB59-5212637545B5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9092679C-48E9-4A3B-B1AC-86DA868DCEBB}" = lport=137 | protocol=17 | dir=in | app=system |
"{B5923D0B-E853-446F-8847-5773D5042997}" = rport=139 | protocol=6 | dir=out | app=system |
"{B5D0CEBA-1EBA-4785-B591-DDECEBA6D86C}" = rport=138 | protocol=17 | dir=out | app=system |
"{B6F5B265-A0C8-4A17-BBA6-8AF2867A729D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B78425C0-8488-48C9-9280-3BA0E7531620}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{BA18754F-9AE8-426E-B51F-BCFF1BD6388E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BCA3AF7C-28D3-4186-841D-DACCDF5C334B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D5F20C72-D4E0-4B79-92B7-4F113394F48E}" = lport=138 | protocol=17 | dir=in | app=system |
"{E0FCB57D-D509-4E3F-B9EB-CFAF67B30891}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E82F6BE0-98CE-44F3-9DDA-25903F26DC52}" = lport=139 | protocol=6 | dir=in | app=system |
"{F82DB1CC-8027-449C-B53B-1F98B132582B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FE08AD77-6807-4A4B-BD45-A6D403BBF4AA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00726CF1-D2E2-4B00-A7BF-ECA4938C98EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{13325807-A0AA-462B-9A09-8DDF7CA7D0A3}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{20A722E3-8D5E-43B4-BA76-29694E8FF416}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{27F826B2-D2D4-468B-9AF4-439CF150FF27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29280021-5106-4C22-A7D4-B2490A83AF9D}" = protocol=17 | dir=in | app=c:\windows\system32\lxcrcoms.exe |
"{3AA11D68-CDE1-4179-9C78-247E17B35E08}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3AAA4894-1C9B-47A7-B922-7A2360BD9F8D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4F27DAD1-172A-4B6F-9CC6-D27E96EAEBB6}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{5B82C17D-DC1C-4A22-A8A5-7AFAA8423F47}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5EA5303F-1ED3-493B-84AF-86C7861AC0B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{665DDDFD-223D-4AA4-9A58-CE98E344114F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7066C2EC-4D55-49BC-B714-B76C20550F90}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{71418F6A-41F7-4EF4-9F16-977D2777FD17}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{85D9295F-1531-42B0-8BC1-53AD1CB7A467}" = protocol=6 | dir=in | app=c:\windows\system32\lxcrcoms.exe |
"{9027D1A3-B488-4D10-845A-ADDE7CE48736}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90E2703A-39CC-402A-A579-D47D4D324179}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{978774FF-6BA2-4695-9B3B-D00ED5A8199E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9A8CF8CF-D263-45A9-A8AC-8C101E979A2F}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe |
"{B5065572-438F-4C72-B702-47FE85836B40}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8EBE9E2-A4FE-4C59-8636-E4589B05028B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2536867-31FC-4B94-AA66-2E1ED5912646}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe |
"{CABC1BAF-63C4-4576-B318-CE5172A32194}" = protocol=6 | dir=out | app=system |
"{CB677E9F-A8F3-4994-BA81-9CF0EFACB107}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D21091B1-1A1E-42DE-AC09-23841E55B336}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3883002-1848-4883-B6B0-E3923623E75F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{FCC43B40-9ACA-430E-8747-40C7488024B9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Panel nástrojů
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Software Kodak EasyShare
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Browser Defender_is1" = Browser Defender 3.0
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Guard.Mail.ru" = Guard.ICQ
"Lexmark 2400 Series" = Lexmark 2400 Series
"Lexmark Fax Solutions" = Faxové funkce Lexmark
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Spyware Doctor" = Spyware Doctor s Antivirus 8.0
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"VN_VUIns_Rhine_VIA" = VIA Rhine Family Fast Ethernet Adapter
"WinRAR archiver" = WinRAR 4.11 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.8.2012 9:39:06 | Computer Name = Dočkalovic-PC | Source = System Restore | ID = 8193
Description =

Error - 2.8.2012 12:00:21 | Computer Name = Dočkalovic-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 14.0.1.4577 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
e50 Čas spuštění: 01cd70c78e28ca45 Čas ukončení: 1281 Cesta k aplikaci: C:\Program
Files\Mozilla Firefox\firefox.exe ID hlášení: 2532ca8b-dcbb-11e1-9781-000fea5383d0

Error - 2.8.2012 16:05:21 | Computer Name = Dočkalovic-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\pc tools security\networklayer\PCTCFFix64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.8.2012 2:01:28 | Computer Name = Dočkalovic-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\pc tools security\networklayer\PCTCFFix64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 4.8.2012 2:27:50 | Computer Name = Dočkalovic-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\pc tools security\networklayer\PCTCFFix64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 4.8.2012 4:45:32 | Computer Name = Dočkalovic-PC | Source = VSS | ID = 18
Description =

Error - 4.8.2012 4:45:32 | Computer Name = Dočkalovic-PC | Source = VSS | ID = 8193
Description =

Error - 4.8.2012 4:45:33 | Computer Name = Dočkalovic-PC | Source = System Restore | ID = 8193
Description =

Error - 5.8.2012 8:18:05 | Computer Name = Dočkalovic-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\pc tools security\networklayer\PCTCFFix64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 5.8.2012 15:23:44 | Computer Name = Dočkalovic-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 10.4.2012 13:28:58 | Computer Name = Dočkalovic-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 10.4.2012 13:32:10 | Computer Name = Dočkalovic-PC | Source = Service Control Manager | ID = 7023
Description = Služba Centrum zabezpečení byla ukončena s následující chybou: %%16389

Error - 11.4.2012 1:18:37 | Computer Name = Dočkalovic-PC | Source = DCOM | ID = 10010
Description =

Error - 11.4.2012 3:14:09 | Computer Name = Dočkalovic-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 11.4.2012 12:19:18 | Computer Name = Dočkalovic-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 11.4.2012 12:20:25 | Computer Name = Dočkalovic-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby sdCoreService bylo dosaženo
časového limitu (30000 ms).

Error - 14.4.2012 6:30:23 | Computer Name = Dočkalovic-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 14.4.2012 11:22:24 | Computer Name = Dočkalovic-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 14.4.2012 11:22:24 | Computer Name = Dočkalovic-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 14.4.2012 14:48:21 | Computer Name = Dočkalovic-PC | Source = DCOM | ID = 10010
Description =

< End of report >

Příspěvekod **jaro3** » 05 srp 2012 23:53

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (catchme) -- C:\Users\DOKALO~1\AppData\Local\Temp\catchme.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80096&lng=en
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q="
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2011.10.20 11:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dočkalovic\AppData\Roaming\Mozilla\Extensions
[2012.03.22 13:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2012.08.01 18:59:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2012.07.07 19:39:43 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.07 19:39:42 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.07 19:39:41 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.07.07 19:39:40 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SWREG.exe
C:\Windows\NIRCMD.exe
C:\Windows\SWSC.exe
C:\Qoobox
C:\Users\Dočkalovic\Desktop\TDSSKiller.exe
C:\Users\Dočkalovic\AppData\Roaming\ICQ Search
C:\Program Files\ICQ6Toolbar
C:\Users\Dočkalovic\Desktop\T-Cleaner.exe
C:\Users\Dočkalovic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Dočkalovic\Desktop\T-Cleaner.exe
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Windows\sed.exe
C:\Users\Dočkalovic\AppData\Roaming\E16g0HKGfDtG
C:\Windows\AutoKMS.ini
C:\Users\Dočkalovic\AppData\Roaming\ICQ Search
ipconfig /flushdns /c

:Reg
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

C:\Users\Public\Documents\ESBK.mb---znáš to?
netbrdg---znáš ten program??

lakcod · Příspěvekod **lakcod** » 08 srp 2012 20:45

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: No service named ACDaemon was found to stop!
Service\Driver key ACDaemon not found.
File C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found not found.
Error: No service named VGPU was found to stop!
Service\Driver key VGPU not found.
File System32\drivers\rdvgkmd.sys File not found not found.
Error: No service named tsusbhub was found to stop!
Service\Driver key tsusbhub not found.
File system32\drivers\tsusbhub.sys File not found not found.
Error: No service named Synth3dVsc was found to stop!
Service\Driver key Synth3dVsc not found.
File System32\drivers\synth3dvsc.sys File not found not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\DOKALO~1\AppData\Local\Temp\catchme.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
C:\Users\Dočkalovic\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Windows\SWREG.exe moved successfully.
C:\Windows\NIRCMD.exe moved successfully.
C:\Windows\SWSC.exe moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Users\Dočkalovic\Desktop\TDSSKiller.exe moved successfully.
C:\Users\Dočkalovic\AppData\Roaming\ICQ Search folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Users\Dočkalovic\Desktop\T-Cleaner.exe moved successfully.
C:\Users\Dočkalovic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File\Folder C:\Users\Dočkalovic\Desktop\T-Cleaner.exe not found.
C:\Windows\PEV.exe moved successfully.
C:\Windows\MBR.exe moved successfully.
C:\Windows\grep.exe moved successfully.
C:\Windows\zip.exe moved successfully.
C:\Windows\sed.exe moved successfully.
C:\Users\Dočkalovic\AppData\Roaming\E16g0HKGfDtG moved successfully.
C:\Windows\AutoKMS.ini moved successfully.
File\Folder C:\Users\Dočkalovic\AppData\Roaming\ICQ Search not found.
< ipconfig /flushdns /c >
No captured output from command...
C:\Users\Dočkalovic\Desktop\cmd.bat deleted successfully.
========== REGISTRY ==========
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes

User: Dočkalovic
->Temp folder emptied: 384890 bytes
->Temporary Internet Files folder emptied: 95202363 bytes
->Java cache emptied: 1748 bytes
->FireFox cache emptied: 154064446 bytes
->Flash cache emptied: 1211 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1216 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 238,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Dočkalovic
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.56.0 log created on 08062012_224403

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!

PendingFileRenameOperations files...
File C:\Qoobox\BackEnv not found!

Registry entries deleted on Reboot...

lakcod · Příspěvekod **lakcod** » 08 srp 2012 20:48

jinak java nainstalována...a ty soubory neznám..on je to počítač rodičů, já bych si ho takhle nezaprasil:-D. Nevím jak to oni vždciyk dokážou.

Příspěvekod **jaro3** » 09 srp 2012 15:07

OK.

Spusť OTL a klikni na Vyčisti.

Jsou ještě problémy?

lakcod · Příspěvekod **lakcod** » 09 srp 2012 21:59

Jako oproti tomu jak to bylo pomalé na začátku je to o trochu lepší. Ale pořád je to dost pomalé. Prohlížení netu, třeba jen než se otevře nějaká složka, prostě všechno pomalé. nemůže to být tím že je prostě slabej počítač? I když když jsem ten počítač měl já, tak tyhle základní věci šli bez sekání. PC: GK: NVIDIA GEFORCE FX 5700, CPU: CELETON 2400 MHz, ZD:gigabyte ga-8vm533m-rz, HDD:seagate baracuda 7200.7 80011 80GB, RAM 2047 MB.
Neni to moc slabé na windows 7?

Příspěvekod **jaro3** » 09 srp 2012 23:25

Ani ne , i RAM 2GB stačí..

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

lakcod · Příspěvekod **lakcod** » 14 srp 2012 18:47

Tak memtest běžel přes 2 hodiny a bez chyby..ke Crystaldisku jsem se nedostal, ale nedávno jsem ho měl zaplej a myslím že žádní chyba, ale až se k tomu dostanu tak to ještě zkusím.

Příspěvekod **jaro3** » 14 srp 2012 22:48

Fajn a ještě přidej:
Stáhni si SiSoft Sandra 2012

Sandra je software pro kompletní diagnostiku software a hardware. SiSoft Sandra
je stále více oblíbeným programem. Je to kvalitní diagnostická a testovací utilita.
Nabízí řadu různých nástrojů určených k diagnostice, testování spolehlivosti a výkonu,
získání podrobných informací o hardware i software Vašeho systému a periferií.
Informace lze exportovat do řady formátů, tisknout, uložit
na FTP/http server, importovat do ADO, OLEDB nebo ODBC databáze,
apod.

lakcod · Příspěvekod **lakcod** » 15 srp 2012 20:09

tak kontrola disku:

CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo

Crystal Dew World : http://crystalmark.info/

----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x86)

Date : 2012/08/15 19:39:02

-- Controller Map ----------------------------------------------------------

+ Řadič VIA s rozhraním IDE ke sběrnici PCI v režimu Bus Master - 0571 [ATA]

+ ATA Channel 0 (0)

- ST380011A ATA Device

+ ATA Channel 1 (1)

- ATAPI DVD A DH20A4P ATA Device

-- Disk List ---------------------------------------------------------------

(1) ST380011A : 80.0 GB [0-0-0, pd1]

----------------------------------------------------------------------------

(1) ST380011A

----------------------------------------------------------------------------

Model : ST380011A

Firmware : 8.01

Serial Number : 4JV0NWSW

Disk Size : 80.0 GB (8.4/80.0/80.0)

Buffer Size : 2048 KB

Queue Depth : 1

# of Sectors : 156299375

Rotation Rate : Neznámy údaj

Interface : Parallel ATA

Major Version : ATA/ATAPI-6

Minor Version : ATA/ATAPI-6 T13 1410D version 2

Transfer Mode : Ultra DMA/100

Power On Hours : 25355 hod.

Power On Count : 4204 krát

Temparature : 41 C (105 F)

Health Status : Dobrý

Features : S.M.A.R.T., 48bit LBA

APM Level : ----

AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------

ID Cur Wor Thr RawValues(6) Attribute Name

01 _61 _56 __6 00000BDB4C80 Počet chyb čtení

03 _97 _97 __0 000000000000 Čas na roztočení ploten

04 100 100 _20 000000000003 Počet spuštění/zastavení

05 100 100 _36 000000000000 Počet přemapovaných sektorů

07 _87 _60 _30 000020D8F60E Počet chybných hledání

09 _72 _72 __0 00000000630B Hodin v činnosti

0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten

0C _96 _96 _20 00000000106C Počet cyklů zapnutí zařízení

C2 _41 _51 __0 000000000029 Teplota

C3 _61 _55 __0 00000BDB4C80 Počet oprav chybného čtení

C5 100 100 __0 000000000000 Počet podezřelých sektorů

C6 100 100 __0 000000000000 Počet neopravitelných sektorů

C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------

+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F

000: 0C 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00

010: 00 00 00 00 34 4A 56 30 4E 57 53 57 20 20 20 20

020: 20 20 20 20 20 20 20 20 00 00 10 00 00 04 38 2E

030: 30 31 20 20 20 20 53 54 33 38 30 30 31 31 41 20

040: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20

050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10

060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10

070: 00 3F FC 10 00 FB 01 10 F0 6F 09 50 00 00 00 07

080: 00 03 00 78 00 78 00 F0 00 78 00 00 00 00 00 00

090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0A0: 00 7E 00 1B 34 6B 7D 01 58 23 34 69 3C 01 40 23

0B0: 20 3F 00 00 00 00 FE FE FF FE 60 4B 80 00 00 00

0C0: 00 00 00 00 00 00 00 00 F0 6F 09 50 00 00 00 00

0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

100: 00 09 F8 B0 09 50 F8 B0 09 50 20 20 00 02 42 B6

110: 00 00 00 8A 3C 06 3C 0A 00 00 07 C6 01 00 08 00

120: 09 D0 04 00 00 02 00 30 00 00 00 00 00 02 FE 06

130: 00 00 00 02 00 00 00 00 00 00 00 00 00 21 00 0B

140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 A5

Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Re: Prosím o kontolu logu - počítač je zasekanej

Kdo je online