Zbytky ESETu v PC Vyřešeno

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání skončeno "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Pak nový OTL.

[Reklama]

[Scanner]

RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Zkuřka [Práva správce]
Mód : Odebrat -- Datum : 07/12/2013 22:24:03
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[12] : NtAlertResumeThread @ 0x80630108 -> HOOKED (Unknown @ 0x86E97F40)
[Address] SSDT[13] : NtAlertThread @ 0x80577310 -> HOOKED (Unknown @ 0x82943E60)
[Address] SSDT[17] : NtAllocateVirtualMemory @ 0x80569302 -> HOOKED (Unknown @ 0x86EC17C8)
[Address] SSDT[19] : NtAssignProcessToJobObject @ 0x805A1387 -> HOOKED (Unknown @ 0x86E83D88)
[Address] SSDT[31] : NtConnectPort @ 0x8058CB11 -> HOOKED (Unknown @ 0x829DA360)
[Address] SSDT[43] : NtCreateMutant @ 0x805776E0 -> HOOKED (Unknown @ 0x82AB56C0)
[Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x8059E796 -> HOOKED (Unknown @ 0x86CBE798)
[Address] SSDT[53] : NtCreateThread @ 0x80578925 -> HOOKED (Unknown @ 0x86E429B0)
[Address] SSDT[57] : NtDebugActiveProcess @ 0x8065C259 -> HOOKED (Unknown @ 0x86CB04B0)
[Address] SSDT[68] : NtDuplicateObject @ 0x805749DA -> HOOKED (Unknown @ 0x86E08DC0)
[Address] SSDT[83] : NtFreeVirtualMemory @ 0x80569C2D -> HOOKED (Unknown @ 0x86D71D30)
[Address] SSDT[89] : NtImpersonateAnonymousToken @ 0x805DC216 -> HOOKED (Unknown @ 0x86CC4050)
[Address] SSDT[91] : NtImpersonateThread @ 0x805817C1 -> HOOKED (Unknown @ 0x86C98200)
[Address] SSDT[97] : NtLoadDriver @ 0x805A29BD -> HOOKED (Unknown @ 0x86CF4AF8)
[Address] SSDT[108] : unknown @ 0x8057CB31 -> HOOKED (Unknown @ 0x86D9FD10)
[Address] SSDT[114] : NtOpenEvent @ 0x80581B30 -> HOOKED (Unknown @ 0x86D67288)
[Address] SSDT[122] : NtOpenProcess @ 0x80574BC1 -> HOOKED (Unknown @ 0x86CD2808)
[Address] SSDT[123] : NtOpenProcessToken @ 0x80571121 -> HOOKED (Unknown @ 0x86C4AE80)
[Address] SSDT[125] : NtOpenSection @ 0x8056E583 -> HOOKED (Unknown @ 0x86D92430)
[Address] SSDT[128] : NtOpenThread @ 0x80590CFC -> HOOKED (Unknown @ 0x86CD2738)
[Address] SSDT[137] : NtProtectVirtualMemory @ 0x80574F70 -> HOOKED (Unknown @ 0x86CBE868)
[Address] SSDT[206] : NtResumeThread @ 0x80578F98 -> HOOKED (Unknown @ 0x8296D270)
[Address] SSDT[213] : NtSetContextThread @ 0x8062E937 -> HOOKED (Unknown @ 0x86D09328)
[Address] SSDT[228] : NtSetInformationProcess @ 0x80570E2D -> HOOKED (Unknown @ 0x86DF54A0)
[Address] SSDT[240] : NtSetSystemInformation @ 0x805A6AA9 -> HOOKED (Unknown @ 0x86D923B0)
[Address] SSDT[253] : NtSuspendProcess @ 0x8063004D -> HOOKED (Unknown @ 0x86D924F0)
[Address] SSDT[254] : NtSuspendThread @ 0x805E05BE -> HOOKED (Unknown @ 0x82946178)
[Address] SSDT[257] : NtTerminateProcess @ 0x80585851 -> HOOKED (Unknown @ 0x829501F0)
[Address] SSDT[258] : unknown @ 0x80578037 -> HOOKED (Unknown @ 0x86C844A8)
[Address] SSDT[267] : NtUnmapViewOfSection @ 0x8057C6B6 -> HOOKED (Unknown @ 0x86DDE4E8)
[Address] SSDT[277] : NtWriteVirtualMemory @ 0x805815AA -> HOOKED (Unknown @ 0x86D71E00)
[Address] Shadow SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x86C6CA28)
[Address] Shadow SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x86D1E9C8)
[Address] Shadow SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x86D09C58)
[Address] Shadow SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x86C40D88)
[Address] Shadow SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x86CE7398)
[Address] Shadow SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x86E90A58)
[Address] Shadow SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x86CD58B0)
[Address] Shadow SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x86C8E8B0)
[Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8293F498)
[Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x86C806C0)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST380011A +++++
--- User ---
[MBR] cd8687da116eee93983ca60a0384c32d
[BSP] e2fac8fc9b6364230bd0d1e3cc9e71ea : Linux MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 46811 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 95870974 | Size: 29507 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07122013_222403.txt >>
RKreport[0]_S_07122013_214732.txt;RKreport[0]_S_07122013_222304.txt

[Scanner]

OTL Extras logfile created on: 12.7.2013 22:28:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Zkuřka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 565,83 Mb Available Physical Memory | 55,28% Memory free
2,03 Gb Paging File | 1,59 Gb Available in Paging File | 78,50% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,71 Gb Total Space | 35,10 Gb Free Space | 76,79% Space Free | Partition Type: NTFS

Computer Name: GANJA | User Name: Zkuřka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{101F30DF-3204-473B-A0DD-037A53983DEA}" = QuadcoreM2
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26DE7BAD-453E-4C96-979F-1C288ECAA159}" = Intel(R) Network Connections 16.7.166.0
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.6
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"AC3Filter_is1" = AC3Filter 2.5b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Any Video Converter Ultimate_is1" = Any Video Converter Ultimate 4.6.0
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"N360" = Norton 360
"QuadcoreM2 1.12.2012" = QuadcoreM2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.7.2013 11:51:12 | Computer Name = GANJA | Source = Windows Search Service | ID = 3028
Description = Objekt sběrače nebyl inicializován. Kontext: aplikace Windows, katalog
SystemIndex Podrobnosti: Hodnotu registru nelze číst, protože konfigurace je neplatná.
Vytvořte znovu konfiguraci indexu obsahu tak, že jej odeberete. (0x80040d03)

Error - 2.7.2013 11:51:12 | Computer Name = GANJA | Source = Windows Search Service | ID = 3058
Description = Aplikace nebyla inicializována. Kontext: aplikace Windows Podrobnosti:
Hodnotu
registru nelze číst, protože konfigurace je neplatná. Vytvořte znovu konfiguraci
indexu obsahu tak, že jej odeberete. (0x80040d03)

Error - 2.7.2013 17:53:18 | Computer Name = GANJA | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex


Error - 2.7.2013 19:15:19 | Computer Name = GANJA | Source = Chrome | ID = 1
Description =

Error - 8.7.2013 15:52:05 | Computer Name = GANJA | Source = Chrome | ID = 1
Description =

Error - 12.7.2013 14:59:33 | Computer Name = GANJA | Source = Windows Search Service | ID = 3038
Description = Sběrač nepřečetl registr DocIdMapFile. Kontext: aplikace , katalog
SystemIndex Podrobnosti: Systém nemůže nalézt uvedený soubor. (0x80070002)

Error - 12.7.2013 14:59:35 | Computer Name = GANJA | Source = Windows Search Service | ID = 3028
Description = Objekt sběrače nebyl inicializován. Kontext: aplikace Windows, katalog
SystemIndex Podrobnosti: Hodnotu registru nelze číst, protože konfigurace je neplatná.
Vytvořte znovu konfiguraci indexu obsahu tak, že jej odeberete. (0x80040d03)

Error - 12.7.2013 14:59:35 | Computer Name = GANJA | Source = Windows Search Service | ID = 3058
Description = Aplikace nebyla inicializována. Kontext: aplikace Windows Podrobnosti:
Hodnotu
registru nelze číst, protože konfigurace je neplatná. Vytvořte znovu konfiguraci
indexu obsahu tak, že jej odeberete. (0x80040d03)

Error - 12.7.2013 15:22:43 | Computer Name = GANJA | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex


Error - 12.7.2013 16:21:00 | Computer Name = GANJA | Source = Chrome | ID = 1
Description =

[ System Events ]
Error - 12.6.2013 8:08:10 | Computer Name = GANJA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Sada Microsoft .NET Framework 3.0: x86 Language Pack
(KB928416).

Error - 12.6.2013 8:32:36 | Computer Name = GANJA | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 12.6.2013 9:07:17 | Computer Name = GANJA | Source = Service Control Manager | ID = 7034
Description = Služba Advanced SystemCare Service 6 byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 12.6.2013 9:07:17 | Computer Name = GANJA | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft .NET Framework NGEN v4.0.30319_X86 byla nečekaně
ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund:
Restartovat službu.

Error - 12.6.2013 9:07:17 | Computer Name = GANJA | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet Monitoring Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 12.6.2013 9:07:17 | Computer Name = GANJA | Source = Service Control Manager | ID = 7034
Description = Služba MBAMScheduler byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 12.6.2013 9:08:38 | Computer Name = GANJA | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 13.6.2013 14:31:06 | Computer Name = GANJA | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 13.6.2013 14:31:11 | Computer Name = GANJA | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou 2147749155 (0x80040D23), specifickou
pro službu.

Error - 14.6.2013 5:50:23 | Computer Name = GANJA | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

[ Windows PowerShel Events ]
Error - 2.7.2013 11:51:12 | Computer Name = GANJA | Source = Windows Search Service | ID = 3028
Description =

Error - 2.7.2013 11:51:12 | Computer Name = GANJA | Source = Windows Search Service | ID = 3058
Description =

Error - 2.7.2013 17:53:18 | Computer Name = GANJA | Source = Windows Search Service | ID = 3024
Description =

Error - 2.7.2013 19:15:19 | Computer Name = GANJA | Source = Chrome | ID = 1
Description =

Error - 8.7.2013 15:52:05 | Computer Name = GANJA | Source = Chrome | ID = 1
Description =

Error - 12.7.2013 14:59:33 | Computer Name = GANJA | Source = Windows Search Service | ID = 3038
Description =

Error - 12.7.2013 14:59:35 | Computer Name = GANJA | Source = Windows Search Service | ID = 3028
Description =

Error - 12.7.2013 14:59:35 | Computer Name = GANJA | Source = Windows Search Service | ID = 3058
Description =

Error - 12.7.2013 15:22:43 | Computer Name = GANJA | Source = Windows Search Service | ID = 3024
Description =

Error - 12.7.2013 16:21:00 | Computer Name = GANJA | Source = Chrome | ID = 1
Description =


< End of report >

[Scanner]

OTL logfile created on: 12.7.2013 22:28:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Zkuřka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 565,83 Mb Available Physical Memory | 55,28% Memory free
2,03 Gb Paging File | 1,59 Gb Available in Paging File | 78,50% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,71 Gb Total Space | 35,10 Gb Free Space | 76,79% Space Free | Partition Type: NTFS

Computer Name: GANJA | User Name: Zkuřka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Zkuřka\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Norton 360\Engine\20.1.0.24\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\IPROSetMonitor.exe (Intel Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\IObit\Advanced SystemCare 6\ASCComputerMenu.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\Norton 360\Engine\20.1.0.24\wincfi39.dll ()


========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdvancedSystemCareService6) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\20.1.0.24\ccSvcHst.exe (Symantec Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130711.001\IDSXpx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130712.003\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130712.003\NAVENG.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx86.sys (Symantec Corporation)
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\N360\1401000.018\srtsp.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\1401000.018\SymEFA.sys (Symantec Corporation)
DRV - (ccSet_N360) -- C:\WINDOWS\system32\drivers\N360\1401000.018\ccSetx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\1401000.018\SymDS.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\1401000.018\Ironx86.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\N360\1401000.018\symtdi.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\N360\1401000.018\srtspx.sys (Symantec Corporation)
DRV - (anvsnddrv) -- C:\WINDOWS\system32\drivers\anvsnddrv.sys (AnvSoft Inc.)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HCF_MSFT) -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys (Conexant)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2013.06.05 17:37:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013.07.11 14:00:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013.07.12 21:21:19 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - Extension: Bob Marley = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\alpnhingmddeadgmgjbfefmaanaeifak\1.4_0\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Tampermonkey = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.2.3467_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: The West = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm\1.5_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.1.0.32_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: joinTogether = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmdmbmibkmiabcbncpcmjfibbjdiedol\4.0.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001.10.25 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.1.0.24\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.1.0.24\IPS\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.1.0.24\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.48.254.254 77.48.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7EA465D-86E0-4D57-8A62-0B5BFD1CD83C}: DhcpNameServer = 77.48.254.254 77.48.100.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.05.05 22:06:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.07.12 22:18:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Zkuřka\Plocha\OTL.exe
[2013.07.12 21:27:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.07.12 21:23:49 | 000,559,306 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Zkuřka\Plocha\JRT.exe
[2013.07.12 00:14:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Zkuřka\Recent
[2013.07.12 00:04:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.07.11 23:57:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.11 13:59:30 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.07.11 13:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013.07.11 13:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013.07.11 13:58:36 | 000,926,880 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymEFA.sys
[2013.07.11 13:58:36 | 000,585,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\srtsp.sys
[2013.07.11 13:58:36 | 000,394,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\symtdi.sys
[2013.07.11 13:58:36 | 000,368,288 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymDS.sys
[2013.07.11 13:58:36 | 000,350,368 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\symtdiv.sys
[2013.07.11 13:58:36 | 000,338,592 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\symnets.sys
[2013.07.11 13:58:36 | 000,032,888 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\srtspx.sys
[2013.07.11 13:58:36 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymELAM.sys
[2013.07.11 13:58:35 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\Ironx86.sys
[2013.07.11 13:58:35 | 000,134,304 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\1401000.018\ccSetx86.sys
[2013.07.11 13:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2013.07.11 13:56:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\1401000.018
[2013.07.11 13:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2013.07.11 13:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Norton 360
[2013.07.11 13:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Norton
[2013.07.11 13:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2013.07.11 13:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
[2013.07.11 13:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zkuřka\Application Data
[2013.07.10 22:27:45 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.07.10 22:25:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.07.08 21:54:22 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Zkuřka\Plocha\hijackthis.exe
[2013.07.04 21:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zkuřka\Dokumenty\Ulozto
[2013.07.04 21:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zkuřka\Data aplikací\Ulozto File Manager
[2013.07.04 21:36:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Ulož.to File Manager
[2013.07.04 21:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\Ulozto File Manager
[2013.07.02 13:54:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Zkuřka\Nabídka Start\Programy\Nástroje pro správu
[2013.07.02 13:17:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Advanced SystemCare 6
[2013.07.02 13:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013.06.23 23:48:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\AutoPowerOn
[2013.06.23 23:47:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zkuřka\Data aplikací\WinRAR
[2013.06.21 00:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AC3Filter

========== Files - Modified Within 30 Days ==========

[2013.07.12 22:24:32 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FBA80C6E-B05C-42E6-8CA1-7B3C40E2EDEF}.job
[2013.07.12 22:19:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zkuřka\Plocha\OTL.exe
[2013.07.12 22:05:07 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.12 22:00:29 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.12 21:24:19 | 000,915,456 | ---- | M] () -- C:\Documents and Settings\Zkuřka\Plocha\RogueKiller.exe
[2013.07.12 21:24:03 | 000,559,306 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Zkuřka\Plocha\JRT.exe
[2013.07.12 21:21:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.12 21:19:54 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\ASC6_AutoClean.job
[2013.07.12 21:19:53 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.12 21:19:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.12 21:19:40 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.12 00:45:24 | 000,014,818 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\VT20130115.021
[2013.07.12 00:21:35 | 000,099,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.07.12 00:09:05 | 000,662,345 | ---- | M] () -- C:\Documents and Settings\Zkuřka\Plocha\adwcleaner.exe
[2013.07.12 00:07:47 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zkuřka\Plocha\TFC.exe
[2013.07.11 14:45:02 | 000,502,648 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.07.11 14:45:02 | 000,486,482 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.07.11 14:45:02 | 000,101,676 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.07.11 14:45:02 | 000,080,756 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.07.11 14:42:00 | 000,562,828 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\Cat.DB
[2013.07.11 13:59:29 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.07.11 13:59:29 | 000,007,446 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.07.11 13:59:29 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.07.10 22:27:50 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.07.08 21:54:24 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Zkuřka\Plocha\hijackthis.exe
[2013.07.04 21:36:24 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ulož.to File Manager.lnk
[2013.07.02 13:17:21 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare 6.lnk
[2013.07.02 13:10:43 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.07.02 13:07:27 | 000,000,000 | RHS- | M] () -- C:\CONFIG.SYS
[2013.06.28 22:25:17 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.28 22:25:12 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.28 22:25:11 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.22 22:07:02 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2013.06.21 23:18:03 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.21 00:02:58 | 1482,762,240 | ---- | M] () -- C:\Documents and Settings\Zkuřka\Plocha\Tucker-&-Dale-vs.-Zlo-(2010).avi

========== Files Created - No Company Name ==========

[2013.07.12 21:23:56 | 000,915,456 | ---- | C] () -- C:\Documents and Settings\Zkuřka\Plocha\RogueKiller.exe
[2013.07.12 00:55:17 | 000,014,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\VT20130115.021
[2013.07.12 00:17:40 | 000,099,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.07.12 00:08:39 | 000,662,345 | ---- | C] () -- C:\Documents and Settings\Zkuřka\Plocha\adwcleaner.exe
[2013.07.11 13:59:42 | 000,562,828 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\Cat.DB
[2013.07.11 13:59:30 | 000,007,446 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.07.11 13:59:30 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.07.11 13:57:31 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymNetV.inf
[2013.07.11 13:57:31 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymNet.inf
[2013.07.11 13:57:30 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymEFA.inf
[2013.07.11 13:57:30 | 000,002,851 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymDS.inf
[2013.07.11 13:57:30 | 000,001,387 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\srtspx.inf
[2013.07.11 13:57:30 | 000,001,387 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\srtsp.inf
[2013.07.11 13:57:30 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\symELAM.inf
[2013.07.11 13:57:30 | 000,000,828 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\ccSetx86.inf
[2013.07.11 13:57:30 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\Iron.inf
[2013.07.11 13:56:14 | 000,008,942 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymVTcer.dat
[2013.07.11 13:56:10 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\symnetv.cat
[2013.07.11 13:56:10 | 000,007,601 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymNet.cat
[2013.07.11 13:56:09 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymELAM.cat
[2013.07.11 13:56:09 | 000,007,599 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymEFA.cat
[2013.07.11 13:56:09 | 000,007,597 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\srtspx.cat
[2013.07.11 13:56:09 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\SymDS.cat
[2013.07.11 13:56:09 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\srtsp.cat
[2013.07.11 13:56:09 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\iron.cat
[2013.07.11 13:56:08 | 000,007,611 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\ccSetx86.cat
[2013.07.11 13:56:08 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\1401000.018\isolate.ini
[2013.07.11 13:45:06 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2013.07.10 22:27:47 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.07.04 21:36:24 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ulož.to File Manager.lnk
[2013.07.02 13:30:18 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\ASC6_AutoClean.job
[2013.07.02 13:17:20 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare 6.lnk
[2013.06.28 22:25:20 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.28 22:25:19 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.28 22:25:18 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.21 21:24:35 | 1482,762,240 | ---- | C] () -- C:\Documents and Settings\Zkuřka\Plocha\Tucker-&-Dale-vs.-Zlo-(2010).avi
[2013.06.21 00:37:24 | 000,965,120 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm
[2013.05.10 21:21:13 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\fusioncache.dat
[2013.05.05 22:28:31 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.05.05 22:27:52 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.05.05 22:19:16 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.05 22:11:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.05.05 22:08:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.05.05 22:02:47 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.05.05 21:52:44 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== ZeroAccess Check ==========

[2013.05.09 20:41:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.05.22 17:15:52 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.05.22 17:10:19 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.05.21 21:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2013.07.08 21:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.05.21 21:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2013.05.10 20:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2013.05.18 21:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.07.11 23:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.07.02 13:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.05.28 19:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.05.05 23:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
[2013.05.05 23:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.06.24 22:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zkuřka\Data aplikací\AnvSoft
[2013.06.05 16:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zkuřka\Data aplikací\DAEMON Tools Lite
[2013.06.05 17:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zkuřka\Data aplikací\IObit
[2013.05.09 21:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zkuřka\Data aplikací\Quadcore Games
[2013.07.04 21:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zkuřka\Data aplikací\Ulozto File Manager
[2013.06.13 20:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zkuřka\Data aplikací\uTorrent

========== Purity Check ==========



< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
[2013.07.11 14:45:02 | 000,502,648 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.07.11 14:45:02 | 000,486,482 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.07.11 14:45:02 | 000,101,676 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.07.11 14:45:02 | 000,080,756 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\All Users\Data aplikací\ESET

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Scanner]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ deleted successfully.
C:\WINDOWS\system32\ieframe.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\ASC6_AutoClean.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{FBA80C6E-B05C-42E6-8CA1-7B3C40E2EDEF}.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\Zkuřka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security\Logs\eScan folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security\ECP folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security\Charon folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus\Charon folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33186 bytes

User: Zkuřka
->Temp folder emptied: 1344400 bytes
->Temporary Internet Files folder emptied: 5278204 bytes
->Google Chrome cache emptied: 86549911 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49635 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 285234797 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 361,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07132013_004928

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Jak to vypadá nyní?

[Scanner]

Je to dobrý, ESET je snad taky pryč, mám místo něj Norton a už my to nic nehlásí. Bude to v pohodě.

[memphisto]

Ještě HJT na dočištění

[Scanner]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:57:04, on 14.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\IProsetMonitor.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Norton 360\Engine\20.1.0.24\ccSvcHst.exe
C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Norton 360\Engine\20.1.0.24\ccSvcHst.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Zkuřka\Plocha\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.1.0.24\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.1.0.24\IPS\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.1.0.24\coIEPlg.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.1.0.24\ccSvcHst.exe

--
End of file - 4283 bytes

[memphisto]

Spusť OTL a klikni na Vyčisti. HJT je ok. Pokud nejsou problémy a další dotazy, tak víš co máš dělat

[Scanner]

Super, další dobrá práce, díky moc.