Kontrola HJT + MBAN logu - podezřelé nálezy Vyřešeno

[venusev]

OTL Extras logfile created on: 13.11.2013 19:52:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Venda\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1013,82 Mb Total Physical Memory | 540,11 Mb Available Physical Memory | 53,27% Memory free
2,39 Gb Paging File | 2,03 Gb Available in Paging File | 84,99% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 24,63 Gb Free Space | 16,53% Space Free | Partition Type: NTFS

Computer Name: MONT084090-10 | User Name: Venda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter
"D:\Setup\SetupST.exe" = D:\Setup\SetupST.exe:*:Enabled:SpeedTouch Setup Wizard
"D:\Upgrade\upgradeST.exe" = D:\Upgrade\upgradeST.exe:*:Enabled:SpeedTouch Upgrade Wizard
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"D:\RouterSetup\QISWizard.exe" = D:\RouterSetup\QISWizard.exe:*:Enabled:ASUS Router Setup Wizard Application
"C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\Discovery.exe" = C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\Discovery.exe:*:Enabled:ASUS Device Discovery Application
"C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\Rescue.exe" = C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\Rescue.exe:*:Enabled:ASUS Firmware Restoration Application
"C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\LiveUpdate.exe" = C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\LiveUpdate.exe:*:Enabled:ASUS LiveUpdate Application
"C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\QISWizard.exe" = C:\Program Files\ASUS\RT-N12E Wireless Router Utilities\QISWizard.exe:*:Enabled:ASUS Router Setup Wizard Application
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{192A227B-A8C8-4C6D-B939-21FAEB007E1E}" = Google Drive
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.0
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}" = Microsoft Visual C++ 2005 Redistributable
"{8227BCD8-AA43-B935-7134-2732A298364A}" = Media Go Video Playback Engine 1.120.108.05010
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.
"{ADDBDFFF-A9B1-4AAA-94ED-2F754A1F5D5F}" = Document Express DjVu Plug-in
"{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}" = Media Go
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.174
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Family Tree Builder" = MyHeritage Family Tree Builder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Fio podpis 3.4" = Fio podpis 3.4
"Google Chrome" = Google Chrome
"JCE Strong Enviroment" = JCE Strong Enviroment

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.11.2013 17:07:06 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:18:25 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:18:26 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:24:15 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:24:16 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:34:58 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:34:59 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:46:48 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:46:49 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 13.11.2013 14:20:32 | Computer Name = MONT084090-10 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

[ Application Events ]
Error - 12.11.2013 17:07:06 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:18:25 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:18:26 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:24:15 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:24:16 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:34:58 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:34:59 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:46:48 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 12.11.2013 17:46:49 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 13.11.2013 14:20:32 | Computer Name = MONT084090-10 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

[ System Events ]
Error - 12.11.2013 15:16:53 | Computer Name = MONT084090-10 | Source = PlugPlayManager | ID = 12
Description = Zařízení cbfs3 (Root\LEGACY_CBFS3\0000) se již v systému nenachází,
aniž by bylo nejdříve připraveno k odstranění.

Error - 12.11.2013 15:52:16 | Computer Name = MONT084090-10 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12.11.2013 15:52:19 | Computer Name = MONT084090-10 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 12.11.2013 15:52:52 | Computer Name = MONT084090-10 | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 12.11.2013 15:52:52 | Computer Name = MONT084090-10 | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 12.11.2013 15:52:52 | Computer Name = MONT084090-10 | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 12.11.2013 15:52:52 | Computer Name = MONT084090-10 | Source = Service Control Manager | ID = 7001
Description = Služba Apple Mobile Device závisí na službě Ovladač protokolu TCP/IP,
která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 12.11.2013 15:52:52 | Computer Name = MONT084090-10 | Source = Service Control Manager | ID = 7001
Description = Služba Bonjour Service závisí na službě Ovladač protokolu TCP/IP,
která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 12.11.2013 15:52:52 | Computer Name = MONT084090-10 | Source = Service Control Manager | ID = 7001
Description = Služba IPSEC Services závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 12.11.2013 15:52:52 | Computer Name = MONT084090-10 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswRvrt aswSnx aswSP aswTdi aswVmm cbfs3 Fips intelppm IPSec MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
WS2IFSL


< End of report >

[Reklama]

[jaro3]

Odinstaluj:
InstallMate

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (PCIDump) -- File not found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\URLSearchHook: - No CLSID value found
[2011.12.24 19:27:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Venda\Data aplikací\Mozilla\Extensions
[2013.02.05 19:40:25 | 000,000,000 | ---D | M] (Search-NewTab) -- C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\3vyorqwg.default\extensions\511157f901732@511157f90176c.com
O4 - HKCU..\Run: [] File not found
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\All Users\Data aplikací\InstallMate
ipconfig /flushdns /c

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Drive C: | 149,05 Gb Total Space | 24,63 Gb Free Space | 16,53% Space Free | Partition Type: NTFS
Málo volného místa na disku , něco odinstaluj , smaž.

Error - 12.11.2013 17:24:15 | Computer Name = MONT084090-10 | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Problém s ASP.NET.

[venusev]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Folder move failed. C:\Documents and Settings\Venda\Data aplikací\Mozilla\Extensions\songbird@songbirdnest.com scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Venda\Data aplikací\Mozilla\Extensions scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\3vyorqwg.default\extensions\511157f901732@511157f90176c.com\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\3vyorqwg.default\extensions\511157f901732@511157f90176c.com scheduled to be moved on reboot.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720 deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\PerfStringBackup.TMP moved successfully.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\avast! Emergency Update.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3797295992-2486225274-667689016-1006Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3797295992-2486225274-667689016-1006UA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\{F5DCC788-1986-4217-A0FC-51A42E3FE57E} folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\{16EB8E15-C620-4016-A2FD-8E02CD08ACE3} folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\5B36E089\cfg folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\5B36E089 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\1CC2772C\cfg folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\1CC2772C folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\06F18ACF\cfg folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate\06F18ACF folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\InstallMate folder moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS byla úspěšně vyprázdněna.
C:\Documents and Settings\Venda\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Venda\Plocha\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator.MONT084090-10
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57472 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Venda
->Temp folder emptied: 664589 bytes
->Temporary Internet Files folder emptied: 934022 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 275613787 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 57983 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 9573922900 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 9 395,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11142013_173313

Files\Folders moved on Reboot...
C:\Documents and Settings\Venda\Data aplikací\Mozilla\Extensions\songbird@songbirdnest.com folder moved successfully.
C:\Documents and Settings\Venda\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\3vyorqwg.default\extensions\511157f901732@511157f90176c.com\content folder moved successfully.
C:\Documents and Settings\Venda\Data aplikací\Mozilla\Firefox\Profiles\3vyorqwg.default\extensions\511157f901732@511157f90176c.com folder moved successfully.
C:\Documents and Settings\Venda\Local Settings\Temp\WCESLog.log moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Jsou problémy?

[venusev]

Myslím,že v pohodě. Zdá,že to šlape dobře Moc děkuju.

[jaro3]

Nemáš zač!

Spusť OTL a klikni na Vyčisti.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[venusev]

Moc díky za pomoc. Všechno,zdá se funguje skvěle.