Kontrola logu pomaly počítač

Aron · Příspěvekod **Aron** » 15 led 2014 19:45

Na ploše se mi oběvila složka RK_Quarantine co sní.

Reklama

Damned · Příspěvekod **Damned** » 15 led 2014 19:49

Později smažeme.

Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Skenování dokončí práci...
- Počkej, dokud status box zobrazuje "Scan"
- Klikni na "Oprava Hosts"
- Klikni na "Vymazat"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller

Aron · Příspěvekod **Aron** » 15 led 2014 20:03

RogueKiller V8.8.1 [Jan 14 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : stolní pc [Práva správce]
Mód : Odebrat -- Datum : 01/15/2014 20:00:34
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0xc0000033] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST340014A +++++
--- User ---
[MBR] eb605af15fa21b0368960d016bd491e8
[BSP] d2039fccd679f5a414d69ae835f118a0 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 38164 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD1600JB-00GVC0 +++++
--- User ---
[MBR] 8aa037e442d9d9c21665db00058e0709
[BSP] 0ced2f7ad1ea336f37a2fe695ecf7dff : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 51999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 106494885 | Size: 100618 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01152014_200034.txt >>
RKreport[0]_H_01152014_195942.txt;RKreport[0]_S_01152014_195838.txt

Damned · Příspěvekod **Damned** » 15 led 2014 20:05

Stáhni si DelFix a ulož si ho na Plochu.

Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce).
V hlavním menu zaškrtni tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se otevře zpráva (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je uložena zde:
C: \ DelFix.txt

Aron · Příspěvekod **Aron** » 15 led 2014 20:10

# DelFix v10.6 - Logfile created 15/01/2014 at 20:09:04
# Updated 11/11/2013 by Xplode
# Username : stolní pc - STOLNÍPC
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\stolní pc\Plocha\RK_Quarantine
Deleted : C:\Documents and Settings\stolní pc\Plocha\adwcleaner.exe
Deleted : C:\Documents and Settings\stolní pc\Plocha\HiJackThis.exe
Deleted : C:\Documents and Settings\stolní pc\Plocha\RogueKiller.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #1 [Kontrolní bod systému | 01/09/2014 10:11:36]
Deleted : RP #2 [Kontrolní bod systému | 01/10/2014 10:21:48]
Deleted : RP #3 [new 2014 | 01/11/2014 00:50:47]
Deleted : RP #4 [Operace obnovení | 01/11/2014 00:51:35]
Deleted : RP #5 [SlimDrivers Installing Drivers | 01/11/2014 02:05:34]
Deleted : RP #6 [SlimDrivers Installing Drivers | 01/11/2014 02:11:15]
Deleted : RP #7 [Instalováno Realtek AC'97 Audio | 01/11/2014 02:12:27]
Deleted : RP #8 [SlimDrivers Installing Drivers | 01/11/2014 02:14:26]
Deleted : RP #9 [SlimDrivers Installing Drivers | 01/11/2014 02:17:03]
Deleted : RP #10 [SlimDrivers Installing Drivers | 01/11/2014 02:19:05]
Deleted : RP #11 [SlimDrivers Installing Drivers | 01/11/2014 02:27:38]
Deleted : RP #12 [SlimDrivers Installing Drivers | 01/11/2014 02:30:01]
Deleted : RP #13 [SlimDrivers Installing Drivers | 01/11/2014 02:32:02]
Deleted : RP #14 [Removed SlimDrivers | 01/11/2014 03:21:17]
Deleted : RP #15 [avast! antivirus system restore point | 01/11/2014 20:57:52]
Deleted : RP #16 [Kontrolní bod systému | 01/13/2014 21:10:51]
Deleted : RP #17 [Revo Uninstaller Pro's restore point - Ask Toolbar | 01/13/2014 23:29:02]
Deleted : RP #18 [Revo Uninstaller Pro's restore point - Ask Toolbar | 01/13/2014 23:31:14]
Deleted : RP #19 [Revo Uninstaller Pro's restore point - Ask Toolbar | 01/13/2014 23:32:59]
Deleted : RP #20 [Software Distribution Service 3.0 | 01/14/2014 23:56:21]
Deleted : RP #21 [Software Distribution Service 3.0 | 01/15/2014 13:11:58]

New restore point created !

########## - EOF - ##########

Damned · Příspěvekod **Damned** » 15 led 2014 20:12

Vypni rezidentní štít antiviru.
Stáhni si ComboFix (by sUBs) a ulož si ho na Plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Aron · Příspěvekod **Aron** » 15 led 2014 20:33

ComboFix 14-01-14.02 - stolní pc 15.01.2014 20:18:34.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.700 [GMT 1:00]
Spuštěný z: c:\documents and settings\stolní pc\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-15 do 2014-01-15 )))))))))))))))))))))))))))))))
.
.
2014-01-15 18:06 . 2014-01-15 18:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-14 03:11 . 2014-01-14 03:13 -------- d-----w- c:\windows\nview
2014-01-14 03:11 . 2006-10-22 15:22 208896 ----a-w- c:\windows\system32\nvudisp.exe
2014-01-14 03:11 . 2006-10-22 14:06 208896 ----a-w- c:\windows\system32\NVUNINST.EXE
2014-01-14 02:37 . 2014-01-14 02:40 -------- d-----w- c:\windows\$regcmp$
2014-01-14 02:37 . 2014-01-14 02:50 -------- d-----w- c:\program files\Registry Clean Expert
2014-01-13 23:46 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2014-01-13 20:24 . 2014-01-13 20:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA
2014-01-13 20:14 . 2003-11-10 17:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2014-01-13 20:14 . 2003-11-10 17:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2014-01-13 20:14 . 2003-11-10 17:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2014-01-13 20:14 . 2003-11-10 17:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2014-01-13 20:14 . 2003-11-10 17:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2014-01-13 20:14 . 2014-01-13 20:14 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2014-01-13 20:14 . 2014-01-13 20:14 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2014-01-11 02:31 . 2000-01-01 00:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2014-01-11 02:30 . 2014-01-11 02:30 -------- d-----w- C:\Intel
2014-01-11 02:29 . 2014-01-11 02:29 -------- d-----w- c:\program files\Intel
2014-01-11 02:26 . 2014-01-11 02:26 -------- d-----w- c:\program files\ATI Technologies
2014-01-11 02:25 . 2000-10-05 13:55 77824 ------w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2014-01-11 02:25 . 2000-10-05 13:55 221184 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2014-01-11 02:25 . 2000-10-05 13:50 221184 ------w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2014-01-11 02:25 . 2000-10-05 13:49 32768 ------w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2014-01-11 02:24 . 2000-01-01 00:00 610436 ------w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
2014-01-11 02:12 . 2014-01-11 02:12 -------- d-----w- c:\program files\Realtek AC97
2014-01-11 02:09 . 2010-02-10 20:20 212992 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2014-01-11 02:03 . 2014-01-11 02:03 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\SlimWare Utilities Inc
2014-01-11 00:52 . 2014-01-11 00:52 -------- d-----w- c:\windows\system32\wbem\Repository
2014-01-05 01:42 . 2014-01-05 01:42 -------- d-----w- c:\documents and settings\All Users\Immunet
2014-01-03 16:57 . 2014-01-04 08:14 -------- d-----w- c:\program files\Common Files\InstallerA
2014-01-01 21:13 . 2014-01-01 21:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\GFI Software
2013-12-31 23:15 . 2013-12-31 23:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CDB
2013-12-31 21:09 . 2013-12-31 21:09 -------- d-----w- c:\documents and settings\stolní pc\SyncFolder
2013-12-31 20:51 . 2013-12-31 20:51 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-31 20:51 . 2013-12-31 20:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-31 20:45 . 2013-12-31 20:45 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Ashampoo
2013-12-31 20:45 . 2013-12-31 20:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ashampoo
2013-12-28 14:14 . 2013-12-28 14:14 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\DamnVid
2013-12-28 13:51 . 2013-12-28 13:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Logs
2013-12-28 13:51 . 2013-12-28 13:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Licenses
2013-12-28 13:21 . 2013-12-28 13:21 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\DigitalVolcano
2013-12-27 14:50 . 2013-12-27 14:50 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\DFH
2013-12-25 15:38 . 2013-12-25 15:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2013-12-25 15:18 . 2013-12-25 15:18 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\VS Revo Group
2013-12-25 15:18 . 2013-12-25 15:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\VS Revo Group
2013-12-24 22:51 . 2013-12-24 23:02 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\Unity
2013-12-24 22:38 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2013-12-24 22:35 . 2013-12-25 00:34 -------- d-----w- c:\windows\Logs
2013-12-24 18:00 . 2013-12-24 18:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Free Online TV
2013-12-24 17:33 . 2013-12-24 17:41 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\BSplayer
2013-12-24 16:57 . 2013-12-24 16:57 -------- d-----w- c:\documents and settings\stolní pc\.android
2013-12-24 16:57 . 2013-12-28 14:41 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\cache
2013-12-24 16:54 . 2013-12-25 00:36 -------- d-----w- c:\program files\CrystalDiskInfo
2013-12-24 16:51 . 2013-12-24 16:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Informer Technologies, Inc
2013-12-24 15:43 . 2013-12-24 15:43 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Mc & RENOX
2013-12-24 14:11 . 2013-12-24 14:42 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\SimpleTV V03
2013-12-22 18:06 . 2013-06-05 05:18 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2013-12-22 18:06 . 2013-06-05 05:18 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2013-12-22 18:06 . 2013-06-05 05:18 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2013-12-22 18:06 . 2013-06-05 05:18 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2013-12-22 18:06 . 2013-06-05 05:18 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2013-12-22 18:06 . 2013-06-05 05:18 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2013-12-22 18:06 . 2013-06-05 05:18 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2013-12-22 17:59 . 2013-12-22 17:59 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\WarThunder
2013-12-22 17:59 . 2013-12-22 17:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WarThunder
2013-12-19 14:31 . 2013-12-25 14:33 -------- d-----w- c:\program files\CCleaner
2013-12-18 17:53 . 2013-12-18 17:57 -------- d-----w- c:\documents and settings\stolní pc\Data aplikací\Ulozto File Manager
2013-12-18 17:33 . 2013-12-18 17:33 -------- d-sh--w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\ms-drivers
2013-12-18 17:33 . 2013-12-18 17:33 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\MetaGeek,_LLC
2013-12-18 17:33 . 2013-12-18 17:33 -------- d-----w- c:\documents and settings\stolní pc\Local Settings\Data aplikací\IsolatedStorage
2013-12-18 01:49 . 2013-12-18 01:55 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-18 01:49 . 2013-12-18 01:55 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-18 01:49 . 2013-12-18 01:55 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-18 01:49 . 2013-12-18 01:55 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-18 01:49 . 2013-12-18 01:49 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-18 01:49 . 2013-12-18 01:55 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-18 01:49 . 2013-12-18 01:55 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-12-18 01:49 . 2013-12-18 01:55 270240 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-18 01:49 . 2013-12-18 01:55 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 01:48 . 2013-12-18 01:48 -------- d-----w- c:\program files\AVAST Software
2013-12-18 01:48 . 2013-12-18 01:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-12-17 02:30 . 2013-12-17 02:30 10240 ----a-w- c:\windows\system32\drivers\FldSafe.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-27 20:21 . 2008-04-13 22:27 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 03:00 . 2008-04-14 06:51 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-12 19:15 . 2013-11-12 19:15 566030 ----a-w- c:\windows\Flash Screensaver.scr
2013-11-07 05:38 . 2008-04-14 06:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 06:06 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2008-04-14 05:45 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-29 07:45 . 2008-04-14 06:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-29 07:45 . 2008-04-14 06:51 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 00:45 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 06:51 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-18 01:55 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-18 3764024]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 15:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 15:22 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 15:22 1622016 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"idsvc"=3 (0x3)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"SkypeUpdate"=2 (0x2)
"IDriverT"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\THQ\\Pandemic Studios\\Full Spectrum Warrior\\Launcher.locked"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:War Thunder
"20010:UDP"= 20010:UDP:War Thunder
"3478:UDP"= 3478:UDP:War Thunder
"7850:TCP"= 7850:TCP:War Thunder
"27022:TCP"= 27022:TCP:War Thunder
"6881:TCP"= 6881:TCP:War Thunder
"33333:TCP"= 33333:TCP:War Thunder
"20443:TCP"= 20443:TCP:War Thunder
"8090:TCP"= 8090:TCP:War Thunder
"2106:UDP"= 2106:UDP:Windows Media Format SDK (bsplayer.exe)
"2107:UDP"= 2107:UDP:Windows Media Format SDK (bsplayer.exe)
"2108:UDP"= 2108:UDP:Windows Media Format SDK (bsplayer.exe)
"2121:UDP"= 2121:UDP:Windows Media Format SDK (bsplayer.exe)
"2120:UDP"= 2120:UDP:Windows Media Format SDK (bsplayer.exe)
"2122:UDP"= 2122:UDP:Windows Media Format SDK (bsplayer.exe)
"2160:UDP"= 2160:UDP:Windows Media Format SDK (bsplayer.exe)
"2161:UDP"= 2161:UDP:Windows Media Format SDK (bsplayer.exe)
"2162:UDP"= 2162:UDP:Windows Media Format SDK (bsplayer.exe)
"2217:UDP"= 2217:UDP:Windows Media Format SDK (bsplayer.exe)
"2216:UDP"= 2216:UDP:Windows Media Format SDK (bsplayer.exe)
"2218:UDP"= 2218:UDP:Windows Media Format SDK (bsplayer.exe)
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [18.12.2013 2:49 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [18.12.2013 2:49 180248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18.12.2013 2:49 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18.12.2013 2:49 410528]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [18.12.2013 2:49 67824]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [22.12.2013 19:06 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [22.12.2013 19:06 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [22.12.2013 19:06 123648]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-15 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-18 01:54]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-15 20:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG16.00.00.01PROFESSIONAL"="93596EBD8A711BF44AA6BA90F01C135CF3AAC25CF424EE0135440EA8A46A4BB5A87DEA3BA720B585039D4804EB2F51D1D07F9FE65F0A84B734C56F43C737C24C3F5049D719BB569C5E0AE475E6CACA14460AD3FD67CE5A95837C3331763DF380895D7E5241B5C9F0DB876018EB7CF7DC481328E9D23E3279A8FC3AF1D9A20BF73928A37ECA30C4898225AC33428533B8CDD507862ED42E962BD00B955FC3932A89A5F9C12387DCC3DBE56222785BBD0CCF028346C7C657F116F34BC2B3B07FE2364160957BC48B50F441B953E1A7380ACEBB4EAA33789BE77959C9FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14079DB7CE019D40AA5CA6A0AC4980AC7933A6A0AC4980AC79337EFE7F9191E0F22E929BA399E04F4458F2432718EBCA79B55BFADCEB85F6D8FEA438D584E7125C0FC95DEBD15B802720374C914531DD3B1AEAFEF6E606A80B6665BA7D766475D45DE74D829DA335CB4308DA6832268E194E0F3D878CE141A545A8705AE23220B7A7691504420A935CE516FAA60D6533ABB14BC287911469CBD46B08FE28542DD39BDE25C4E536C776D027FE7DE558A8FB443A612311F0CD146E3AF3B709213C6E0FECB0CA98238228F09478CE33BF51072E0C2E3A0A1A238991B8E8002F406F40784AADD1489E76F857CABFB24D2F1040B70102E2DD891B2C6020E20B26326D7275C45745C94C5A60B7CC72F4720F4F0ECFF17A64D30BF16CA2399EBCDAC65F2844BC2ECB57246B4DEDAE6F15431B79C80646F83B95C1653542669EAFA1A4F6F3C9A5F4380AEE699EF399DBC54661013F937CA1193220B6DD4F1829B032C5645E0D87B117644B96AB6CCB207064485AB35029DD611CF0A9B7FBD6C8422876DEE2BA00B0A64AADBB3B1B16E6AEEA057D5CBA71DA2C294F0B051FBCCA1983DAA171A2BD80D805DBA38B69DDA1500A2567E1748E0BC693ABA6FBB47B429EA5666B6E3885F4D4BF711F4D651B035A59079965C350A1B27ACCCEC9D9D385715764FD3293B025758B5C00A5BD5C058151E017F413181923DF49D78B539E2D62C472A088702B6BC7DB5E20AD49436335CE37E899EE5CAD81AA901CD486C619767C021EB12F7467100B115972FE849D1115681DCB8927616924E0FA2D7F4BE9687058C460D4A0FBC3D25D8CF4FDE9F66B472342F93A1779AB7B50540F6B3F87A4FA90663E86D9518D56021D2A06CE794A6FEB6F86F85F7E4C43C68D699F4B1BCC55175B67925AD0CC1912727BFAA7F069FA19BA4765C4BC85728291A0912991B79FAEFDE966F22B138274F7C4E7F66C39BC584385BF21C642E1924D895C289FEC5DEBABCB198752A6DF649DD77857C15CE7A7A7016FE4F1A3515C32703F2D392C753A48056092FE8261EE57F97DF408AA18DB"
.
Celkový čas: 2014-01-15 20:31:47
ComboFix-quarantined-files.txt 2014-01-15 19:31
.
Před spuštěním: Volných bajtů: 20 860 407 808
Po spuštění: Volných bajtů: 20 849 688 576
.
- - End Of File - - A2FA8A820033D54C481FD478BE5AF823
413FC2A0C716421B3158746D63736515

Damned · Příspěvekod **Damned** » 15 led 2014 21:07

Odinstaluj ComboFix. ComboFix se odinstaluje takto:
Vypni antivir a pokud máš i Antispyware ( nutné ) .

Start -> Spustit (nebo klávesy Win+R) a zadej do řádku: Combofix[mezera]/uninstall
********************************************************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na Minimální výstup, zaškrtni Pro všechny uživatele.Pod Běžné registry změň na Vše, Specifické registry na Vše, Služby na Vše, Procesy na Vše. Zatrhni Kontrola na havěť LOP a Kontrola na havěť Purity. Stáří souborů změň na 14 dnů. Všechny ostatní nastavení ponech jak jsou. Klikni na Prohledat. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Aron · Příspěvekod **Aron** » 15 led 2014 21:34

OTL logfile created on: 15.1.2014 21:25:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\stolní pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 759,52 Mb Available Physical Memory | 74,21% Memory free
2,37 Gb Paging File | 2,18 Gb Available in Paging File | 91,86% Paging File free
Paging file location(s): C:\pagefile.sys 1500 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 20,81 Gb Free Space | 55,83% Space Free | Partition Type: NTFS
Drive E: | 50,78 Gb Total Space | 48,34 Gb Free Space | 95,19% Space Free | Partition Type: NTFS
Drive F: | 98,26 Gb Total Space | 29,30 Gb Free Space | 29,82% Space Free | Partition Type: NTFS

Computer Name: STOLNÍPC | User Name: stolní pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (All) ==========

PRC - C:\Documents and Settings\stolní pc\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\services.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [NETSVCS] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [idServ] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\smss.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\14011401\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\WINDOWS\system32\nvapi.dll ()

========== Services (All) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (Browser) -- C:\WINDOWS\system32\browser.dll (Microsoft Corporation)
SRV - (LanmanServer) -- C:\WINDOWS\system32\srvsvc.dll (Microsoft Corporation)
SRV - (Spooler) -- C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Themes) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (FastUserSwitchingCompatibility) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (lanmanworkstation) -- C:\WINDOWS\system32\wkssvc.dll (Microsoft Corporation)
SRV - (Dnscache) -- C:\WINDOWS\system32\dnsrslvr.dll (Microsoft Corporation)
SRV - (PlugPlay) -- C:\WINDOWS\system32\services.exe (Microsoft Corporation)
SRV - (Eventlog) -- C:\WINDOWS\system32\services.exe (Microsoft Corporation)
SRV - (RpcSs) -- C:\WINDOWS\system32\rpcss.dll (Microsoft Corporation)
SRV - (DcomLaunch) -- C:\WINDOWS\system32\rpcss.dll (Microsoft Corporation)
SRV - (Wmi) -- C:\WINDOWS\system32\advapi32.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (EventSystem) -- C:\WINDOWS\system32\es.dll (Microsoft Corporation)
SRV - (Nla) -- C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
SRV - (WZCSVC) -- C:\WINDOWS\system32\wzcsvc.dll (Microsoft Corporation)
SRV - (WmiApSrv) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe (Microsoft Corporation)
SRV - (VSS) -- C:\WINDOWS\system32\vssvc.exe (Microsoft Corporation)
SRV - (UPS) -- C:\WINDOWS\system32\ups.exe (Microsoft Corporation)
SRV - (TlntSvr) -- C:\WINDOWS\system32\tlntsvr.exe (Microsoft Corporation)
SRV - (SysmonLog) -- C:\WINDOWS\system32\smlogsvc.exe (Microsoft Corporation)
SRV - (RDSessMgr) -- C:\WINDOWS\system32\sessmgr.exe (Microsoft Corporation)
SRV - (SCardSvr) -- C:\WINDOWS\system32\scardsvr.exe (Microsoft Corporation)
SRV - (NetDDEdsdm) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)
SRV - (NetDDE) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)
SRV - (MSIServer) -- C:\WINDOWS\System32\msiexec.exe (Microsoft Corporation)
SRV - (MSDTC) -- C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation)
SRV - (mnmsrvc) -- C:\WINDOWS\system32\mnmsrvc.exe (Microsoft Corporation)
SRV - (RpcLocator) -- C:\WINDOWS\system32\locator.exe (Microsoft Corporation)
SRV - (SamSs) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (ProtectedStorage) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (PolicyAgent) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (NtLmSsp) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (Netlogon) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (ImapiService) -- C:\WINDOWS\system32\imapi.exe (Microsoft Corporation)
SRV - (dmadmin) -- C:\WINDOWS\System32\dmadmin.exe (Microsoft Corp., Veritas Software)
SRV - (SwPrv) -- C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation)
SRV - (ClipSrv) -- C:\WINDOWS\system32\clipsrv.exe (Microsoft Corporation)
SRV - (cisvc) -- C:\WINDOWS\system32\cisvc.exe (Microsoft Corporation)
SRV - (xmlprov) -- C:\WINDOWS\system32\xmlprov.dll (Microsoft Corporation)
SRV - (ALG) -- C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)
SRV - (wscsvc) -- C:\WINDOWS\system32\wscsvc.dll (Microsoft Corporation)
SRV - (stisvc) -- C:\WINDOWS\system32\wiaservc.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\WINDOWS\system32\upnphost.dll (Microsoft Corporation)
SRV - (W32Time) -- C:\WINDOWS\system32\w32time.dll (Microsoft Corporation)
SRV - (winmgmt) -- C:\WINDOWS\system32\wbem\wmisvc.dll (Microsoft Corporation)
SRV - (TrkWks) -- C:\WINDOWS\system32\trkwks.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\WINDOWS\system32\webclnt.dll (Microsoft Corporation)
SRV - (HTTPFilter) -- C:\WINDOWS\system32\w3ssl.dll (Microsoft Corporation)
SRV - (TermService) -- C:\WINDOWS\system32\termsrv.dll (Microsoft Corporation)
SRV - (TapiSrv) -- C:\WINDOWS\system32\tapisrv.dll (Microsoft Corporation)
SRV - (srservice) -- C:\WINDOWS\system32\srsvc.dll (Microsoft Corporation)
SRV - (SSDPSRV) -- C:\WINDOWS\system32\ssdpsrv.dll (Microsoft Corporation)
SRV - (BITS) -- C:\WINDOWS\system32\qmgr.dll (Microsoft Corporation)
SRV - (Schedule) -- C:\WINDOWS\system32\schedsvc.dll (Microsoft Corporation)
SRV - (RasMan) -- C:\WINDOWS\system32\rasmans.dll (Microsoft Corporation)
SRV - (RasAuto) -- C:\WINDOWS\system32\rasauto.dll (Microsoft Corporation)
SRV - (RemoteRegistry) -- C:\WINDOWS\system32\regsvc.dll (Microsoft Corporation)
SRV - (SENS) -- C:\WINDOWS\system32\sens.dll (Microsoft Corporation)
SRV - (seclogon) -- C:\WINDOWS\system32\seclogon.dll (Microsoft Corporation)
SRV - (napagent) -- C:\WINDOWS\system32\qagentrt.dll (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (NtmsSvc) -- C:\WINDOWS\system32\ntmssvc.dll (Microsoft Corporation)
SRV - (Netman) -- C:\WINDOWS\system32\netman.dll (Microsoft Corporation)
SRV - (WmdmPmSN) -- C:\WINDOWS\system32\mspmsnsv.dll (Microsoft Corporation)
SRV - (Messenger) -- C:\WINDOWS\system32\msgsvc.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\WINDOWS\system32\mprdim.dll (Microsoft Corporation)
SRV - (SharedAccess) -- C:\WINDOWS\system32\ipnathlp.dll (Microsoft Corporation)
SRV - (hkmsvc) -- C:\WINDOWS\system32\kmsvc.dll (Microsoft Corporation)
SRV - (LmHosts) -- C:\WINDOWS\system32\lmhsvc.dll (Microsoft Corporation)
SRV - (EapHost) -- C:\WINDOWS\system32\eapsvc.dll (Microsoft Corporation)
SRV - (ERSvc) -- C:\WINDOWS\system32\ersvc.dll (Microsoft Corporation)
SRV - (Dot3svc) -- C:\WINDOWS\system32\dot3svc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\WINDOWS\system32\dhcpcsvc.dll (Microsoft Corporation)
SRV - (CryptSvc) -- C:\WINDOWS\system32\cryptsvc.dll (Microsoft Corporation)
SRV - (dmserver) -- C:\WINDOWS\system32\dmserver.dll (Microsoft Corp.)
SRV - (AppMgmt) -- C:\WINDOWS\system32\appmgmts.dll (Microsoft Corporation)
SRV - (AudioSrv) -- C:\WINDOWS\system32\audiosrv.dll (Microsoft Corporation)
SRV - (Alerter) -- C:\WINDOWS\system32\alrsvc.dll (Microsoft Corporation)
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (WudfSvc) -- C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (RSVP) -- C:\WINDOWS\system32\rsvp.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (TrueSight) -- File not found
DRV - (PCIDump) -- File not found
DRV - (mbr) -- C:\ComboFix\mbr.sys File not found
DRV - (catchme) -- C:\DOCUME~1\STOLNP~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (prohlp02) -- C:\WINDOWS\system32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\system32\drivers\prodrv06.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\system32\drivers\prosync1.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\system32\drivers\sfhlp01.sys (Protection Technology)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2013.10.25 16:08:49 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2014.01.15 20:27:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 7598223609 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1102FA41-72E9-407F-8A52-7C308987B50C}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\SYSdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 14 Days ==========

[2014.01.15 21:23:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014.01.15 21:19:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\OTL.exe
[2014.01.15 20:31:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.01.15 19:06:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.01.15 18:52:25 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\stolní pc\Plocha\mbam-setup-1.75.0.1300.exe
[2014.01.15 18:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Plocha\backups
[2014.01.15 18:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Plocha\sila
[2014.01.15 04:34:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\stolní pc\Recent
[2014.01.14 04:11:43 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2014.01.14 04:11:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2014.01.14 04:11:08 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2014.01.14 03:37:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\$regcmp$
[2014.01.14 03:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Clean Expert
[2014.01.13 21:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
[2014.01.13 21:13:20 | 001,732,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwssr.dll
[2014.01.13 21:13:20 | 001,236,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwss.dll
[2014.01.13 21:13:20 | 000,794,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcplui.exe
[2014.01.13 21:13:20 | 000,147,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2014.01.13 21:13:19 | 002,973,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvsr.dll
[2014.01.13 21:13:19 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2014.01.13 21:13:18 | 002,924,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvvitvs.dll
[2014.01.13 21:13:17 | 005,644,288 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2014.01.13 21:13:17 | 002,859,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmoblsr.dll
[2014.01.13 21:13:17 | 000,888,832 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmobls.dll
[2014.01.13 21:13:17 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccssr.dll
[2014.01.13 21:13:17 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2014.01.13 21:13:17 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccss.dll
[2014.01.13 21:13:17 | 000,086,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2014.01.13 21:13:17 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccsrs.dll
[2014.01.13 21:13:16 | 003,203,072 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgamesr.dll
[2014.01.13 21:13:16 | 003,047,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgames.dll
[2014.01.13 21:13:16 | 000,311,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvexpbar.dll
[2014.01.13 21:13:15 | 005,619,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdisps.dll
[2014.01.13 21:13:15 | 005,255,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispsr.dll
[2014.01.13 21:13:15 | 001,011,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpluir.dll
[2014.01.13 21:13:14 | 007,700,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2014.01.13 21:13:14 | 000,035,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2014.01.13 21:13:14 | 000,035,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2014.01.13 21:13:12 | 000,069,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.cpl
[2014.01.13 21:09:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Dokumenty\Downloads
[2014.01.11 03:31:25 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2014.01.11 03:30:20 | 000,000,000 | ---D | C] -- C:\Intel
[2014.01.11 03:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014.01.11 03:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.01.11 03:12:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2014.01.11 03:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2014.01.11 03:03:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\SlimWare Utilities Inc
[2014.01.11 03:03:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Downloaded Installers
[2014.01.05 02:42:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Immunet
[2014.01.03 17:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallerA
[2014.01.03 00:29:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.01.02 15:21:38 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\stolní pc\Plocha\ATF-Cleaner.exe
[2014.01.01 22:13:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\GFI Software

========== Files - Modified Within 14 Days ==========

[2014.01.15 21:20:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\stolní pc\Plocha\OTL.exe
[2014.01.15 20:27:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.01.15 19:39:32 | 000,000,370 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.01.15 19:34:12 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2014.01.15 19:33:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.15 19:33:39 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.15 18:53:02 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\stolní pc\Plocha\mbam-setup-1.75.0.1300.exe
[2014.01.14 23:46:28 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2014.01.14 04:06:28 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.01.13 19:44:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.12 05:03:47 | 000,449,863 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20140112-050712.backup
[2014.01.11 21:58:39 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2014.01.11 01:53:10 | 000,104,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.09 20:06:17 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\stolní pc\Plocha\Skype.lnk
[2014.01.08 11:46:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20140112-050347.backup
[2014.01.02 15:21:52 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\stolní pc\Plocha\ATF-Cleaner.exe

========== Files Created - No Company Name ==========

[2014.01.14 04:13:34 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2014.01.14 04:11:47 | 000,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2014.01.14 04:11:43 | 000,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2014.01.14 00:46:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2014.01.13 21:13:20 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2014.01.13 21:13:20 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2014.01.13 21:13:20 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2014.01.13 21:13:20 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2014.01.13 21:13:20 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2014.01.13 21:13:19 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2014.01.13 21:13:18 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2014.01.13 21:13:17 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2014.01.13 21:13:17 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2014.01.13 21:13:17 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2014.01.13 21:13:14 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2014.01.13 21:13:12 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2014.01.13 19:54:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.01.11 01:54:57 | 000,000,370 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.12.18 18:33:08 | 000,000,037 | -HS- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\70149b02515b3bb20dd492.47983420
[2013.12.18 02:49:40 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.12.18 02:49:39 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.12.02 16:36:59 | 000,000,042 | ---- | C] () -- C:\WINDOWS\oodjobd.INI
[2013.11.30 21:49:50 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2013.11.30 21:49:49 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2013.11.21 14:35:17 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.11.17 02:49:09 | 000,172,138 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1004336348-1284227242-515967899-1005-0.dat
[2013.11.17 01:55:28 | 000,089,170 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.10.31 11:22:30 | 000,001,072 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\SRDownloader.nast
[2013.10.29 13:44:51 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.26 10:27:46 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\fusioncache.dat
[2013.10.25 11:07:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.10.23 16:31:37 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.10.23 16:30:22 | 000,104,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.23 15:37:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.10.23 15:36:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.10.23 14:47:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.10.23 14:39:50 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2013.10.24 16:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.12.31 21:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2013.12.18 02:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.01.01 00:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CDB
[2013.10.27 23:17:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.12.24 19:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Free Online TV
[2014.01.01 22:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GFI Software
[2013.12.24 17:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Informer Technologies, Inc
[2013.11.01 22:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.12.28 14:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Licenses
[2013.12.28 14:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Logs
[2013.11.24 19:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.12.02 15:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OO Software
[2013.10.28 11:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.11.23 23:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2013.12.28 14:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.12.25 16:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VS Revo Group
[2013.12.22 18:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WarThunder
[2013.12.25 16:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.10.27 23:17:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.11.01 22:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.12.31 21:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Ashampoo
[2013.10.23 15:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\AVAST Software
[2013.12.24 18:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer
[2013.10.29 11:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\BSplayer Pro
[2013.12.28 15:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\DamnVid
[2013.12.28 14:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\DigitalVolcano
[2013.11.12 21:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Dream Aquarium
[2014.01.15 04:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\ElevatedDiagnostics
[2013.11.01 22:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\IObit
[2013.12.07 23:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\JLC's Software
[2013.11.25 17:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\KetchupTV
[2013.12.24 16:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Mc & RENOX
[2013.10.31 09:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\MPC-HC
[2013.11.23 22:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\PCFixKit
[2013.10.28 11:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Samsung
[2013.12.24 15:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\SimpleTV V03
[2013.12.18 18:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Ulozto File Manager
[2013.10.27 20:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\Windows Search
[2013.11.12 22:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stolní pc\Data aplikací\YoWindow

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

< End of report >

Aron · Příspěvekod **Aron** » 15 led 2014 21:35

OTL Extras logfile created on: 15.1.2014 21:25:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\stolní pc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 759,52 Mb Available Physical Memory | 74,21% Memory free
2,37 Gb Paging File | 2,18 Gb Available in Paging File | 91,86% Paging File free
Paging file location(s): C:\pagefile.sys 1500 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 20,81 Gb Free Space | 55,83% Space Free | Partition Type: NTFS
Drive E: | 50,78 Gb Total Space | 48,34 Gb Free Space | 95,19% Space Free | Partition Type: NTFS
Drive F: | 98,26 Gb Total Space | 29,30 Gb Free Space | 29,82% Space Free | Partition Type: NTFS

Computer Name: STOLNÍPC | User Name: stolní pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"443:TCP" = 443:TCP:*:Enabled:War Thunder
"20010:UDP" = 20010:UDP:*:Enabled:War Thunder
"3478:UDP" = 3478:UDP:*:Enabled:War Thunder
"7850:TCP" = 7850:TCP:*:Enabled:War Thunder
"27022:TCP" = 27022:TCP:*:Enabled:War Thunder
"6881:TCP" = 6881:TCP:*:Enabled:War Thunder
"33333:TCP" = 33333:TCP:*:Enabled:War Thunder
"20443:TCP" = 20443:TCP:*:Enabled:War Thunder
"8090:TCP" = 8090:TCP:*:Enabled:War Thunder
"2106:UDP" = 2106:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2107:UDP" = 2107:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2108:UDP" = 2108:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2121:UDP" = 2121:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2120:UDP" = 2120:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2122:UDP" = 2122:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2160:UDP" = 2160:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2161:UDP" = 2161:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2162:UDP" = 2162:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2217:UDP" = 2217:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2216:UDP" = 2216:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)
"2218:UDP" = 2218:UDP:*:Enabled:Windows Media Format SDK (bsplayer.exe)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.locked" = C:\Program Files\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.locked:*:Enabled:Launcher

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6EE99EA-420C-4FA6-8A7C-FDB60D278855}" = VS10RuntimeWin32
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.0.4
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"VLC media player" = VLC media player 2.1.2
"WinRAR archiver" = WinRAR 5.01 (32 բիթ.)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1004336348-1284227242-515967899-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.1.2014 23:37:08 | Computer Name = STOLNÍPC | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

Error - 15.1.2014 0:01:45 | Computer Name = STOLNÍPC | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 15.1.2014 0:01:45 | Computer Name = STOLNÍPC | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

Error - 15.1.2014 5:07:01 | Computer Name = STOLNÍPC | Source = Application Error | ID = 1000
Description = Chybující aplikace , verze 0.0.0.0, chybující modul unknown, verze
0.0.0.0, adresa chyby 0x00000000.

Error - 15.1.2014 5:07:02 | Computer Name = STOLNÍPC | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 15.1.2014 5:07:02 | Computer Name = STOLNÍPC | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

Error - 15.1.2014 9:16:50 | Computer Name = STOLNÍPC | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 15.1.2014 9:16:50 | Computer Name = STOLNÍPC | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

Error - 15.1.2014 14:34:32 | Computer Name = STOLNÍPC | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070422 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 15.1.2014 14:34:32 | Computer Name = STOLNÍPC | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

[ System Events ]
Error - 15.1.2014 9:16:38 | Computer Name = STOLNÍPC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 15.1.2014 9:16:50 | Computer Name = STOLNÍPC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 15.1.2014 9:17:50 | Computer Name = STOLNÍPC | Source = Service Control Manager | ID = 7001
Description = Služba Oznamování systémových událostí závisí na službě Systém událostí
modelu COM+, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 15.1.2014 14:32:44 | Computer Name = STOLNÍPC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 15.1.2014 14:32:44 | Computer Name = STOLNÍPC | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 15.1.2014 14:32:44 | Computer Name = STOLNÍPC | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 15.1.2014 14:33:13 | Computer Name = STOLNÍPC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 15.1.2014 14:34:13 | Computer Name = STOLNÍPC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 15.1.2014 14:34:32 | Computer Name = STOLNÍPC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 15.1.2014 14:35:33 | Computer Name = STOLNÍPC | Source = Service Control Manager | ID = 7001
Description = Služba Oznamování systémových událostí závisí na službě Systém událostí
modelu COM+, která neuspěla při spuštění v důsledku následující chyby: %%1058

< End of report >

Damned · Příspěvekod **Damned** » 15 led 2014 22:00

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
DRV - (TrueSight) -- File not found
DRV - (PCIDump) -- File not found
DRV - (mbr) -- C:\ComboFix\mbr.sys File not found
DRV - (catchme) -- C:\DOCUME~1\STOLNP~1\LOCALS~1\Temp\catchme.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1004336348-1284227242-515967899-1005\..\SearchScopes,DefaultScope = 
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

:Services

:Files
C:\Documents and Settings\All Users\Immunet
C:\WINDOWS\System32\d3d9caps.dat
C:\WINDOWS\System32\drivers\etc\hosts.20140112-050712.backup
C:\WINDOWS\System32\drivers\etc\hosts.20140112-050347.backup
C:\WINDOWS\$regcmp$
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\system32\SET*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\RECYCLER
C:\Windows\tasks\*.job
C:\WINDOWS\System32\emptyregdb.dat

:Reg[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2106:UDP" =-
"2107:UDP" =-
"2108:UDP" =-
"2121:UDP" =-
"2120:UDP" =-
"2122:UDP" =-
"2160:UDP" =-
"2161:UDP" =-
"2162:UDP" =-
"2217:UDP" =-
"2216:UDP" =-
"2218:UDP" =-

:Commands
[resethosts]
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aron · Příspěvekod **Aron** » 15 led 2014 22:10

All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
Error: No service named TrueSight was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrueSight deleted successfully.
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Error: No service named mbr was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mbr deleted successfully.
File C:\ComboFix\mbr.sys File not found not found.
Error: No service named catchme was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme deleted successfully.
File C:\DOCUME~1\STOLNP~1\LOCALS~1\Temp\catchme.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1004336348-1284227242-515967899-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9 deleted successfully.
========== SERVICES/DRIVERS ==========
========== FILES ==========
C:\Documents and Settings\All Users\Immunet folder moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
C:\WINDOWS\System32\drivers\etc\hosts.20140112-050712.backup moved successfully.
C:\WINDOWS\System32\drivers\etc\hosts.20140112-050347.backup moved successfully.
C:\WINDOWS\$regcmp$ folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Offline\{6A7E8AD1-4122-4FD0-A086-404785BA0A24} folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Offline folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Install folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Download\{D0AB2EBC-931B-4013-9FEB-C9C4C2225C8C}\4.9.1.16010 folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Download\{D0AB2EBC-931B-4013-9FEB-C9C4C2225C8C} folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\31.0.1650.63 folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\Download folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update\1.3.21.165 folder moved successfully.
C:\Documents and Settings\stolní pc\Local Settings\Data aplikací\Google\Update folder moved successfully.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\RECYCLER\S-1-5-21-1004336348-1284227242-515967899-1005 folder moved successfully.
C:\RECYCLER folder moved successfully.
File\Folder C:\$RECYCLE.BIN not found.
File\Folder C:\RECYCLER not found.
C:\Windows\tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\System32\emptyregdb.dat moved successfully.
Error: Unable to interpret <:Reg[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]> in the current context!
Error: Unable to interpret <"2106:UDP" =-> in the current context!
Error: Unable to interpret <"2107:UDP" =-> in the current context!
Error: Unable to interpret <"2108:UDP" =-> in the current context!
Error: Unable to interpret <"2121:UDP" =-> in the current context!
Error: Unable to interpret <"2120:UDP" =-> in the current context!
Error: Unable to interpret <"2122:UDP" =-> in the current context!
Error: Unable to interpret <"2160:UDP" =-> in the current context!
Error: Unable to interpret <"2161:UDP" =-> in the current context!
Error: Unable to interpret <"2162:UDP" =-> in the current context!
Error: Unable to interpret <"2217:UDP" =-> in the current context!
Error: Unable to interpret <"2216:UDP" =-> in the current context!
Error: Unable to interpret <"2218:UDP" =-> in the current context!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: stolní pc
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 98438 bytes
->Google Chrome cache emptied: 240729330 bytes
->Flash cache emptied: 291 bytes

User: stoln� pc

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 230,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: stolní pc
->Flash cache emptied: 0 bytes

User: stoln� pc

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01152014_220553

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Kontrola logu pomaly počítač Vyřešeno

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Re: Kontrola logu pomaly počítač

Kdo je online