zpomalený start notebooku

Zpráva

termat · #16 Příspěvek od **termat** » 03 bře 2013 13:35

Hodně pomalý znamená že nabíhá skoro 10 minut....Strašně dlouho tam je černá obrazovka s windows a tím "teploměrem"...Dlouho jsem notebook nepoužívala, pak když jsem ho zase začala používat tak to bylo takhle pomalé...
tady je ta zpráva:

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : HP [Práva správce]
Mód : Kontrola -- Datum : 03/03/2013 13:31:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHV2080AH +++++
--- User ---
[MBR] 9149f914e2eb747104cfdb767634c49a
[BSP] f6b555e9a5571e188105d27032dee488 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03032013_02d1331.txt >>
RKreport[1]_S_03032013_02d1331.txt

#17 Příspěvek od **Márty84** » 03 bře 2013 15:47

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Zkuste najet do nouzoveho rezimu, zda start bude take tak dlouhy

termat · #18 Příspěvek od **termat** » 03 bře 2013 15:55

tak tady je ten první log:

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : HP [Práva správce]
Mód : Kontrola -- Datum : 03/03/2013 15:54:42
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHV2080AH +++++
--- User ---
[MBR] 9149f914e2eb747104cfdb767634c49a
[BSP] f6b555e9a5571e188105d27032dee488 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_S_03032013_02d1554.txt >>
RKreport[1]_S_03032013_02d1331.txt ; RKreport[2]_D_03032013_02d1552.txt ; RKreport[3]_S_03032013_02d1554.txt

termat · #19 Příspěvek od **termat** » 03 bře 2013 15:57

a tady je log po tom Oprava Host:

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : HP [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/03/2013 15:56:21
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_03032013_02d1556.txt >>
RKreport[1]_S_03032013_02d1331.txt ; RKreport[2]_D_03032013_02d1552.txt ; RKreport[3]_S_03032013_02d1554.txt ; RKreport[4]_H_03032013_02d1556.txt

#20 Příspěvek od **Márty84** » 03 bře 2013 16:01

Fajn, zkuste ten nouzovy rezim a dejte vedet, jak dlouho start trval

termat · #21 Příspěvek od **termat** » 03 bře 2013 16:16

Tak jsem zkoušela ten nouzový stav...Celkem to bylo se vším nastavováním a odklikáváním v průběhu spouštění nouzového styvu cca 3 minuty,...což je super....

#22 Příspěvek od **Márty84** » 03 bře 2013 16:26

I to je celkem dost, i kdyz oproti tem 10 minutam je to vyrazny rozdil

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

termat · #23 Příspěvek od **termat** » 03 bře 2013 17:20

restart neproběhl, tady je log:

ComboFix 13-03-02.01 - HP 03.03.2013 17:00:03.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1015.609 [GMT 1:00]
Spuštěný z: c:\documents and settings\HP\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\system32\dllcache\wmpvis.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-03 do 2013-03-03 )))))))))))))))))))))))))))))))
.
.
2013-03-03 15:02 . 2013-03-03 15:03 -------- d-----w- c:\documents and settings\Administrator
2013-03-03 07:19 . 2013-03-03 07:19 -------- d-----w- c:\program files\Defraggler
2013-03-03 07:11 . 2013-03-03 07:11 -------- d-----w- c:\program files\CCleaner
2013-03-02 19:35 . 2013-03-02 19:35 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-03-02 19:34 . 2013-03-02 19:34 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2013-03-02 19:34 . 2013-03-02 19:34 97208 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2013-03-02 19:34 . 2013-03-02 19:34 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2013-03-02 19:33 . 2013-03-02 19:33 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2013-03-02 19:33 . 2013-03-02 19:33 101304 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2013-03-02 19:33 . 2013-03-02 19:33 449464 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2013-03-02 19:33 . 2013-03-02 19:33 16312 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2013-03-02 19:33 . 2013-03-02 19:33 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2013-03-02 19:33 . 2013-03-02 19:33 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2013-03-02 19:33 . 2013-03-02 19:33 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2013-03-02 19:33 . 2013-03-02 19:33 1952696 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2013-03-02 19:33 . 2013-03-02 19:33 838584 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2013-03-02 19:33 . 2013-03-02 19:33 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2013-03-02 19:33 . 2013-03-02 19:33 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2013-03-02 19:33 . 2013-03-02 19:33 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2013-03-02 16:55 . 2013-03-02 16:55 -------- d-----w- c:\documents and settings\HP\Data aplikací\Malwarebytes
2013-03-02 16:54 . 2013-03-02 16:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-03-02 14:49 . 2013-03-02 15:27 -------- d-----w- c:\program files\trend micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2003-04-16 14:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2002-09-20 17:12 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2003-04-16 14:00 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2003-04-16 14:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2011-02-13 10:39 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2011-02-13 10:39 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2003-04-16 14:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2003-04-16 14:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2003-04-16 14:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2003-04-16 14:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-10-15 18:35 . 2012-10-15 18:35 4096000 ----a-w- c:\program files\GUT1C.tmp
2013-03-02 19:34 . 2013-03-02 19:34 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-13 88209]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-12 581693]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2012 14:26 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2012 14:06 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2012 14:06 20568]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [12.2.2011 22:02 80384]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [12.2.2011 22:02 32640]
S3 APL531;35mm Film Scanner;c:\windows\system32\Drivers\FILMSCAN.sys --> c:\windows\system32\Drivers\FILMSCAN.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2.6.2010 2:32 11520]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\HP\Data aplikací\Mozilla\Firefox\Profiles\1ynoodfo.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/?charset=UTF-8&channel_id=ch-toolbar-ff,ch-toolbar-ff-searchbox&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&q=
FF - ExtSQL: 2013-03-03 12:16; toolbar@centrumholdings.com; c:\documents and settings\HP\Data aplikacĂÂ\Mozilla\Firefox\Profiles\1ynoodfo.default\extensions\toolbar@centrumholdings.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-03 17:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-03-03 17:17:27
ComboFix-quarantined-files.txt 2013-03-03 16:17
.
Před spuštěním: Volných bajtů: 66 420 699 136
Po spuštění: Volných bajtů: 66 375 401 472
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 4A25BAD526DD05A343A60CA8463E8E3E

#24 Příspěvek od **Márty84** » 03 bře 2013 19:57

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Firefox::
FF - ProfilePath - c:\documents and settings\HP\Data aplikací\Mozilla\Firefox\Profiles\1ynoodfo.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/?charset=UTF-8 ... archbox&q=
FF - ExtSQL: 2013-03-03 12:16; toolbar@centrumholdings.com; c:\documents and settings\HP\Data aplikacĂÂ\Mozilla\Firefox\Profiles\1ynoodfo.default\extensions\toolbar@centrumholdings.com

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni a ukoncete vsechny spustene programy
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

termat · #25 Příspěvek od **termat** » 03 bře 2013 20:42

tady to je.:

ComboFix 13-03-02.01 - HP 03.03.2013 20:09:04.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1015.654 [GMT 1:00]
Spuštěný z: c:\documents and settings\HP\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\HP\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-03 do 2013-03-03 )))))))))))))))))))))))))))))))
.
.
2013-03-03 15:02 . 2013-03-03 15:03 -------- d-----w- c:\documents and settings\Administrator
2013-03-03 07:19 . 2013-03-03 07:19 -------- d-----w- c:\program files\Defraggler
2013-03-03 07:11 . 2013-03-03 07:11 -------- d-----w- c:\program files\CCleaner
2013-03-02 19:35 . 2013-03-02 19:35 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-03-02 19:34 . 2013-03-02 19:34 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2013-03-02 19:34 . 2013-03-02 19:34 97208 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2013-03-02 19:34 . 2013-03-02 19:34 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2013-03-02 19:33 . 2013-03-02 19:33 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2013-03-02 19:33 . 2013-03-02 19:33 101304 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2013-03-02 19:33 . 2013-03-02 19:33 449464 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2013-03-02 19:33 . 2013-03-02 19:33 16312 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2013-03-02 19:33 . 2013-03-02 19:33 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2013-03-02 19:33 . 2013-03-02 19:33 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2013-03-02 19:33 . 2013-03-02 19:33 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2013-03-02 19:33 . 2013-03-02 19:33 1952696 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2013-03-02 19:33 . 2013-03-02 19:33 838584 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2013-03-02 19:33 . 2013-03-02 19:33 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2013-03-02 19:33 . 2013-03-02 19:33 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2013-03-02 19:33 . 2013-03-02 19:33 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2013-03-02 16:55 . 2013-03-02 16:55 -------- d-----w- c:\documents and settings\HP\Data aplikací\Malwarebytes
2013-03-02 16:54 . 2013-03-02 16:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-03-02 14:49 . 2013-03-02 15:27 -------- d-----w- c:\program files\trend micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2003-04-16 14:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2002-09-20 17:12 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2003-04-16 14:00 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2003-04-16 14:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2011-02-13 10:39 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2011-02-13 10:39 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2003-04-16 14:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2003-04-16 14:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2003-04-16 14:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2003-04-16 14:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-10-15 18:35 . 2012-10-15 18:35 4096000 ----a-w- c:\program files\GUT1C.tmp
2013-03-02 19:34 . 2013-03-02 19:34 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-13 88209]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-12 581693]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2012 14:26 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2012 14:06 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2012 14:06 20568]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [12.2.2011 22:02 80384]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [12.2.2011 22:02 32640]
S3 APL531;35mm Film Scanner;c:\windows\system32\Drivers\FILMSCAN.sys --> c:\windows\system32\Drivers\FILMSCAN.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2.6.2010 2:32 11520]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\HP\Data aplikací\Mozilla\Firefox\Profiles\1ynoodfo.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-03-03 12:16; toolbar@centrumholdings.com; c:\documents and settings\HP\Data aplikacĂÂ\Mozilla\Firefox\Profiles\1ynoodfo.default\extensions\toolbar@centrumholdings.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-03 20:25
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(4036)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\System32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\System32\SCardSvr.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\AGRSMMSG.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2013-03-03 20:33:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-03 19:33
ComboFix2.txt 2013-03-03 16:17
.
Před spuštěním: Volných bajtů: 66 409 590 784
Po spuštění: Volných bajtů: 66 394 681 344
.
- - End Of File - - 9CA3FE15D3F20F541AE675F62321A030

#26 Příspěvek od **Márty84** » 03 bře 2013 21:06

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

termat · #27 Příspěvek od **termat** » 03 bře 2013 21:31

OTL logfile created on: 3.3.2013 21:11:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,36 Mb Total Physical Memory | 663,23 Mb Available Physical Memory | 65,32% Memory free
2,39 Gb Paging File | 2,15 Gb Available in Paging File | 90,01% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 61,87 Gb Free Space | 83,02% Space Free | Partition Type: NTFS

Computer Name: HP-DOMA | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.03.03 21:09:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP\Plocha\OTL.exe
PRC - [2013.03.02 20:34:00 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.05.12 13:33:22 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.05.12 13:32:14 | 001,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2005.02.02 13:12:22 | 000,102,492 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

========== Modules (No Company Name) ==========

MOD - [2013.03.02 21:08:04 | 002,063,872 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13030201\algo.dll
MOD - [2013.03.02 20:33:54 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.11.20 11:05:54 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2006.05.12 13:34:36 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll

========== Services (SafeList) ==========

SRV - [2013.03.02 20:33:55 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\FILMSCAN.sys -- (APL531)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.02.13 20:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.10.12 23:26:56 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006.05.12 13:19:04 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.05.12 13:16:44 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005.04.13 09:12:38 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005.03.16 13:43:06 | 000,159,488 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005.02.09 11:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2004.11.16 12:46:38 | 000,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004.09.02 13:30:06 | 000,032,640 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2004.05.03 17:26:16 | 000,080,384 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21)
DRV - [2001.10.24 13:04:44 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\SearchScopes\{D5D495C7-AB59-4FA9-9BB1-C165C0DA71B7}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngineName: "Centrum.cz"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=616163"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:6.0.1367
FF - prefs.js..extensions.enabledAddons: toolbar@centrumholdings.com:2.12.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1367
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.02.11 14:26:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.02 20:34:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.02 20:34:28 | 000,000,000 | ---D | M]

[2011.02.13 11:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Extensions
[2013.03.03 18:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\1ynoodfo.default\extensions
[2013.03.03 12:16:46 | 000,000,000 | ---D | M] (LiĹˇta Centrum.cz) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\1ynoodfo.default\extensions\toolbar@centrumholdings.com
[2013.03.02 20:35:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\1YNOODFO.DEFAULT\EXTENSIONS\TOOLBAR@CENTRUMHOLDINGS.COM
[2012.02.11 14:26:26 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.12.06 19:44:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2013.03.02 20:34:03 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2013.03.02 20:33:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.03.02 20:33:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.07.24 09:40:17 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2013.03.02 20:33:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.03.02 20:33:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.03.02 20:33:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2013.03.03 20:24:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-2147126159-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-484763869-2147126159-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-484763869-2147126159-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-484763869-2147126159-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O15 - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA76BBA7-F294-423E-BB6F-D3EABC89FACA}: DhcpNameServer = 213.46.172.36 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.13 11:39:37 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.lags - C:\WINDOWS\System32\Lagarith.dll ( )
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.03.03 21:09:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP\Plocha\OTL.exe
[2013.03.03 20:33:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.03.03 16:56:29 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.03.03 16:54:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.03.03 16:54:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.03.03 16:54:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.03.03 16:54:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.03.03 16:53:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.03 16:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP\Dokumenty\Obrázky
[2013.03.03 16:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP\Dokumenty\Hudba
[2013.03.03 16:53:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP\Dokumenty\Filmy
[2013.03.03 16:52:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.03.03 16:50:40 | 005,036,301 | R--- | C] (Swearware) -- C:\Documents and Settings\HP\Plocha\ComboFix.exe
[2013.03.03 13:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Plocha\RK_Quarantine
[2013.03.03 08:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2013.03.03 08:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.03.03 08:13:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP\Recent
[2013.03.03 08:11:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2013.03.03 08:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.03.02 20:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2013.03.02 20:35:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.03.02 17:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Data aplikací\Malwarebytes
[2013.03.02 17:54:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.03.02 15:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.02 15:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP\Dokumenty\Stažené soubory
[2009.11.28 14:16:58 | 000,544,736 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\dpinst.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.03.03 21:13:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.03 21:09:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP\Plocha\OTL.exe
[2013.03.03 20:38:32 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.03.03 20:37:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.03 20:24:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.03.03 16:56:43 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.03.03 16:51:20 | 005,036,301 | R--- | M] (Swearware) -- C:\Documents and Settings\HP\Plocha\ComboFix.exe
[2013.03.03 13:28:03 | 000,816,640 | ---- | M] () -- C:\Documents and Settings\HP\Plocha\RogueKiller.exe
[2013.03.03 08:19:53 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\HP\Dokumenty\starý laptop\bbbb\Defraggler.lnk
[2013.03.03 08:15:23 | 000,364,818 | ---- | M] () -- C:\Documents and Settings\HP\Dokumenty\cc_20130303_081432.reg
[2013.03.03 08:11:08 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\HP\Dokumenty\starý laptop\bbbb\CCleaner.lnk
[2013.03.03 07:47:53 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.03.02 17:21:12 | 000,594,019 | ---- | M] () -- C:\Documents and Settings\HP\Plocha\adwcleaner.exe
[2013.03.02 17:05:31 | 000,031,137 | ---- | M] () -- C:\Documents and Settings\HP\Dokumenty\bookmarks.html
[2013.03.02 16:46:42 | 000,314,706 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.03.02 16:46:42 | 000,313,208 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.03.02 16:46:42 | 000,047,404 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.03.02 16:46:42 | 000,041,034 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.03.02 15:39:43 | 000,000,022 | ---- | M] () -- C:\WINDOWS\VFO.INI
[2013.03.02 15:17:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.03.03 21:13:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.03 16:56:42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.03.03 16:56:40 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.03.03 16:54:04 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.03.03 16:54:04 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.03.03 16:54:04 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.03.03 16:54:04 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.03.03 16:54:04 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.03.03 13:27:56 | 000,816,640 | ---- | C] () -- C:\Documents and Settings\HP\Plocha\RogueKiller.exe
[2013.03.03 08:19:53 | 000,001,592 | ---- | C] () -- C:\Documents and Settings\HP\Dokumenty\starý laptop\bbbb\Defraggler.lnk
[2013.03.03 08:14:37 | 000,364,818 | ---- | C] () -- C:\Documents and Settings\HP\Dokumenty\cc_20130303_081432.reg
[2013.03.03 08:11:08 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\HP\Dokumenty\starý laptop\bbbb\CCleaner.lnk
[2013.03.02 20:34:58 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2013.03.02 17:21:09 | 000,594,019 | ---- | C] () -- C:\Documents and Settings\HP\Plocha\adwcleaner.exe
[2013.03.02 17:05:31 | 000,031,137 | ---- | C] () -- C:\Documents and Settings\HP\Dokumenty\bookmarks.html
[2012.06.15 21:05:47 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2012.06.11 04:53:48 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012.02.16 16:31:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\Lagarith.dll
[2011.05.30 14:42:50 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.02.13 11:41:10 | 000,046,592 | ---- | C] () -- C:\Documents and Settings\HP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.28 14:29:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\dpinst.xml

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.02.11 14:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.02.12 22:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\inf
[2011.12.17 20:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.02.14 14:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.02.13 11:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2012.06.15 21:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft

========== Purity Check ==========

========== Custom Scans ==========

< >
[2011.02.12 20:57:13 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.02.12 20:59:11 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

< >

< MD5 for: AGP440.SYS >
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2003.04.16 15:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003.04.16 15:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 23:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2003.04.16 15:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 06:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 23:49:03 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 23:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 23:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2003.04.16 15:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 06:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2011.02.13 12:34:43 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.04 07:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

< MD5 for: ISAPNP.SYS >
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2011.06.04 13:04:56 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2003.04.16 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 23:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 07:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 23:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 23:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 23:49:27 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 23:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 07:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 23:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 23:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 23:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.14 07:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Adobe
[2011.02.13 11:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\GHISLER
[2011.02.13 11:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Google
[2011.02.12 21:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Identities
[2011.02.14 06:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Macromedia
[2013.03.02 17:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Malwarebytes
[2013.03.02 15:39:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\HP\Data aplikací\Microsoft
[2011.02.13 11:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Mozilla
[2011.02.12 21:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\MSN6
[2011.12.17 20:22:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Nokia
[2011.02.14 14:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\PC Suite
[2011.02.13 14:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Sachy
[2011.12.06 19:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Sun
[2012.06.15 21:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\wtxpcom

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.02.12 21:46:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.02.12 21:46:26 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.02.12 21:46:26 | 000,421,888 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.02 15:17:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2013.03.03 07:47:53 | 000,267,800 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.03.02 16:46:42 | 000,047,404 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.03.02 16:46:42 | 000,041,034 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.03.02 16:46:42 | 000,313,208 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.03.02 16:46:42 | 000,314,706 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.03.02 16:46:41 | 000,723,278 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.03.03 20:38:32 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.03 21:13:50 | 000,000,512 | ---- | M] () MD5=9149F914E2EB747104CFDB767634C49A -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2004.08.17 23:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.04 06:59:37 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.04 06:59:37 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2004.08.17 23:43:54 | 000,028,416 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\grserial.sys
[2004.08.17 23:44:15 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.07.20 02:54:18 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2003.04.16 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2003.04.16 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2003.04.16 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2003.04.16 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

termat · #28 Příspěvek od **termat** » 03 bře 2013 21:32

OTL Extras logfile created on: 3.3.2013 21:11:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,36 Mb Total Physical Memory | 663,23 Mb Available Physical Memory | 65,32% Memory free
2,39 Gb Paging File | 2,15 Gb Available in Paging File | 90,01% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 61,87 Gb Free Space | 83,02% Space Free | Partition Type: NTFS

Computer Name: HP-DOMA | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-484763869-2147126159-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"0A1948BA27826439752025F41599ABEA2A007D05" = Windows Driver Package - Gemplus (GTIPCI21) SmartCardReader (05/03/2004 1.0.1.13)
"28D74C6773FB122E2356C972510BBE9A4F8B23DC" = Windows Driver Package - Intel hdc (03/24/2004 6.1.0.1004)
"3467A68D3474BCB811069FF862E97C99D961D7B2" = Windows Driver Package - Intel System (05/26/2004 6.1.0.1008)
"39CD8BA6B01781EB9E9D2468F072D7481F8EA083" = Windows Driver Package - Microsoft (atapi) hdc (07/01/2001 5.1.2600.5512)
"3CD6B12B1C81B8DEC30406FAEBA0A09BD4E7A5F9" = Windows Driver Package - Texas Instruments Inc (tifm21) MTD (03/15/2005 1.0.3.2)
"3F131C716845089FC30B00C79479D141E2179F83" = Windows Driver Package - Microsoft (isapnp) System (07/01/2001 5.1.2600.5512)
"6FE89E7FB5B8939401BF9DA4A2FDB2176BF27CCC" = Windows Driver Package - Synaptics (SynTP) Mouse (02/02/2005 7.13.0.1)
"86841F4070D04E131CA46999C58BE07ECFA6DA1E" = Windows Driver Package - Analog Devices (smwdm) MEDIA (10/13/2004 5.12.01.5250)
"A39EB755A5EAE47481015C3F16B88F77B2E2AFDE" = Windows Driver Package - Broadcom (BCM43XX) Net (02/11/2005 3.100.64.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"avast" = avast! Free Antivirus
"C81C0FC87E31D42EDDFB73C78FF15CF235D13697" = Windows Driver Package - Infineon Technologies AG (IFXTPM) System (03/12/2004 1.70.0154.00)
"CCleaner" = CCleaner
"CFCAB4709E52E3AF3F14E0AB9D735787D8588D2E" = Windows Driver Package - Intel System (04/01/2004 6.0.0.1013)
"Defraggler" = Defraggler
"E3D29B2D20439FEA5F02AB674E4BD2B56E124DCE" = Windows Driver Package - Broadcom (b57w2k) Net (11/16/2004 7.80.1.0)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ie8" = Windows Internet Explorer 8
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"My Drivers_is1" = My Drivers 5.00
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.2.2012 6:38:27 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19170, adresa chyby 0x00067978.

Error - 12.2.2012 6:39:03 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19170, adresa chyby 0x00067978.

Error - 12.2.2012 6:42:37 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19170, adresa chyby 0x00067978.

Error - 12.2.2012 6:44:44 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19170, adresa chyby 0x00067978.

Error - 12.2.2012 12:05:13 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19170, adresa chyby 0x001f3f13.

Error - 15.2.2012 15:31:56 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19170, adresa chyby 0x00067978.

Error - 15.2.2012 15:34:41 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19170, adresa chyby 0x00067978.

Error - 19.2.2012 9:49:18 | Computer Name = HP-DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.2.2012 12:30:49 | Computer Name = HP-DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
flash10m.ocx, verze 10.2.152.26, adresa chyby 0x000b3a85.

Error - 26.2.2012 14:50:45 | Computer Name = HP-DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 3.3.2013 11:14:45 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 3.3.2013 11:14:45 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 3.3.2013 11:14:45 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
Prostředí pro podporu sítě AFD, která neuspěla při spuštění v důsledku následující
chyby: %%31

Error - 3.3.2013 11:14:45 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 3.3.2013 11:14:45 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT PCLEPCI
RasAcd
Rdbss
Tcpip

Error - 3.3.2013 11:31:59 | Computer Name = HP-DOMA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 3.3.2013 15:08:54 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 3.3.2013 15:08:54 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7034
Description = Služba Smart Card byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 3.3.2013 15:08:54 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7031
Description = Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 3.3.2013 15:08:54 | Computer Name = HP-DOMA | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

< End of report >

#29 Příspěvek od **Márty84** » 04 bře 2013 07:30

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\SearchScopes\{D5D495C7-AB59-4FA9-9BB1-C165C0DA71B7}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =616163&p={searchTerms}
FF - prefs.js..browser.search.defaultEngineName: "Centrum.cz"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=616163"
FF - prefs.js..extensions.enabledAddons: toolbar@centrumholdings.com:2.12.0.1
FF - user.js - File not found
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\1YNOODFO.DEFAULT\EXTENSIONS\TOOLBAR@CENTRUMHOLDINGS.COM
O3 - HKU\S-1-5-21-484763869-2147126159-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

termat · #30 Příspěvek od **termat** » 04 bře 2013 18:17

tak provedeno

Notebook nabíhal po restartu cca 3 a půl minutyy...tady je log:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: HP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 58346229 bytes
->Flash cache emptied: 456 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 56,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: HP
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-484763869-2147126159-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-484763869-2147126159-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-484763869-2147126159-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{D5D495C7-AB59-4FA9-9BB1-C165C0DA71B7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D495C7-AB59-4FA9-9BB1-C165C0DA71B7}\ not found.
Prefs.js: "Centrum.cz" removed from browser.search.defaultEngineName
Prefs.js: "chr-greentree_ff&ilc=12&type=616163" removed from browser.search.param.yahoo-fr
Prefs.js: toolbar@centrumholdings.com:2.12.0.1 removed from extensions.enabledAddons
Registry value HKEY_USERS\S-1-5-21-484763869-2147126159-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Program Files\GUM1B.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files\GUM1B.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files\GUM1B.tmp\GoogleUpdate.exe deleted successfully.
C:\Program Files\GUM1B.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files\GUM1B.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files\GUM1B.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files\GUM1B.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files\GUM1B.tmp\goopdate.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files\GUM1B.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files\GUM1B.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files\GUM1B.tmp\psmachine.dll deleted successfully.
C:\Program Files\GUM1B.tmp\psuser.dll deleted successfully.
C:\Program Files\GUM1B.tmp folder deleted successfully.
C:\Program Files\GUT1C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI10.tmp deleted successfully.
C:\WINDOWS\Installer\MSI109.tmp deleted successfully.
C:\WINDOWS\Installer\MSI14.tmp deleted successfully.
C:\WINDOWS\Installer\MSI16.tmp deleted successfully.
C:\WINDOWS\Installer\MSI17.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03042013_180502

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_asw_aisI.tm~a01320\setup.lok not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku

Re: zpomalený start notebooku