PC se seká - kontrola logu Vyřešeno

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\winamp.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\vis_milk2.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\vis_avs.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\burnlib.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_local.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_disc.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_pmp.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_jumpex.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mp3.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_ff.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_midi.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_ml.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mod.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\out_ds.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_classicart.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wm.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_wire.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_online.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_cdda.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\dsp_sps.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_playlists.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_plg.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_vorbis.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_nsv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_hotkeys.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\auth.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_usb.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_android.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ombrowser.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_aacplus.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_downloads.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_timerestore.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_history.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_tray.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\vis_nsfs.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\out_wave.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_transcode.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_orgler.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_crasher.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_autotag.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_dshow.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_ipod.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\out_disk.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wav.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_wma.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\tagz.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wave.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_flac.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_rg.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_impex.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_bookmarks.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_avi.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_lame.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mp4.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mkv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_p4s.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_activesync.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_find_on_disk.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_vorbis.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_flac.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\winampa.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_njb.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\playlist.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_orb.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_nowplaying.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_addons.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_swf.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_linein.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_flv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_wav.lng ()
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{74352B3E-1377-4276-9574-3FE03D989F26}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKCU\..\SearchScopes\{99A30B05-D66E-4103-B288-12D9ECEAB95A}: "URL" = http://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
[2012.08.08 18:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions
[2012.08.08 18:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.12.06 18:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions
[2013.12.06 18:00:01 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.10.26 23:03:19 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\translator@zoli.bod.xpi
[2013.10.15 17:35:03 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Users\Tom\AppData\Roaming\AVG

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\DAOCONV.T1C

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Drive C: | 119,24 Gb Total Space | 18,26 Gb Free Space | 15,31% Space Free | Partition Type: NTFS

málo místa na disku , něco odinstaluj , smaž!

Error - 24.12.2013 12:40:17 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x519ce103 Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x519ce103 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000423617
ID

Problém s touto aplikací.

Prohlížeč událostí"-----kontaktuj uživatele MiliNess.

Farbar Scan Tool
Prosím stáhni příslušnou verzi programu pro Tvůj systém (32-bit/64-bit) Farbar Scan Tool (FrSt)

32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/

64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/

a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Reklama]

[tomikzlesa]

tady je sken

https://www.virustotal.com/cs/file/beb2 ... 389373138/

Log

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{74352B3E-1377-4276-9574-3FE03D989F26}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74352B3E-1377-4276-9574-3FE03D989F26}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{99A30B05-D66E-4103-B288-12D9ECEAB95A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99A30B05-D66E-4103-B288-12D9ECEAB95A}\ not found.
Prefs.js: translator%40zoli.bod:2.1.0.3 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 removed from extensions.enabledAddons
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16 removed from extensions.enabledItems
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Tom\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions folder moved successfully.
Folder C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\ not found.
File C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\translator@zoli.bod.xpi not found.
File C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
File Protocol\Handler\http\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
File Protocol\Handler\http\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
File Protocol\Handler\https\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
File Protocol\Handler\https\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 01102014_175405

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



logy z frst

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2014
Ran by Tom (administrator) on SHIT on 10-01-2014 18:01:48
Running from C:\Download
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() E:\INSTAL\OpenHardwareMonitor\OpenHardwareMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe
() C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
() C:\Program Files (x86)\OpenHardwareMonitor\OpenHardwareMonitor.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.Exe [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.20.3.1 192.168.20.9
Tcpip\..\Interfaces\{675DA55C-CF9B-447B-8BDF-C7B8BA3B9EA6}: [NameServer]160.218.161.60 160.218.167.5
Tcpip\..\Interfaces\{8FC1770C-3A85-4356-9DA8-23D7513444D6}: [NameServer]160.218.161.60 160.218.167.5
Tcpip\..\Interfaces\{C5373C0F-ACD8-4441-B153-92D593275B89}: [NameServer]160.218.161.60 160.218.167.5

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default
FF SelectedSearchEngine: Google
FF Homepage: seznam.cz
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\GAMES\Assassin's Creed III\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\searchplugins\google-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\BCUConfig
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [140160 2006-12-20] (QUALCOMM Incorporated)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-08-09] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-09] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2012-08-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-08-09] (Duplex Secure Ltd.)
R3 WinRing0_1_2_0; E:\INSTAL\OpenHardwareMonitor\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
U3 aycwmzzf; C:\Windows\System32\Drivers\aycwmzzf.sys [0 ] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 XICTAMDM; system32\DRIVERS\XICTAMDM.sys [x]
S3 XICTANmea; system32\DRIVERS\XICTANmea.sys [x]
S3 XICTAVSP; system32\DRIVERS\XICTAVSP.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 18:01 - 2014-01-10 18:01 - 00000000 ____D C:\FRST
2014-01-10 17:54 - 2014-01-10 17:54 - 00000000 ____D C:\_OTL
2014-01-05 14:59 - 2014-01-05 14:59 - 04263936 _____ C:\Users\Tom\Desktop\system.evtx
2014-01-05 14:59 - 2014-01-05 14:59 - 01118208 _____ C:\Users\Tom\Desktop\aplikace.evtx
2014-01-02 12:08 - 2014-01-02 12:08 - 00000731 _____ C:\Users\Tom\Desktop\PathOfExile.exe – zástupce.lnk
2013-12-25 23:42 - 2013-12-25 23:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-24 16:10 - 2013-12-24 16:10 - 00000000 ____D C:\Users\Tom\Documents\NeocoreGames
2013-12-24 16:01 - 2013-12-24 16:01 - 00017437 _____ C:\Windows\DirectX.log
2013-12-24 15:41 - 2013-12-24 15:41 - 00000000 ____D C:\Users\Tom\Desktop\NeocoreGames
2013-12-24 14:26 - 2013-12-24 14:27 - 00000000 ____D C:\Users\Tom\Documents\Nová složka
2013-12-24 14:24 - 2013-12-24 17:46 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2013-12-24 14:08 - 2013-12-24 14:08 - 00001358 _____ C:\Users\Tom\Desktop\VanHelsing_x64.exe – zástupce.lnk
2013-12-23 20:46 - 2013-12-23 20:46 - 00000015 _____ C:\Users\Tom\Desktop\petr.txt
2013-12-14 14:13 - 2014-01-10 17:55 - 00004434 _____ C:\Windows\setupact.log
2013-12-14 14:13 - 2014-01-03 19:43 - 00002864 _____ C:\Windows\PFRO.log
2013-12-14 14:13 - 2013-12-14 14:13 - 00000000 _____ C:\Windows\setuperr.log
2013-12-14 14:12 - 2013-12-14 14:12 - 00242102 _____ C:\Users\Tom\Documents\cc_20131214_141201.reg
2013-12-13 21:50 - 2013-12-14 14:12 - 00000000 ____D C:\Qoobox
2013-12-13 19:05 - 2013-12-13 22:26 - 00000000 ____D C:\ProgramData\RegCure
2013-12-13 19:01 - 2013-12-13 22:27 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-12-13 19:01 - 2013-12-13 19:01 - 00000000 ____D C:\Users\Tom\AppData\Roaming\ParetoLogic
2013-12-13 19:01 - 2013-12-13 19:01 - 00000000 ____D C:\Users\Tom\AppData\Roaming\DriverCure
2013-12-13 13:25 - 2013-12-13 22:24 - 00005592 _____ C:\Users\Tom\Desktop\CFScript.txt.txt
2013-12-13 12:22 - 2013-12-13 12:22 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 12:14 - 2013-12-13 12:14 - 00000000 ____D C:\Users\Tom\Desktop\Nová složka (3)
2013-12-13 12:13 - 2013-12-17 10:58 - 00000000 ____D C:\Program Files (x86)\HT Audio
2013-12-13 12:13 - 2013-12-13 12:13 - 00000034 _____ C:\Windows\DAOCONV.T1C
2013-12-13 12:13 - 1998-08-26 15:26 - 01045776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet35.dll
2013-12-13 12:13 - 1998-08-11 17:28 - 00407312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl35.dll
2013-12-13 12:13 - 1997-01-13 17:18 - 00037136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT35.DLL
2013-12-13 12:13 - 1996-12-05 00:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBCTL32.DLL
2013-12-13 12:13 - 1996-12-02 18:44 - 00251664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRD2X35.DLL
2013-12-13 12:13 - 1996-12-02 18:44 - 00024336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJTER35.DLL
2013-12-13 12:11 - 2013-12-13 12:11 - 00000000 ____D C:\Users\Tom\Desktop\BassBoxPro v6.0
2013-12-11 18:52 - 2004-03-08 22:00 - 01081616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2013-12-11 18:52 - 2003-07-28 03:11 - 00065536 _____ (eHelp Corporation.) C:\Windows\SysWOW64\wh2robo.dll
2013-12-11 18:52 - 2003-07-28 01:50 - 01044480 _____ (eHelp Corporation.) C:\Windows\SysWOW64\ROBOEX32.dll
2013-12-11 18:52 - 2003-01-18 18:32 - 00049152 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\INETWH32.dll
2013-12-11 18:52 - 1998-08-05 00:00 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsCmCIT.dll
2013-12-11 18:52 - 1998-08-05 00:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsCc2IT.dll
2013-12-11 18:52 - 1998-08-05 00:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CmDlgIT.dll
2013-12-11 18:34 - 2013-12-11 18:34 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-11 18:34 - 2013-12-11 18:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-11 18:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-11 18:26 - 2013-12-13 18:42 - 00000000 ____D C:\AdwCleaner

==================== One Month Modified Files and Folders =======

2014-01-10 18:01 - 2014-01-10 18:01 - 00000000 ____D C:\FRST
2014-01-10 18:01 - 2012-08-15 05:14 - 00000000 ____D C:\Download
2014-01-10 17:59 - 2009-07-14 16:18 - 00668866 _____ C:\Windows\system32\perfh005.dat
2014-01-10 17:59 - 2009-07-14 16:18 - 00141526 _____ C:\Windows\system32\perfc005.dat
2014-01-10 17:59 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-10 17:58 - 2012-08-08 17:39 - 01293852 _____ C:\Windows\WindowsUpdate.log
2014-01-10 17:56 - 2012-08-08 18:54 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Mozilla
2014-01-10 17:55 - 2013-12-14 14:13 - 00004434 _____ C:\Windows\setupact.log
2014-01-10 17:55 - 2012-08-08 18:32 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-10 17:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 17:54 - 2014-01-10 17:54 - 00000000 ____D C:\_OTL
2014-01-10 17:54 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 17:54 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-09 17:20 - 2012-08-30 20:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-05 14:59 - 2014-01-05 14:59 - 04263936 _____ C:\Users\Tom\Desktop\system.evtx
2014-01-05 14:59 - 2014-01-05 14:59 - 01118208 _____ C:\Users\Tom\Desktop\aplikace.evtx
2014-01-03 19:43 - 2013-12-14 14:13 - 00002864 _____ C:\Windows\PFRO.log
2014-01-03 09:31 - 2012-08-08 20:39 - 00000000 ____D C:\GAMES
2014-01-02 12:08 - 2014-01-02 12:08 - 00000731 _____ C:\Users\Tom\Desktop\PathOfExile.exe – zástupce.lnk
2013-12-27 16:01 - 2012-08-11 09:16 - 00000000 ____D C:\Users\Tom\Documents\My Games
2013-12-26 00:07 - 2012-08-19 19:59 - 00000000 ____D C:\Program Files (x86)\OpenHardwareMonitor
2013-12-26 00:02 - 2012-08-08 19:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-25 23:42 - 2013-12-25 23:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-24 17:46 - 2013-12-24 14:24 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2013-12-24 16:10 - 2013-12-24 16:10 - 00000000 ____D C:\Users\Tom\Documents\NeocoreGames
2013-12-24 16:01 - 2013-12-24 16:01 - 00017437 _____ C:\Windows\DirectX.log
2013-12-24 15:41 - 2013-12-24 15:41 - 00000000 ____D C:\Users\Tom\Desktop\NeocoreGames
2013-12-24 14:27 - 2013-12-24 14:26 - 00000000 ____D C:\Users\Tom\Documents\Nová složka
2013-12-24 14:08 - 2013-12-24 14:08 - 00001358 _____ C:\Users\Tom\Desktop\VanHelsing_x64.exe – zástupce.lnk
2013-12-23 20:46 - 2013-12-23 20:46 - 00000015 _____ C:\Users\Tom\Desktop\petr.txt
2013-12-20 09:43 - 2012-08-09 16:10 - 00000000 ____D C:\Users\Tom\AppData\Roaming\DAEMON Tools Pro
2013-12-17 10:58 - 2013-12-13 12:13 - 00000000 ____D C:\Program Files (x86)\HT Audio
2013-12-16 21:26 - 2012-08-08 19:13 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Winamp
2013-12-14 14:13 - 2013-12-14 14:13 - 00000000 _____ C:\Windows\setuperr.log
2013-12-14 14:12 - 2013-12-14 14:12 - 00242102 _____ C:\Users\Tom\Documents\cc_20131214_141201.reg
2013-12-14 14:12 - 2013-12-13 21:50 - 00000000 ____D C:\Qoobox
2013-12-14 14:11 - 2012-09-15 10:52 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-14 14:11 - 2012-08-26 18:08 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Media Player Classic
2013-12-14 14:11 - 2012-08-09 15:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-14 14:11 - 2012-08-08 18:36 - 00000000 ____D C:\Windows\Panther
2013-12-13 22:27 - 2013-12-13 19:01 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-12-13 22:26 - 2013-12-13 19:05 - 00000000 ____D C:\ProgramData\RegCure
2013-12-13 22:24 - 2013-12-13 13:25 - 00005592 _____ C:\Users\Tom\Desktop\CFScript.txt.txt
2013-12-13 22:22 - 2013-02-28 13:57 - 00000000 ____D C:\Users\Tom\AppData\Local\Apps\2.0
2013-12-13 22:19 - 2009-07-14 03:34 - 73662464 _____ C:\Windows\system32\config\software.bak
2013-12-13 22:19 - 2009-07-14 03:34 - 38535168 _____ C:\Windows\system32\config\system.bak
2013-12-13 22:19 - 2009-07-14 03:34 - 05242880 _____ C:\Windows\system32\config\default.bak
2013-12-13 22:19 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-12-13 22:19 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-12-13 22:19 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-13 22:18 - 2012-11-26 17:01 - 00000000 ____D C:\Windows\erdnt
2013-12-13 22:09 - 2012-08-08 19:24 - 00001222 _____ C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2013-12-13 21:54 - 2012-08-08 17:40 - 00000000 ____D C:\Users\Tom
2013-12-13 19:01 - 2013-12-13 19:01 - 00000000 ____D C:\Users\Tom\AppData\Roaming\ParetoLogic
2013-12-13 19:01 - 2013-12-13 19:01 - 00000000 ____D C:\Users\Tom\AppData\Roaming\DriverCure
2013-12-13 19:01 - 2012-08-11 10:11 - 00001070 _____ C:\Users\Tom\Desktop\Reckoning – zástupce.lnk
2013-12-13 18:52 - 2009-07-14 06:08 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-13 18:42 - 2013-12-11 18:26 - 00000000 ____D C:\AdwCleaner
2013-12-13 12:22 - 2013-12-13 12:22 - 00000000 ____D C:\Windows\ERUNT
2013-12-13 12:14 - 2013-12-13 12:14 - 00000000 ____D C:\Users\Tom\Desktop\Nová složka (3)
2013-12-13 12:13 - 2013-12-13 12:13 - 00000034 _____ C:\Windows\DAOCONV.T1C
2013-12-13 12:11 - 2013-12-13 12:11 - 00000000 ____D C:\Users\Tom\Desktop\BassBoxPro v6.0
2013-12-11 22:27 - 2009-07-14 03:34 - 00000750 _____ C:\Windows\win.ini
2013-12-11 19:20 - 2012-08-30 20:53 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 19:20 - 2012-08-08 19:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 19:20 - 2012-08-08 19:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 18:34 - 2013-12-11 18:34 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-11 18:34 - 2013-12-11 18:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

Files to move or delete:
====================
C:\Users\Tom\AppData\Roaming\Origin\update.vbe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 00:46

==================== End Of Log ============================


druhy log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2014
Ran by Tom at 2014-01-10 18:02:05
Running from C:\Download
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 4.65 (x32 Version: - )
Absolute Nature 2 for S.T.A.L.K.E.R - Call of Pripyat (x32 Version: - )
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1. - Czech (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Advanced Disk Catalog (x32 Version: - )
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
ArtMoney SE v7.40.2 (x32 Version: 7.40.2 - System SoftLab)
Browser Configuration Utility (x32 Version: 1.1.18.0 - DeviceVM Inc.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
ContentMod2.4 (x32 Version: - )
CZShare Manager (HKCU Version: 0.0.1.35 - CZShare)
DAEMON Tools Pro (x32 Version: 5.1.0.0333 - DT Soft Ltd)
Dead Island Riptide (c) Deep Silver version 1 (x32 Version: 1 - )
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
GOM Player (x32 Version: 2.2.56.5181 - Gretech Corporation)
Google Earth Plug-in (x32 Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Gothic II - Modification Development Kit (x32 Version: 2.6 - Piranha Bytes)
Gothic II Gold (x32 Version: 1.00.0000 - CD Projekt)
Gothic II Gold (x32 Version: 1.00.0000 - CD Projekt) Hidden
Gothic III (x32 Version: 1.0.0 - JoWooD Productions Software AG)
GOTHIC2 - ADDON_RETURNING (x32 Version: 1.0 - T&G MOD TEAM © 2005 - 2008)
HiJackThis (x32 Version: 1.0.0 - Trend Micro)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Java 7 Update 10 (x32 Version: 7.0.100 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
K-Lite Codec Pack 9.2.0 (Full) (x32 Version: 9.2.0 - )
Logitech SetPoint (x32 Version: 4.80 - Logitech)
Malwarebytes Anti-Malware verze 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended CSY Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (x32 Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (x32 Version: - )
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 26.0 (x86 cs) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Nero 9 (x32 Version: - Nero AG)
Nero BurningROM (x32 Version: 9.0.0.0 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 0.0.0.1 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 2.0.0.1 - Nero AG) Hidden
NeroBurningROM (x32 Version: 9.0.9.100 - Nero AG) Hidden
Nexus Mod Manager (Version: 0.14.1 - Black Tree Gaming)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001 - GIGABYTE)
OrkMod2.0 (x32 Version: - )
Ovládací panel NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
Questpaket 4 Update 2 Deinstallation (x32 Version: 4.2.0.0 - Humanforce)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01] (x32 Version: 1.6.01 - CENEGA)
Samsung_MonSetup (x32 Version: 1.00.0000 - Samsung)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.)
SILENT HILL 3 (x32 Version: 1.00.0000 - Konami Computer Entertainment Tokyo, Inc.) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
The Incredible Adventures of Van Helsing (c) NeocoreGames version 1 (x32 Version: 1 - )
The Incredible Adventures of Van Helsing Update v1.1.25 incl DLC (x32 Version: 1 - )
Torchlight II (c) Runic Games version 1 (x32 Version: 1 - )
Total Commander (Remove or Repair) (x32 Version: - )
Usb Game Pad (x32 Version: - )
VL Sound 5.1 (x32 Version: - Valera Lavrov)
Winamp (x32 Version: 5.6 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (x32 Version: - )
Zoner Photo Studio 12 (x32 Version: - ZONER software)

==================== Restore Points =========================

28-12-2013 02:42:27 Windows Update
04-01-2014 11:45:48 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-12-13 22:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {2B8792AA-8806-43E4-A21E-9E776A1DEE6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {91D65D31-1AA1-424D-B0B0-EFB98935950D} - System32\Tasks\Open Hardware Monitor\Startup => C:\Program Files (x86)\OpenHardwareMonitor\OpenHardwareMonitor.exe [2010-07-04] ()
Task: {DA1F2400-4B42-46A5-97E7-B7EE38D90B19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E012C645-032A-43A1-84F3-F67D4EE0D266} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 21:14 - 2010-06-27 15:54 - 00146432 _____ () E:\INSTAL\OpenHardwareMonitor\Aga.Controls.dll
2012-08-08 20:14 - 2009-07-20 11:35 - 00018960 _____ () C:\Program Files (x86)\Logitech\SetPoint\khalwrapper.dll
2012-08-19 19:59 - 2010-06-27 15:54 - 00146432 _____ () C:\Program Files (x86)\OpenHardwareMonitor\Aga.Controls.dll
2012-08-09 16:39 - 2012-05-28 15:16 - 00002048 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2013-12-25 23:42 - 2013-12-25 23:42 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 19:20 - 2013-12-11 19:20 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/03/2014 06:19:22 PM) (Source: Application Hang) (User: )
Description: Program Adc.exe verze 1.3.1.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a2c

Čas spuštění: 01cf08a7eb0e9e36

Čas ukončení: 0

Cesta k aplikaci: C:\Program Files (x86)\Advanced Disk Catalog\Adc.exe

ID hlášení: 2e06d072-749b-11e3-b0ed-1c6f65a7d698

Error: (01/03/2014 06:19:10 PM) (Source: Application Hang) (User: )
Description: Program Adc.exe verze 1.3.1.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a54

Čas spuštění: 01cf08a7e0294eba

Čas ukončení: 10

Cesta k aplikaci: C:\Program Files (x86)\Advanced Disk Catalog\Adc.exe

ID hlášení: 26736b63-749b-11e3-b0ed-1c6f65a7d698

Error: (12/24/2013 05:46:50 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000423617
ID chybujícího procesu: 0x59c
Čas spuštění chybující aplikace: 0xVanHelsing_x64.exe0
Cesta k chybující aplikaci: VanHelsing_x64.exe1
Cesta k chybujícímu modulu: VanHelsing_x64.exe2
ID zprávy: VanHelsing_x64.exe3

Error: (12/24/2013 05:44:49 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000423617
ID chybujícího procesu: 0x670
Čas spuštění chybující aplikace: 0xVanHelsing_x64.exe0
Cesta k chybující aplikaci: VanHelsing_x64.exe1
Cesta k chybujícímu modulu: VanHelsing_x64.exe2
ID zprávy: VanHelsing_x64.exe3

Error: (12/24/2013 05:44:12 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x86.exe, verze: 1.0.0.1, časové razítko: 0x519ce10f
Název chybujícího modulu: VanHelsing_x86.exe, verze: 1.0.0.1, časové razítko: 0x519ce10f
Kód výjimky: 0xc0000005
Posun chyby: 0x0036b221
ID chybujícího procesu: 0x1268
Čas spuštění chybující aplikace: 0xVanHelsing_x86.exe0
Cesta k chybující aplikaci: VanHelsing_x86.exe1
Cesta k chybujícímu modulu: VanHelsing_x86.exe2
ID zprávy: VanHelsing_x86.exe3

Error: (12/24/2013 05:41:49 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000423617
ID chybujícího procesu: 0xf0
Čas spuštění chybující aplikace: 0xVanHelsing_x64.exe0
Cesta k chybující aplikaci: VanHelsing_x64.exe1
Cesta k chybujícímu modulu: VanHelsing_x64.exe2
ID zprávy: VanHelsing_x64.exe3

Error: (12/24/2013 05:40:17 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x519ce103
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000423617
ID chybujícího procesu: 0xfb4
Čas spuštění chybující aplikace: 0xVanHelsing_x64.exe0
Cesta k chybující aplikaci: VanHelsing_x64.exe1
Cesta k chybujícímu modulu: VanHelsing_x64.exe2
ID zprávy: VanHelsing_x64.exe3

Error: (12/24/2013 05:39:19 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x52614a03
Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x52614a03
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000003de742
ID chybujícího procesu: 0xf98
Čas spuštění chybující aplikace: 0xVanHelsing_x64.exe0
Cesta k chybující aplikaci: VanHelsing_x64.exe1
Cesta k chybujícímu modulu: VanHelsing_x64.exe2
ID zprávy: VanHelsing_x64.exe3

Error: (12/24/2013 05:39:12 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x52614a03
Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x52614a03
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000003de742
ID chybujícího procesu: 0xf28
Čas spuštění chybující aplikace: 0xVanHelsing_x64.exe0
Cesta k chybující aplikaci: VanHelsing_x64.exe1
Cesta k chybujícímu modulu: VanHelsing_x64.exe2
ID zprávy: VanHelsing_x64.exe3

Error: (12/24/2013 04:04:39 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x524d488f
Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1, časové razítko: 0x524d488f
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000003ce3c2
ID chybujícího procesu: 0x120c
Čas spuštění chybující aplikace: 0xVanHelsing_x64.exe0
Cesta k chybující aplikaci: VanHelsing_x64.exe1
Cesta k chybujícímu modulu: VanHelsing_x64.exe2
ID zprávy: VanHelsing_x64.exe3


System errors:
=============
Error: (01/10/2014 05:55:09 PM) (Source: Service Control Manager) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error: (01/10/2014 05:55:09 PM) (Source: Application Popup) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.

Error: (01/10/2014 05:55:07 PM) (Source: volmgr) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (01/10/2014 05:55:03 PM) (Source: volmgr) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (01/10/2014 05:55:03 PM) (Source: volmgr) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (01/10/2014 05:54:05 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/10/2014 05:51:54 PM) (Source: nvlddmkm) (User: )
Description: \Device\Video5!051d(2558)

Error: (01/10/2014 05:49:50 PM) (Source: Service Control Manager) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error: (01/10/2014 05:49:50 PM) (Source: Application Popup) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.

Error: (01/10/2014 05:49:48 PM) (Source: volmgr) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.


Microsoft Office Sessions:
=========================
Error: (01/03/2014 06:19:22 PM) (Source: Application Hang)(User: )
Description: Adc.exe1.3.1.0a2c01cf08a7eb0e9e360C:\Program Files (x86)\Advanced Disk Catalog\Adc.exe2e06d072-749b-11e3-b0ed-1c6f65a7d698

Error: (01/03/2014 06:19:10 PM) (Source: Application Hang)(User: )
Description: Adc.exe1.3.1.0a5401cf08a7e0294eba10C:\Program Files (x86)\Advanced Disk Catalog\Adc.exe26736b63-749b-11e3-b0ed-1c6f65a7d698

Error: (12/24/2013 05:46:50 PM) (Source: Application Error)(User: )
Description: VanHelsing_x64.exe1.0.0.1519ce103VanHelsing_x64.exe1.0.0.1519ce103c0000005000000000042361759c01cf00c7aac6b8c8C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exefbf5f6cd-6cba-11e3-9acb-1c6f65a7d698

Error: (12/24/2013 05:44:49 PM) (Source: Application Error)(User: )
Description: VanHelsing_x64.exe1.0.0.1519ce103VanHelsing_x64.exe1.0.0.1519ce103c0000005000000000042361767001cf00c763d74d58C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeb3662b5c-6cba-11e3-9acb-1c6f65a7d698

Error: (12/24/2013 05:44:12 PM) (Source: Application Error)(User: )
Description: VanHelsing_x86.exe1.0.0.1519ce10fVanHelsing_x86.exe1.0.0.1519ce10fc00000050036b221126801cf00c738dd6613C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x86.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x86.exe9dcaf20e-6cba-11e3-9acb-1c6f65a7d698

Error: (12/24/2013 05:41:49 PM) (Source: Application Error)(User: )
Description: VanHelsing_x64.exe1.0.0.1519ce103VanHelsing_x64.exe1.0.0.1519ce103c00000050000000000423617f001cf00c6eefdab5dC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe48894318-6cba-11e3-9acb-1c6f65a7d698

Error: (12/24/2013 05:40:17 PM) (Source: Application Error)(User: )
Description: VanHelsing_x64.exe1.0.0.1519ce103VanHelsing_x64.exe1.0.0.1519ce103c00000050000000000423617fb401cf00c6bc07793fC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe11b8a6c9-6cba-11e3-9acb-1c6f65a7d698

Error: (12/24/2013 05:39:19 PM) (Source: Application Error)(User: )
Description: VanHelsing_x64.exe1.0.0.152614a03VanHelsing_x64.exe1.0.0.152614a03c000000500000000003de742f9801cf00c6b14c8545C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeef15a0a9-6cb9-11e3-9acb-1c6f65a7d698

Error: (12/24/2013 05:39:12 PM) (Source: Application Error)(User: )
Description: VanHelsing_x64.exe1.0.0.152614a03VanHelsing_x64.exe1.0.0.152614a03c000000500000000003de742f2801cf00c6abf3ce09C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeeb13af94-6cb9-11e3-9acb-1c6f65a7d698

Error: (12/24/2013 04:04:39 PM) (Source: Application Error)(User: )
Description: VanHelsing_x64.exe1.0.0.1524d488fVanHelsing_x64.exe1.0.0.1524d488fc000000500000000003ce3c2120c01cf00b976c4c753C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeC:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exeb5388557-6cac-11e3-9acb-1c6f65a7d698


CodeIntegrity Errors:
===================================
Date: 2014-01-03 19:37:40.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:40.030
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:39.938
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:34.282
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:34.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:34.099
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:32.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:32.144
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:37:32.053
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 19:32:30.035
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.17514_none_59537a3710696511\appid.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 4092.16 MB
Available physical RAM: 2272.05 MB
Total Pagefile: 8182.49 MB
Available Pagefile: 6685.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (SYSTEM 64) (Fixed) (Total:119.24 GB) (Free:24.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (CLOVERFIELD) (Fixed) (Total:931.51 GB) (Free:14.8 GB) NTFS
Drive f: () (Fixed) (Total:39.06 GB) (Free:9.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (HADR) (Fixed) (Total:193.82 GB) (Free:5.92 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

[jaro3]

Odinstaluj:
Java 7 Update 10

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKLM\...\Policies\Explorer: [NoResolveSearch] 1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
C:\Qoobox

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\System32\Drivers\aycwmzzf.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Problém s VanHelsing_x64.exe a winbiosensoradapter.dll

Kontaktoval si MiliNesse?

[tomikzlesa]

ahoj,
tentno soubor aycwmzzf.sys nikde v PC nemám, takže sem neprovedl scan
MiliNesse kontaktuji

tady je prvni log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-01-2014 01
Ran by Tom at 2014-01-13 17:39:21 Run:1
Running from C:\Download
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
C:\Qoobox
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Qoobox => Moved successfully.

==== End of Fixlog ====

[memphisto]

Není viditelný ani když si nastavíš zobrazení skrytých souborů a nebo cestu rovnou nakopíruješ na VT?

[tomikzlesa]

mám nastevené zobrazení skrytých souboru i odstranenou fajfku z chranenych souboru pro celý PC a soubor jsem nenašel (pres hledání lupou), ani přímá cesta nefunguje

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

C:\Windows\System32\Drivers\aycwmzzf.sys

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[tomikzlesa]

soubor nenalezen

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2014 01
Ran by Tom at 2014-01-15 19:31:45 Run:2
Running from C:\Download
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Windows\System32\Drivers\aycwmzzf.sys
*****************

"C:\Windows\System32\Drivers\aycwmzzf.sys" => File/Directory not found.

==== End of Fixlog ====

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

C:\Windows\System32\Drivers\aycwmzzf.sys

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[tomikzlesa]

vždyt to jsem udělal, i nakopíroval log, soubor v mém PC neexistuje

[jaro3]

Aha , co problémy?

[tomikzlesa]

bohužel stále....začne blbnout a zasekávat se myš a občas pc zamrzne, nebo se sám restartuje. Jen při praci ve win...