Prosím o kontrolu logu HijackThis

martin krok · Příspěvekod **martin krok** » 11 zář 2013 06:46

ComboFix 13-09-10.01 - SMCeleron 11.09.2013 6:30.8.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.641 [GMT 2:00]
Spuštěný z: c:\documents and settings\SMCeleron\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\SMCeleron\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
FILE ::
"d:\programy\eset\ekrn.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EKRN
-------\Service_ekrn
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-11 do 2013-09-11 )))))))))))))))))))))))))))))))
.
.
2013-09-09 19:26 . 2013-09-09 19:26 -------- d--h--w- c:\windows\PIF
2013-09-09 18:46 . 2013-09-10 03:07 -------- d-----w- c:\program files\Unlocker
2013-09-09 18:46 . 2013-09-09 18:46 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\Babylon
2013-09-09 18:46 . 2013-09-09 18:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2013-09-08 22:20 . 2013-09-08 22:23 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\Dream Aquarium
2013-09-08 22:20 . 2013-09-08 22:20 -------- d-----w- c:\program files\Dream Aquarium
2013-09-08 11:49 . 2013-09-08 11:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2013-09-08 11:49 . 2013-09-08 11:49 -------- d-----w- c:\program files\GreenTree Applications
2013-09-08 09:51 . 2013-09-08 09:51 -------- d-----w- c:\windows\system32\wbem\Repository
2013-09-08 01:09 . 2013-09-08 01:09 -------- d-----w- c:\program files\TeamViewer
2013-09-07 21:36 . 2013-09-08 02:24 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\AIMP3
2013-09-07 21:36 . 2013-09-07 21:42 -------- d-----w- c:\program files\AIMP3
2013-09-07 09:25 . 2013-09-07 09:25 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\OpenCandy
2013-09-07 09:10 . 2013-08-30 07:48 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-09-07 09:10 . 2013-08-30 07:48 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-09-07 09:10 . 2013-08-30 07:48 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-09-07 09:10 . 2013-08-30 07:48 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-09-07 09:10 . 2013-08-30 07:48 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-09-07 09:10 . 2013-08-30 07:48 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-09-07 09:10 . 2013-08-30 07:48 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-09-07 09:10 . 2013-08-30 07:48 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-09-07 09:10 . 2013-08-30 07:47 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-09-07 09:09 . 2013-08-30 07:47 41664 ----a-w- c:\windows\avastSS.scr
2013-09-07 09:08 . 2013-09-07 09:08 -------- d-----w- c:\program files\AVAST Software
2013-09-07 09:07 . 2013-09-08 09:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-09-06 17:58 . 2013-09-06 17:58 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-06 17:58 . 2013-09-06 17:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-06 17:57 . 2013-09-06 18:00 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\Adobe
2013-09-05 17:38 . 2013-09-09 18:24 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-02 18:16 . 2013-09-02 18:16 -------- d-sh--w- c:\documents and settings\SMCeleron\IECompatCache
2013-09-01 15:26 . 2013-09-08 11:09 -------- d-----w- c:\program files\Trend Micro
2013-09-01 09:01 . 2013-09-01 12:44 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\BSplayer
2013-09-01 08:00 . 2013-09-01 08:00 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\VS Revo Group
2013-09-01 08:00 . 2013-09-01 08:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\VS Revo Group
2013-08-31 18:07 . 2013-08-31 18:07 170752 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-08-31 18:07 . 2013-08-31 18:07 76768 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2013-08-31 17:24 . 2013-08-31 17:46 -------- d-----w- c:\program files\Free Windows Cleanup Tool
2013-08-28 21:46 . 2013-08-28 21:47 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\Facebook
2013-08-28 18:57 . 2013-08-28 18:57 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\ChemTable Software
2013-08-28 18:55 . 2013-08-28 18:55 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\ChemTable Software
2013-08-28 18:55 . 2013-08-28 19:20 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\AnVir
2013-08-28 17:43 . 2013-08-28 17:43 -------- d-----w- c:\windows\system32\wbem\mof\good
2013-08-28 17:43 . 2013-08-28 17:43 -------- d-----w- c:\windows\system32\wbem\mof\bad
2013-08-27 15:51 . 2013-08-27 15:51 -------- d-----w- c:\program files\CCleaner
2013-08-25 13:28 . 2013-08-25 13:28 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\IObit
2013-08-25 12:50 . 2013-08-25 12:50 -------- d-----w- c:\windows\system32\GroupPolicy
2013-08-25 12:50 . 2013-08-25 19:09 -------- dc----w- c:\windows\$968930Uinstall_KB968930$
2013-08-25 12:35 . 2013-08-25 19:09 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\Apple Computer
2013-08-25 12:35 . 2013-08-25 12:35 -------- d-----w- c:\documents and settings\SMCeleron\AppData
2013-08-25 12:03 . 2013-08-25 19:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2013-08-25 12:03 . 2013-08-25 19:09 -------- d-----w- c:\documents and settings\SMCeleron\Data aplikací\IObit
2013-08-24 16:27 . 2013-08-24 16:27 -------- d-----w- c:\documents and settings\SMCeleron\SyncFolder
2013-08-24 16:24 . 2013-08-24 16:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC1Data
2013-08-22 21:51 . 2013-08-25 19:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\clp
2013-08-22 21:36 . 2013-08-22 21:36 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\Fighters
2013-08-22 21:04 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2013-08-22 20:35 . 2013-08-22 21:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Common Toolkit Suite
2013-08-22 20:21 . 2013-08-22 20:21 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Fighters
2013-08-22 20:20 . 2013-08-22 22:17 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Fighters
2013-08-22 20:14 . 2013-08-22 20:14 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-08-22 20:14 . 2013-08-22 20:14 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\eSupport.com
2013-08-22 19:27 . 2013-09-07 09:10 -------- d-----w- c:\program files\Google
2013-08-18 21:42 . 2013-08-18 21:42 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\Anthropics
2013-08-14 05:46 . 2013-08-15 16:08 -------- d-----w- c:\documents and settings\SMCeleron\Local Settings\Data aplikací\Unity
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-07 17:02 . 2013-08-07 17:02 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys
2013-08-02 23:48 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-29 17:49 . 2013-07-29 17:49 16048 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2013-07-26 02:49 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:48 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-26 02:48 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:52 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2013-07-10 10:37 . 2008-04-14 12:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:34 . 2008-04-14 08:06 2072320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-04 07:34 . 2008-04-14 12:00 2195712 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner]
2013-08-21 18:22 3676952 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-07-25 06:58 20684656 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2006-11-17 03:42 577536 ----a-r- c:\windows\soundman.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\MadOnion.com\\3DMark2001 SE\\3DMark2001SE.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [7.9.2013 11:10 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [7.9.2013 11:10 177864]
R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [31.8.2013 20:07 76768]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.9.2013 11:10 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.9.2013 11:10 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.9.2013 11:10 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [7.9.2013 11:10 66336]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [22.8.2013 22:14 23456]
S3 LMIRescue_391ac7ff-9f90-4cad-b200-d1ea20cd8371;LogMeIn Rescue (391ac7ff-9f90-4cad-b200-d1ea20cd8371);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR000B.tmp\LMI_Rescue_srv.exe [28.7.2013 16:31 2570592]
S3 LMIRescue_796396c6-ef97-4e85-a52a-782c471ee2ce;LogMeIn Rescue (796396c6-ef97-4e85-a52a-782c471ee2ce);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR000A.tmp\LMI_Rescue_srv.exe [28.7.2013 16:17 2570592]
S3 LMIRescue_b27ea1d2-3851-4c29-b5b2-00bfaf75611a;LogMeIn Rescue (b27ea1d2-3851-4c29-b5b2-00bfaf75611a);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR000C.tmp\LMI_Rescue_srv.exe [20.8.2013 17:43 2570592]
S3 LMIRescue_eb30bad3-8f1c-44a7-8b74-10db35342de0;LogMeIn Rescue (eb30bad3-8f1c-44a7-8b74-10db35342de0);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0009.tmp\LMI_Rescue_srv.exe [20.7.2013 15:02 2570592]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.7.2013 23:31 22856]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [5.9.2013 19:38 40776]
S4 LMIRescue_25b8023e-94c1-4a98-9c08-04bc13b20828;LogMeIn Rescue (25b8023e-94c1-4a98-9c08-04bc13b20828);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe [19.7.2013 20:23 2570592]
S4 LMIRescue_2a132eac-b3f6-4401-ad4d-57df7118dbc9;LogMeIn Rescue (2a132eac-b3f6-4401-ad4d-57df7118dbc9);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe [19.7.2013 20:03 2570592]
S4 LMIRescue_3f210bad-2787-4c38-96c1-fa9d220e8150;LogMeIn Rescue (3f210bad-2787-4c38-96c1-fa9d220e8150);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe [19.7.2013 20:36 2570592]
S4 LMIRescue_9cb5ae85-6c76-4fb0-ab82-956d017a0c28;LogMeIn Rescue (9cb5ae85-6c76-4fb0-ab82-956d017a0c28);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0008.tmp\LMI_Rescue_srv.exe [20.7.2013 10:58 2570592]
S4 LMIRescue_de44e4bb-4696-477e-92f3-b3a718683581;LogMeIn Rescue (de44e4bb-4696-477e-92f3-b3a718683581);c:\documents and settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe [19.7.2013 20:18 2570592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 18:56 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-06 17:58]
.
2013-09-09 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-09-07 07:47]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-11 06:40
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="96BF69B2A24B8A8C4FD51275A18331D1D524B2404EACB0D5D92CB78429CA5535F99CC7974DB43C2B4F5557FA2EB772B27D28CEDDFA072202CFF041FE06FD5146720235DB3DABB13EB35D76A4B73AFD9D52B580134F19673FE652F5FEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555BA7FD869164D6794A2D97226D213B5556EC7FDE352371EFB5FE124C9F066F9100A1A2F9EFDEDEEBD493530FD2927BE5ACC98AA443B2ABF8B2C7C01BBFE2358DA94E474A32BFD00A983FAB0866CDE59EB0E2772D974E75733428528FA1BD5750B8AA240E9146378282B12E96430874E61CB457D482FF86B0116C5E4C7218A47DB57329EEE5ECFE13F468B46F5019955B1C3D83A68813B05F8BB99C51AD025CB7D8A015E658FCB466E7D0CF649CF612C46575C5AC765DE31136F6F9B984CD9FC93D716133416B0B6251ECD6FA3727E92FC8DDFD1253AE8813911C97C231BB3E0B719879475C22D45C8189F687AA1E3CD280F825AF5C2318DC92140C4C9AA8F7DF34781FB7748450B33025F5E7AFBD9A60E2AFCF0E1A5E4EB18C9FE8F52C89FDD4983C6293EC0CD243092059002027DE868D019D647EA06BD6B5245C13628E80F2C91A8407E28F32E81A89782A619BCE5E4993491B50368217F2DE4002461C6A483DA1228A35DB44D5C43B67E2E0C5BF1A63D4169F13FB43F83EAC6347DEF65352CE87D8C4CA663AB6989910F940672E5C29AC6EBF2D6683F98C2650DD5B247DB76ED7BD9C92C27F045C2EE058A996C1E43B2DEEAE6E4D24F5790CF7CF86DC1B6A53C304625797A5001DC2874F1BC0AFB27ACB7F92FE51AA14A52293AE2C67F68F14BD4C7957F2BFB2367A936E2475FE35FD113745D3E36EB712BAABD464B7D9787B8B4988C925EAAA298F3E429F853BD528EC7F4BC32F4E6BE629DC687698E6F86C3B0BA2BEA0919EE481EE0447022775A77BFDE49ED755198626157C074571E82CF3D6D4925F587E674514F67B5DA0045417A56B17F2F6B5B3A6AB63FA4D056846462BA6E41C4B860BCC9187AB0E1CD54450944DCD8E77CD51EBE6C85154BCF86AE3B6D5CA5E673246758E698AEEE583E029156E1CF3E4E4A627948C7C567437BFDFA14849725066F5D64AC91E08E9CAD19CEFD0E2022AC71034CDBEF981AF0C4C762020CC598BC73A9651C695E9F1BBFD090EEE1E758E97320777E9C56AD1A3CA04C4DCF3FB06ED47FE82FD51F56D8079235A49029FA5DF1FAD3C89D294086ACC624D25DF930F02DB111A0458039DE886D37D904C975DD00FBCC9A79224380D619E831F5CB2D20893B927154C525B8C0919E11D89588CB22AB6114E9337CD66E1DB1CA127414DB69B63766D8914A789A558910DEBAC907D53C249CDBB4855B9BF8A4485C"
"OODEFRAG16.00.00.01PROFESSIONAL"="D178F64B240F4B49E312A8E921AE3FADD1DB511A56EB544A95429920B6B2FD2E4435279E29E3D5FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555BA7FD869164D6794A2D97226D213B5552ADF412764FAB7044731249BCC9ADA55C7DA7B8A4E9606129352F4C4EE8D50113C13F67ECFD5F75326BAD82F1AC315CAB6EE25BEF9B6726C1995F57FA3F568148D60D2FC776949BBD1A23018A212E17E0C7971F3DE61886B55C57F2F3FD13BAF44756E7581E04B81969A385784C6A0705F51FCF8390C076F497F5F9131EB073EEA53E82FB97BDE20AA28FCDE8434F5D8ACA2E50E6242718A5AAF66D0902055D370CEE1658E8B2B43242512970B45C522D56AD0E8DE201285521DE79198E26C3126907F46127999CCFDC08EDCA2743F6B1EFB64B151D5725C5F5EBD68A4B9DA51C2956CF5FC41D85398FA0D00FCD1CE06AEFECD85832A653D90DE44DF39BF7060E1ACD50B29705B9F37292B44EB02A778136D3BF56175FB0CDC5EDB767A2242BD7FFCEC8F95AA562F80770DE069BE42FEBB95E087FBA512609E71E89C32232CFE807EE6836528C3B20161D70390525905FD9B76B309BAC006117F543B4F19C8ECA97E7FDADE336491A6BAB7CA9F9D6B3111F43866E24BE87B57C48B29E36FF882A61CF17A6DAC36644627D94C7D95BB56926D65820381AFF6764FFDB6A423E372044E02BF9F8583F81721F10E304253010223C0DB0C977C5C5684A1A46CC7701F365CF377A8C6D3CF3377B60EE33FF9EEC38813BBC2617B4AC61C6DAAB881CE2313E311E65F8A751F1BCBE13BE83E4292A1E5A75E10449D0EF721DFF02B8CECC854D428C2BF817BD1B21233F9B281FC9346544E760237952DFE74F7950AB7819219F30BB7666D3C82BF166C2159E2C14BC343D9A847C9DC5ED5483B2B3FE1063463DB0EE398A65105EFF4D47E1A4EEBC80CF5230C379C2F0C59263338D885379619778CDA3B1898DECF1F3652D1C21CCEF90285AFC7648C56CB68EA3689AA15D5858762A35A4134C7555DDF4E8657B2D24954DF94196B381251BFF31325EE6742D622723924348B2FD646A51D60B159801929162EE90E3C4575AF62B12686B460202F210AEC1BC6358FC9DBD8A90F79366F1590671F3EE3AC230F4FE6AC364C69D56BD9792AADD5319E29DD925440430534FDBA9BC280BE36AC8AD6FC78593D49D3670A5F77BD6AAA88F90B4CF1A82936B31F839D81EEA186C8239A33EEDD5DA0D889A18693ADF960B3264602BCC0E2C19E86DFB0ABB525F50FAA3F3A1C45C7C40688172C61F3BFC26CEA751C8F16EBD78898C60F3697A30EFDC8EB382CA6573D63716506671EB878615A837CE9C682D96A8A3364BA68BF8F76FA4FC7F02C2DC6D9A608B8514928DA27"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(576)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2728)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Celkový čas: 2013-09-11 06:44:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-11 04:44
ComboFix2.txt 2013-09-10 17:14
.
Před spuštěním: Volných bajtů: 32 458 346 496
Po spuštění: Volných bajtů: 32 548 057 088
.
- - End Of File - - 06008A05DBC01E1B491D922AAB414F65
413FC2A0C716421B3158746D63736515

Reklama

martin krok · Příspěvekod **martin krok** » 11 zář 2013 06:52

# AdwCleaner v3.003 - Report created 11/09/2013 at 06:48:29
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : SMCeleron - CELERON-5D8C779
# Running from : C:\Documents and Settings\SMCeleron\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found C:\Documents and Settings\SMCeleron\Data aplikací\Babylon
Folder Found C:\Documents and Settings\SMCeleron\Data aplikací\OpenCandy
Folder Found C:\Documents and Settings\SMCeleron\IECompatCache

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://www2.delta-search.com/?babsrc=NT ... l&tsp=5000

-\\ Google Chrome v29.0.1547.62

[ File : C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R2].txt - [1432 octets] - [11/09/2013 06:48:29]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1492 octets] ##########

martin krok · Příspěvekod **martin krok** » 11 zář 2013 06:58

# AdwCleaner v3.003 - Report created 11/09/2013 at 06:55:45
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : SMCeleron - CELERON-5D8C779
# Running from : C:\Documents and Settings\SMCeleron\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\SMCeleron\IECompatCache
Folder Deleted : C:\Documents and Settings\SMCeleron\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\SMCeleron\Data aplikací\OpenCandy

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Google Chrome v29.0.1547.62

[ File : C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R2].txt - [1572 octets] - [11/09/2013 06:48:29]
AdwCleaner[R3].txt - [1632 octets] - [11/09/2013 06:53:00]
AdwCleaner[S1].txt - [1478 octets] - [11/09/2013 06:55:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########

Příspěvekod **jaro3** » 11 zář 2013 09:34

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Jak to vypadá nyní?

martin krok · Příspěvekod **martin krok** » 11 zář 2013 16:39

furt se mi ukazuje antivir nod 32 že je nainstalovan a nejde odinstalovat

Příspěvekod **jaro3** » 11 zář 2013 17:13

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

martin krok · Příspěvekod **martin krok** » 11 zář 2013 20:12

OTL logfile created on: 11.9.2013 19:56:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\SMCeleron\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 705,73 Mb Available Physical Memory | 68,95% Memory free
2,40 Gb Paging File | 2,19 Gb Available in Paging File | 90,90% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,78 Gb Total Space | 29,93 Gb Free Space | 58,94% Space Free | Partition Type: NTFS
Drive D: | 98,26 Gb Total Space | 68,80 Gb Free Space | 70,02% Space Free | Partition Type: NTFS

Computer Name: CELERON-5D8C779 | User Name: SMCeleron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\SMCeleron\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13091100\algo.dll ()

========== Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (LMIRescue_b27ea1d2-3851-4c29-b5b2-00bfaf75611a) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR000C.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_391ac7ff-9f90-4cad-b200-d1ea20cd8371) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR000B.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_796396c6-ef97-4e85-a52a-782c471ee2ce) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR000A.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_eb30bad3-8f1c-44a7-8b74-10db35342de0) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0009.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_9cb5ae85-6c76-4fb0-ab82-956d017a0c28) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0008.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_3f210bad-2787-4c38-96c1-fa9d220e8150) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0006.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_25b8023e-94c1-4a98-9c08-04bc13b20828) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0005.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_de44e4bb-4696-477e-92f3-b3a718683581) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)
SRV - (LMIRescue_2a132eac-b3f6-4401-ad4d-57df7118dbc9) -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe (LogMeIn, Inc.)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (fltsrv) -- C:\WINDOWS\system32\drivers\fltsrv.sys (Acronis)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (DrvAgent32) -- C:\WINDOWS\system32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (cpuidlep) -- C:\WINDOWS\System32\drivers\cpuidlep.sys ()
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (prohlp02) -- C:\WINDOWS\system32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\system32\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\system32\drivers\prosync1.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\system32\drivers\sfhlp01.sys (Protection Technology)
DRV - (IdeChnDr) -- C:\WINDOWS\system32\drivers\IdeChnDr.sys (Intel Corporation)
DRV - (IdeBusDr) -- C:\WINDOWS\system32\drivers\IdeBusDr.sys (Intel Corporation)
DRV - (rtl8029) -- C:\WINDOWS\system32\drivers\RTL8029.sys (Realtek Semiconductor Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2013.06.08 14:43:17 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - Extension: Disk Google = C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2013.09.11 06:39:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0013078437 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50D4CF20-0CE6-4C7D-ADDA-D0350A4CB54B}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.04.25 01:11:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.09.11 19:53:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SMCeleron\Plocha\OTL.exe
[2013.09.11 16:41:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\SMCeleron\Recent
[2013.09.11 13:56:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Data aplikací\TeamViewer
[2013.09.11 12:27:29 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013.09.11 12:09:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\SMCeleron\IECompatCache
[2013.09.11 08:01:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.09.11 07:00:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013.09.11 06:47:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.11 06:38:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.09.10 19:00:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.09.09 21:26:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2013.09.09 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013.09.09 00:20:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Data aplikací\Dream Aquarium
[2013.09.09 00:20:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Dream Aquarium
[2013.09.09 00:20:20 | 000,000,000 | ---D | C] -- C:\Program Files\Dream Aquarium
[2013.09.08 13:51:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader
[2013.09.08 13:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.09.08 13:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2013.09.08 11:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2013.09.07 23:36:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Data aplikací\AIMP3
[2013.09.07 23:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP3
[2013.09.07 11:10:35 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.09.07 11:10:35 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.09.07 11:10:34 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.09.07 11:10:34 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.09.07 11:10:33 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.09.07 11:10:32 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.09.07 11:10:32 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.09.07 11:09:13 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.09.07 11:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.09.07 11:07:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.09.06 19:58:50 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.09.06 19:58:49 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.09.06 19:57:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Adobe
[2013.09.05 19:38:28 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.09.01 17:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013.09.01 11:03:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Nabídka Start\Programy\BS.Player
[2013.09.01 11:01:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Data aplikací\BSplayer
[2013.09.01 10:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\VS Revo Group
[2013.09.01 10:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\VS Revo Group
[2013.08.31 20:08:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2013.08.31 20:07:39 | 000,170,752 | ---- | C] (Acronis) -- C:\WINDOWS\System32\drivers\snapman.sys
[2013.08.31 20:07:35 | 000,076,768 | ---- | C] (Acronis) -- C:\WINDOWS\System32\drivers\fltsrv.sys
[2013.08.31 19:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\Free Windows Cleanup Tool
[2013.08.28 23:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Facebook
[2013.08.28 20:57:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Data aplikací\ChemTable Software
[2013.08.28 20:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\ChemTable Software
[2013.08.28 20:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\AnVir
[2013.08.27 17:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.08.25 14:50:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2013.08.25 14:50:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013.08.25 14:50:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2013.08.25 14:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Data aplikací\Apple Computer
[2013.08.25 14:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\AppData
[2013.08.25 14:03:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.08.25 14:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Data aplikací\IObit
[2013.08.24 18:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\SyncFolder
[2013.08.24 18:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PC1Data
[2013.08.22 23:51:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\clp
[2013.08.22 23:36:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Fighters
[2013.08.22 23:04:51 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2013.08.22 22:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Toolkit Suite
[2013.08.22 22:21:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Fighters
[2013.08.22 22:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Fighters
[2013.08.22 22:14:59 | 000,023,456 | ---- | C] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys
[2013.08.22 22:14:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\eSupport.com
[2013.08.22 21:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2013.08.22 21:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.08.18 23:42:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Anthropics
[2013.08.14 07:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\Unity

========== Files - Modified Within 30 Days ==========

[2013.09.11 19:53:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SMCeleron\Plocha\OTL.exe
[2013.09.11 19:46:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.09.11 19:46:10 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.11 19:46:10 | 000,097,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.09.11 11:57:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.09.11 06:39:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.09.11 06:24:02 | 001,037,278 | ---- | M] () -- C:\Documents and Settings\SMCeleron\Plocha\adwcleaner.exe
[2013.09.10 18:21:47 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\SMCeleron\Plocha\Skype.lnk
[2013.09.09 20:24:23 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.09.09 15:58:26 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.09.08 13:51:28 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.09.08 11:54:09 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.09.08 11:54:04 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.09.07 23:34:52 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013.09.06 22:26:37 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.09.06 19:58:50 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.09.06 19:58:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.09.06 19:17:20 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\SMCeleron\Plocha\www.youtube.com-html5.url
[2013.09.04 17:24:42 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\SMCeleron\Plocha\Zástupce - Místní disk (D).lnk
[2013.09.02 22:36:02 | 000,000,074 | ---- | M] () -- C:\Documents and Settings\SMCeleron\Data aplikací\mbam.context.scan
[2013.09.01 11:03:14 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\SMCeleron\Plocha\BS.Player FREE.lnk
[2013.08.31 20:07:39 | 000,170,752 | ---- | M] (Acronis) -- C:\WINDOWS\System32\drivers\snapman.sys
[2013.08.31 20:07:36 | 000,076,768 | ---- | M] (Acronis) -- C:\WINDOWS\System32\drivers\fltsrv.sys
[2013.08.30 21:49:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2013.08.30 09:48:13 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.08.30 09:48:13 | 000,177,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.08.30 09:48:13 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.08.30 09:48:12 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.08.30 09:48:12 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.08.30 09:48:12 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.08.30 09:48:11 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.08.30 09:48:11 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.08.30 09:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.08.30 09:47:32 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.08.28 00:12:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.08.27 17:51:30 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.08.25 15:27:32 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013.08.25 14:59:02 | 000,481,860 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.08.25 14:59:02 | 000,477,198 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.08.25 14:59:02 | 000,092,512 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.08.25 14:59:02 | 000,079,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.08.22 22:39:28 | 000,000,565 | ---- | M] () -- C:\WINDOWS\System32\MyDefrag.debuglog
[2013.08.22 22:14:59 | 000,023,456 | ---- | M] (Phoenix Technologies) -- C:\WINDOWS\System32\drivers\DrvAgent32.sys
[2013.08.20 18:53:14 | 007,602,176 | ---- | M] () -- C:\Documents and Settings\SMCeleron\NTUSER.bak
[2013.08.15 19:09:06 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.08.14 18:47:36 | 000,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini

========== Files Created - No Company Name ==========

[2013.09.11 06:23:55 | 001,037,278 | ---- | C] () -- C:\Documents and Settings\SMCeleron\Plocha\adwcleaner.exe
[2013.09.08 13:49:32 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.09.08 11:54:04 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.09.07 11:10:35 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.09.07 11:10:33 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.09.07 11:10:33 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.09.06 19:58:50 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.09.06 19:17:20 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\SMCeleron\Plocha\www.youtube.com-html5.url
[2013.09.04 17:24:42 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\SMCeleron\Plocha\Zástupce - Místní disk (D).lnk
[2013.09.02 22:31:22 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\SMCeleron\Data aplikací\mbam.context.scan
[2013.09.01 11:03:14 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\SMCeleron\Plocha\BS.Player FREE.lnk
[2013.08.27 17:51:30 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.08.25 15:27:32 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013.08.22 22:39:27 | 000,000,565 | ---- | C] () -- C:\WINDOWS\System32\MyDefrag.debuglog
[2013.08.22 21:29:46 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2013.08.21 04:53:57 | 000,097,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.08.14 18:47:36 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2013.08.07 19:02:16 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpuidlep.sys
[2013.08.03 12:24:20 | 000,080,138 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-448539723-117609710-1606980848-1004-0.dat
[2013.08.03 12:24:19 | 000,080,138 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.07.19 21:59:05 | 000,000,154 | ---- | C] () -- C:\WINDOWS\Reimage.ini
[2013.06.08 17:40:11 | 000,043,520 | ---- | C] () -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.08 14:43:21 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\fusioncache.dat
[2013.05.31 17:56:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.05.31 16:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.05.31 16:50:48 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2013.05.31 16:42:37 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.05.31 16:41:59 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.05.31 16:41:45 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2003.04.25 01:19:52 | 007,602,176 | ---- | C] () -- C:\Documents and Settings\SMCeleron\NTUSER.bak

========== ZeroAccess Check ==========

[2013.06.01 11:08:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.16 23:18:20 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.08.31 20:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2013.09.08 11:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.08.25 21:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\clp
[2013.07.11 11:20:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.08.22 23:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Toolkit Suite
[2013.08.23 00:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Fighters
[2013.08.28 19:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\G Data
[2013.08.25 21:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.07.12 14:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OO Software
[2013.08.24 18:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC1Data
[2013.07.11 11:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2013.09.01 10:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VS Revo Group
[2013.09.08 13:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.07.11 11:20:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.09.08 04:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\AIMP3
[2013.09.01 14:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\BSplayer
[2013.06.08 19:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\BSplayer Pro
[2013.08.28 20:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\ChemTable Software
[2013.09.09 00:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\Dream Aquarium
[2013.07.31 17:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\ESET
[2013.08.25 21:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\IObit
[2013.07.19 21:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\SoftDigi
[2013.09.11 14:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\TeamViewer
[2013.07.11 11:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\TuneUp Software
[2013.06.08 09:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\SMCeleron\Data aplikací\Windows Search

========== Purity Check ==========

< End of report >

martin krok · Příspěvekod **martin krok** » 11 zář 2013 20:12

OTL Extras logfile created on: 11.9.2013 19:56:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\SMCeleron\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 705,73 Mb Available Physical Memory | 68,95% Memory free
2,40 Gb Paging File | 2,19 Gb Available in Paging File | 90,90% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,78 Gb Total Space | 29,93 Gb Free Space | 58,94% Space Free | Partition Type: NTFS
Drive D: | 98,26 Gb Total Space | 68,80 Gb Free Space | 70,02% Space Free | Partition Type: NTFS

Computer Name: CELERON-5D8C779 | User Name: SMCeleron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\MadOnion.com\3DMark2001 SE\3DMark2001SE.exe" = C:\Program Files\MadOnion.com\3DMark2001 SE\3DMark2001SE.exe:*:Enabled:3DMark2001 SE -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.5.1
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54F9DE36-BAD2-46B8-BF40-78991BBA198B}" = ESET NOD32 Antivirus
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9984DF60-1C5B-11D3-ACA1-908A4FC10801}" = Intel Application Accelerator
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DreamAqua" = Dream Aquarium
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Windows Media Player" = Windows Media Player 11
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9.9.2013 14:30:47 | Computer Name = CELERON-5D8C779 | Source = MsiInstaller | ID = 11316
Description = Product: ESET NOD32 Antivirus -- Chyba 1316. Při pokusu o čtení ze
souboru C:\WINDOWS\Installer\ei_11.msi došlo k síťové chybě

Error - 9.9.2013 14:53:42 | Computer Name = CELERON-5D8C779 | Source = MsiInstaller | ID = 11706
Description = Product: ESET NOD32 Antivirus -- Chyba 1706. Instalační balíček pro
produkt ESET NOD32 Antivirus nebyl nalezen. Spusťte instalaci znovu pomocí platného
instalačního balíčku 'ei_11.msi'.

Error - 9.9.2013 14:56:08 | Computer Name = CELERON-5D8C779 | Source = MsiInstaller | ID = 11316
Description = Product: ESET NOD32 Antivirus -- Chyba 1316. Při pokusu o čtení ze
souboru C:\WINDOWS\Installer\ei_11.msi došlo k síťové chybě

Error - 11.9.2013 7:27:41 | Computer Name = CELERON-5D8C779 | Source = MsiInstaller | ID = 11316
Description = Product: ESET NOD32 Antivirus -- Chyba 1316. Při pokusu o čtení ze
souboru C:\WINDOWS\Installer\ei_11.msi došlo k síťové chybě

Error - 11.9.2013 10:01:29 | Computer Name = CELERON-5D8C779 | Source = MsiInstaller | ID = 11316
Description = Product: ESET NOD32 Antivirus -- Chyba 1316. Při pokusu o čtení ze
souboru C:\WINDOWS\Installer\ei_11.msi došlo k síťové chybě

[ System Events ]
Error - 9.9.2013 23:08:13 | Computer Name = CELERON-5D8C779 | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 10.9.2013 8:32:03 | Computer Name = CELERON-5D8C779 | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 10.9.2013 11:39:10 | Computer Name = CELERON-5D8C779 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0051FC007583
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 10.9.2013 11:39:32 | Computer Name = CELERON-5D8C779 | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 11.9.2013 0:14:14 | Computer Name = CELERON-5D8C779 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0051FC007583
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 11.9.2013 0:14:36 | Computer Name = CELERON-5D8C779 | Source = Service Control Manager | ID = 7000
Description = Služba ESET Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 11.9.2013 0:30:38 | Computer Name = CELERON-5D8C779 | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 11.9.2013 0:30:38 | Computer Name = CELERON-5D8C779 | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 11.9.2013 5:55:12 | Computer Name = CELERON-5D8C779 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0051FC007583
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 11.9.2013 6:24:22 | Computer Name = CELERON-5D8C779 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0051FC007583
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

Příspěvekod **jaro3** » 11 zář 2013 22:00

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
[2013.08.25 14:59:02 | 000,481,860 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.08.25 14:59:02 | 000,477,198 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.08.25 14:59:02 | 000,092,512 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.08.25 14:59:02 | 000,079,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\32788R22FWJFW
C:\Qoobox
C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\Reimage.ini
C:\Documents and Settings\SMCeleron\Data aplikací\ESET

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{54F9DE36-BAD2-46B8-BF40-78991BBA198B}" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

+
Stáhni si Registar Lite

na svojí plochu. Poklepáním spustíš instalaci. Po instalaci spusť program. Nejprve klikni vpravo dole na „Home Edition“. V hlavním okně programu klikni na záložku „Search“ .a pak na „Search registry“.
Do okénka pod „Text or Data to search for“ napiš:

Kód: Vybrat vše

Eset

poté:

Kód: Vybrat vše

NOD32

Pak vlevo dole klikni na znak lupy (Search).
Po skenu klikni na klíč který potřebuješ smazat a pak klikni na červený křížek (Delete). Pokračuj dalšími nalezenými klíči.

Musíš dávat pozor , co mažeš!!! Jinak v případě , že smažeš jiné klíče , můžeš poškodit op. systém!!

nebo mi sem před smazáním dej scren po vyhledání , uložit(disketa) nefunguje , jen v placené verzi.

martin krok · Příspěvekod **martin krok** » 11 zář 2013 22:25

All processes killed
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = > in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1> in the current context!
Error: Unable to interpret <O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\ipp - No CLSID value found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\msdaipp - No CLSID value found> in the current context!
Error: Unable to interpret <[2013.08.25 14:59:02 | 000,481,860 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2013.08.25 14:59:02 | 000,477,198 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat> in the current context!
Error: Unable to interpret <[2013.08.25 14:59:02 | 000,092,512 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat> in the current context!
Error: Unable to interpret <[2013.08.25 14:59:02 | 000,079,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat> in the current context!
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\avast! Emergency Update.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\32788R22FWJFW\N_ folder moved successfully.
C:\32788R22FWJFW\License folder moved successfully.
C:\32788R22FWJFW\EN-US folder moved successfully.
C:\32788R22FWJFW folder moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Documents and Settings\SMCeleron\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\Reimage.ini moved successfully.
C:\Documents and Settings\SMCeleron\Data aplikací\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\SMCeleron\Data aplikací\ESET folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{54F9DE36-BAD2-46B8-BF40-78991BBA198B} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54F9DE36-BAD2-46B8-BF40-78991BBA198B}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: SMCeleron
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 82322 bytes
->Google Chrome cache emptied: 58233865 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 141029141 bytes

Total Files Cleaned = 190,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 09112013_222241

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

martin krok · Příspěvekod **martin krok** » 11 zář 2013 22:33

Do okénka pod „Text or Data to search for“ napiš: eset
a ten nod32 kde ho mam napsat

Příspěvekod **jaro3** » 12 zář 2013 09:43

Ten až potom , co najde všechny klíče Esetu a smažeš je. Tak to celé zopakuj s NOD32.

Prosím o kontrolu logu HijackThis Vyřešeno

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Re: Prosím o kontrolu logu HijackThis

Kdo je online