Prosím o kontrolu logu staršího NB-šíleně pomalý po spuštění

Zpráva

melo15 · #1 Příspěvek od **melo15** » 28 zář 2013 15:19

Ahoj, dávám dokupy starší NB, který ale po přihlášení nabíhá klidně i 10 min, než je použitelný. Zakázal jsem všechny zbytečnosti po spuštění, vyčistil CCleanerem, pročistil registry i projel MBAMem... Mám tedy podezření, že tam sedí nějaká havěť.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2013-09-28 16:16:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 99 GB (86%) free of 114 GB
Total RAM: 511 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:16:27, on 28.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Dokumenty\Downloads\RSIT.exe
C:\Program Files\Avira\AntiVir Desktop\usrreq.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

--
End of file - 7397 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\m0g0hnmp.default

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-22 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-09-02 347192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]
"Malwarebytes Anti-Malware (cleanup)"=C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll [2013-04-04 1127496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BTTray.lnk - C:\Program Files\Dell\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-11-10 47616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe"="C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe"="C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaw.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaws.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-09-28 16:16:12 ----D---- C:\Program Files\trend micro
2013-09-28 16:16:09 ----D---- C:\rsit
2013-09-28 16:14:35 ----A---- C:\WINDOWS\system32\drivers\fvixamn.sys
2013-09-28 14:54:46 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
2013-09-28 14:54:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-09-28 14:54:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-09-28 14:54:33 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-09-28 14:40:17 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2013-09-28 14:39:15 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\TuneUp Software
2013-09-28 14:38:46 ----D---- C:\Program Files\TuneUp Utilities 2013
2013-09-28 14:37:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2013-09-28 14:37:17 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-28 14:37:17 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2013-09-28 14:26:12 ----D---- C:\Program Files\CCleaner
2013-09-17 05:29:21 ----D---- C:\WINDOWS\system32\NtmsData

======List of files/folders modified in the last 1 month======

2013-09-28 16:16:23 ----D---- C:\WINDOWS\Temp
2013-09-28 16:16:15 ----D---- C:\WINDOWS\Prefetch
2013-09-28 16:16:12 ----RD---- C:\Program Files
2013-09-28 16:14:46 ----D---- C:\WINDOWS\system32\drivers
2013-09-28 16:14:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2013-09-28 16:02:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-09-28 14:40:22 ----SHD---- C:\WINDOWS\Installer
2013-09-28 14:40:21 ----D---- C:\WINDOWS\system32\config
2013-09-28 14:40:17 ----D---- C:\WINDOWS\system32
2013-09-28 14:37:19 ----D---- C:\WINDOWS
2013-09-28 14:35:46 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-09-28 14:33:59 ----D---- C:\WINDOWS\Debug
2013-09-28 14:25:28 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-28 14:14:56 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\ViberPC
2013-09-22 16:40:00 ----D---- C:\Program Files\Microsoft Silverlight
2013-09-20 06:02:35 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-17 05:30:08 ----HD---- C:\WINDOWS\inf
2013-09-17 05:29:17 ----D---- C:\WINDOWS\repair
2013-09-17 05:29:13 ----SHD---- C:\System Volume Information
2013-09-17 05:28:38 ----D---- C:\WINDOWS\Registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS\system32\drivers\btkrnl.sys [2004-04-26 1239338]
R1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2013-06-23 113024]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-09-04 136672]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-06-23 37352]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2013-06-23 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-09-04 88840]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-11-10 1406464]
R3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2013-06-23 92448]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-04-26 53336]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 OZSCR;O2Micro SmartCardBus Smartcard Reader; C:\WINDOWS\system32\DRIVERS\ozscr.sys [2005-04-21 92550]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2004-11-15 264440]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2009-11-11 2216064]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
S0 bifqyl;bifqyl; C:\WINDOWS\System32\drivers\fvixamn.sys [2013-09-28 54016]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-02-07 544640]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-10-24 35913]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirFirewallService;Avira FireWall; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2013-09-02 655928]
R2 AntiVirMailService;Avira Mail Protection; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2013-09-02 622648]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-09-02 108088]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-09-04 84024]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-09-02 815160]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-11-10 389120]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe [2004-04-26 163840]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-31 1724192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-29 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-29 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-23 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-22 153376]
S4 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 28 zář 2013 16:19

Zdravim

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Restartujte pc a zkuste najet do nouzoveho rezimu. Trva to taky tak dlouho?

melo15 · #3 Příspěvek od **melo15** » 28 zář 2013 17:12

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2013/09/28 18:10:22

-- Controller Map ----------------------------------------------------------
+ Řadič úložiště Intel(R) 82801DBM v režimu Ultra ATA - 24CA [ATA]
+ Primární kanál IDE (0)
- WDC WD1200BEVE-00A0HT0
+ Sekundární kanál IDE (1)
- HL-DT-ST DVD-ROM GDR8084N

-- Disk List ---------------------------------------------------------------
(1) WDC WD1200BEVE-00A0HT0 : 120,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD1200BEVE-00A0HT0
----------------------------------------------------------------------------
Model : WDC WD1200BEVE-00A0HT0
Firmware : 11.01A11
Serial Number : WD-WXN1E40JPL28
Disk Size : 120,0 GB (8,4/120,0/120,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 234441648
Rotation Rate : 5400 RPM
Interface : Parallel ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 1630 hod.
Power On Count : 915 krát
Temparature : 50 C (122 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000001 Počet chyb čtení
03 158 158 _21 000000000422 Čas na roztočení ploten
04 _99 _99 __0 000000000417 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 00000000065E Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000393 Počet cyklů zapnutí zařízení
C0 200 200 __0 0000000000C6 Počet vypnutí disku
C1 186 186 __0 00000000A454 Počet cyklů načítání/vymazání
C2 _93 _91 __0 000000000032 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4534 4534 304A 504C 3238
020: 0000 4000 0032 3131 2E30 3131 3131 5744 4320 5744
030: 3132 3030 4245 5645 2D30 3048 3048 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 01FE 0000 746B 7F09 6123 BC09 BC09 6123 203F 0017
090: 0017 0080 FFFE 600B 80FE 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0000 0000 0000 5001 4EE2
110: AFB2 2413 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 12DC 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 2037 2037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D4A5

#4 Příspěvek od **Márty84** » 28 zář 2013 20:56

Márty84 píše: Restartujte pc a zkuste najet do nouzoveho rezimu. Trva to taky tak dlouho?

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

melo15 · #5 Příspěvek od **melo15** » 29 zář 2013 07:18

Omlouvám se, přehlédl jsem otázku.

NB v nouzovém režimu naběhl bleskově, do 1 minuty už se dalo surfovat po netu. V běžném režimu čekám klidně i těch 10 minut.
Mám trochu podezření na antivir, protože deštníček se otevře až cca po 5 minutách (to znamená, že začnou fungovat všechny ochrany). Nebo to může bejt něco jiného?

# AdwCleaner v3.005 - Report created 29/09/2013 at 08:12:58
# Updated 22/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Uživatel - D600
# Running from : C:\Documents and Settings\Uživatel\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\m0g0hnmp.default\prefs.js ]

-\\ Google Chrome v29.0.1547.76

[ File : C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1799 octets] - [28/09/2013 16:42:12]
AdwCleaner[R1].txt - [1083 octets] - [29/09/2013 08:09:33]
AdwCleaner[S0].txt - [1876 octets] - [28/09/2013 16:43:36]
AdwCleaner[S1].txt - [1005 octets] - [29/09/2013 08:12:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1065 octets] ##########

#6 Příspěvek od **Márty84** » 29 zář 2013 07:25

Zkuste antivir preinstalovat, pripadne ho vymenit za Avast.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

melo15 · #7 Příspěvek od **melo15** » 29 zář 2013 12:44

Márty84 píše: Zkuste antivir preinstalovat, pripadne ho vymenit za Avast.

Jdu na to

RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Uživatel [Práva správce]
Mód : Kontrola -- Datum : 09/29/2013 13:14:42
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] BTTray.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BTTray.lnk @C:\Program Files\Dell\Bluetooth Software\BTTray.exe [-][-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[25] : NtClose @ 0x80567AED -> HOOKED (Unknown @ 0xF8BB7FB4)
[Address] SSDT[41] : NtCreateKey @ 0x8057376F -> HOOKED (Unknown @ 0xF8BB7F6E)
[Address] SSDT[50] : NtCreateSection @ 0x80565333 -> HOOKED (Unknown @ 0xF8BB7FBE)
[Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x805A0036 -> HOOKED (Unknown @ 0xF8BB7F96)
[Address] SSDT[53] : NtCreateThread @ 0x80578803 -> HOOKED (Unknown @ 0xF8BB7F64)
[Address] SSDT[63] : NtDeleteKey @ 0x80597FFA -> HOOKED (Unknown @ 0xF8BB7F73)
[Address] SSDT[65] : NtDeleteValueKey @ 0x80595C1A -> HOOKED (Unknown @ 0xF8BB7F7D)
[Address] SSDT[68] : NtDuplicateObject @ 0x805748C2 -> HOOKED (Unknown @ 0xF8BB7FAF)
[Address] SSDT[97] : NtLoadDriver @ 0x805A425D -> HOOKED (Unknown @ 0xF8BB7F9B)
[Address] SSDT[98] : NtLoadKey @ 0x805AF5C3 -> HOOKED (Unknown @ 0xF8BB7F82)
[Address] SSDT[122] : NtOpenProcess @ 0x80574AA9 -> HOOKED (Unknown @ 0xF8BB7F50)
[Address] SSDT[125] : NtOpenSection @ 0x8056E467 -> HOOKED (Unknown @ 0xF8BB7F91)
[Address] SSDT[128] : NtOpenThread @ 0x8059323B -> HOOKED (Unknown @ 0xF8BB7F55)
[Address] SSDT[177] : NtQueryValueKey @ 0x8056A419 -> HOOKED (Unknown @ 0xF8BB7FD7)
[Address] SSDT[193] : NtReplaceKey @ 0x8064FE82 -> HOOKED (Unknown @ 0xF8BB7F8C)
[Address] SSDT[200] : NtRequestWaitReplyPort @ 0x8056DC86 -> HOOKED (Unknown @ 0xF8BB7FC8)
[Address] SSDT[204] : NtRestoreKey @ 0x8064FA19 -> HOOKED (Unknown @ 0xF8BB7F87)
[Address] SSDT[213] : NtSetContextThread @ 0x8062E33F -> HOOKED (Unknown @ 0xF8BB7FC3)
[Address] SSDT[237] : NtSetSecurityObject @ 0x8059D2BD -> HOOKED (Unknown @ 0xF8BB7FCD)
[Address] SSDT[240] : NtSetSystemInformation @ 0x805A8349 -> HOOKED (Unknown @ 0xF8BB7FA0)
[Address] SSDT[247] : NtSetValueKey @ 0x8057BC5B -> HOOKED (Unknown @ 0xF8BB7F78)
[Address] SSDT[255] : NtSystemDebugControl @ 0x8064AA57 -> HOOKED (Unknown @ 0xF8BB7FD2)
[Address] SSDT[257] : NtTerminateProcess @ 0x805839B9 -> HOOKED (Unknown @ 0xF8BB7F5F)
[Address] SSDT[277] : NtWriteVirtualMemory @ 0x8057F712 -> HOOKED (Unknown @ 0xF8BB7F5A)
[Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF8BB7FE6)
[Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF8BB7FEB)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD1200BEVE-00A0HT0 +++++
--- User ---
[MBR] c6aa7723328c9fc99abd3d2f8e864fad
[BSP] 348eaa4b79f4968f8923a6ea0269dcc1 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114470 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standardní diskové jednotky) - USB 2.0 USB Flash Drive USB Device +++++
--- User ---
[MBR] 47a0a8abdbc7c8239ec72822e987060d
[BSP] 7c1417efd1f73dc7d2d8262b009a5e58 : MBR Code unknown
Partition table:
0 - [XXXXXX] HIBER (0xa0) [VISIBLE] Offset (sectors): 4284574052 | Size: 854113 Mo
1 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 168689525 | Size: 953964 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 778201452 | Size: 1314189 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 0 | Size: 1775957 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_09292013_131442.txt >>

OTL Extras logfile created on: 29.9.2013 13:17:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,23 Mb Total Physical Memory | 364,70 Mb Available Physical Memory | 71,34% Memory free
1,22 Gb Paging File | 0,74 Gb Available in Paging File | 60,29% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 96,86 Gb Free Space | 86,65% Space Free | Partition Type: NTFS
Drive E: | 1,89 Gb Total Space | 1,20 Gb Free Space | 63,69% Space Free | Partition Type: FAT

Computer Name: D600 | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1292428093-789336058-842925246-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe" = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe" = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Viber\Viber.exe:*:Enabled:Viber -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90535871-81B9-4D99-8A13-A7EE97F2D7FE}" = Dell Bluetooth Software
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C5BED10B-42A9-4142-B4C2-008C0FDE27D5}" = O2Micro Smartcard Driver
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Internet Security
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.92 Modem
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{C5BED10B-42A9-4142-B4C2-008C0FDE27D5}" = O2Micro Smartcard Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 23.0.1 (x86 cs)" = Mozilla Firefox 23.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1292428093-789336058-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Viber" = Viber

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.7.2013 7:33:19 | Computer Name = D600 | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 18.7.2013 6:27:50 | Computer Name = D600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 28.0.1500.72, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.7.2013 6:27:50 | Computer Name = D600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 28.0.1500.72, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.7.2013 6:27:50 | Computer Name = D600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 28.0.1500.72, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.7.2013 6:27:50 | Computer Name = D600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 28.0.1500.72, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.7.2013 10:20:40 | Computer Name = D600 | Source = Application Error | ID = 1000
Description = Chybující aplikace skype.exe, verze 6.5.0.158, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x0000984e.

Error - 18.7.2013 23:24:04 | Computer Name = D600 | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 20.7.2013 13:31:45 | Computer Name = D600 | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 20.7.2013 15:21:23 | Computer Name = D600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 12.0.6425.1000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23.7.2013 23:12:50 | Computer Name = D600 | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

[ OSession Events ]
Error - 22.2.2012 15:23:07 | Computer Name = D600 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 22.2.2012 15:23:27 | Computer Name = D600 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.9.2013 8:06:19 | Computer Name = D600 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Skype Updater.

Error - 22.9.2013 10:45:38 | Computer Name = D600 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Adaptér výkonu služby WMI.

Error - 22.9.2013 10:45:38 | Computer Name = D600 | Source = Service Control Manager | ID = 7000
Description = Služba Adaptér výkonu služby WMI neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 25.9.2013 0:18:17 | Computer Name = D600 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba brány aplikačního rozhraní.

Error - 25.9.2013 0:18:17 | Computer Name = D600 | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 28.9.2013 8:14:54 | Computer Name = D600 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.0.127 pro síťovou kartu s adresou 00166F443547
byla serverem DHCP 192.168.1.254 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 28.9.2013 10:50:11 | Computer Name = D600 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde

Error - 29.9.2013 1:59:49 | Computer Name = D600 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 00166F443547
byla serverem DHCP 192.168.1.254 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 29.9.2013 2:00:09 | Computer Name = D600 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 29.9.2013 2:01:19 | Computer Name = D600 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

< End of report >

melo15 · #8 Příspěvek od **melo15** » 29 zář 2013 12:45

OTL logfile created on: 29.9.2013 13:17:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,23 Mb Total Physical Memory | 364,70 Mb Available Physical Memory | 71,34% Memory free
1,22 Gb Paging File | 0,74 Gb Available in Paging File | 60,29% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 96,86 Gb Free Space | 86,65% Space Free | Partition Type: NTFS
Drive E: | 1,89 Gb Total Space | 1,20 Gb Free Space | 63,69% Space Free | Partition Type: FAT

Computer Name: D600 | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.29 12:10:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
PRC - [2013.09.04 12:27:56 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.09.02 16:10:02 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.09.02 16:10:01 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.09.02 16:09:58 | 000,622,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2013.09.02 16:09:57 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.09.02 16:09:56 | 000,655,928 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2013.09.02 16:09:56 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.08.14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.04.26 18:13:54 | 000,561,213 | ---- | M] (WIDCOMM, Inc.) -- C:\Program Files\Dell\Bluetooth Software\BTTray.exe
PRC - [2004.04.26 18:12:40 | 001,245,268 | ---- | M] (WIDCOMM, Inc.) -- C:\Program Files\Dell\Bluetooth Software\BTStackServer.exe
PRC - [2004.04.26 18:02:14 | 000,163,840 | ---- | M] (WIDCOMM, Inc.) -- C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe

========== Modules (No Company Name) ==========

MOD - [2013.06.23 22:21:41 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.06.23 22:21:27 | 000,447,848 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\libxml2.dll
MOD - [2013.06.23 22:21:08 | 000,060,264 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\cares.dll
MOD - [2004.04.26 18:15:06 | 000,053,248 | ---- | M] () -- C:\Program Files\Dell\Bluetooth Software\BTKeyInd.dll

========== Services (SafeList) ==========

SRV - [2013.09.20 06:02:53 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.04 12:27:56 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.09.02 16:10:02 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.09.02 16:09:58 | 000,622,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.09.02 16:09:57 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.09.02 16:09:56 | 000,655,928 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2013.08.23 15:55:50 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2004.04.26 18:02:14 | 000,163,840 | ---- | M] (WIDCOMM, Inc.) [Auto | Running] -- C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe -- (btwdins)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\UIUSys.sys -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.09.04 12:28:03 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.09.04 12:28:02 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.06.23 22:21:57 | 000,113,024 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avfwot.sys -- (avfwot)
DRV - [2013.06.23 22:21:57 | 000,092,448 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avfwim.sys -- (avfwim)
DRV - [2013.06.23 22:21:57 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.06.23 22:21:57 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.11 14:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2007.02.07 00:06:56 | 000,544,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006.05.10 16:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005.11.10 23:49:24 | 001,406,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.05.03 16:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005.05.03 16:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005.05.03 16:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.04.21 22:58:38 | 000,092,550 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ozscr.sys -- (OZSCR)
DRV - [2004.11.15 16:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
DRV - [2004.04.26 17:31:56 | 001,239,338 | ---- | M] (WIDCOMM, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2004.04.26 17:15:16 | 000,053,336 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2001.10.24 14:04:44 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1292428093-789336058-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1292428093-789336058-842925246-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1292428093-789336058-842925246-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1292428093-789336058-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2013.06.22 16:58:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions
[2013.08.23 15:55:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.08.23 15:55:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.08.23 15:55:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.08.23 15:55:21 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.08.23 15:55:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BTTray.lnk = C:\Program Files\Dell\Bluetooth Software\BTTray.exe (WIDCOMM, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1292428093-789336058-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Dell\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 9933998119 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.10 10.10.11.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E719FBF8-12AF-43E4-922C-954B78213E52}: DhcpNameServer = 10.10.10.10 10.10.11.11
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (WIDCOMM, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.22 19:10:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1d90e151-ff14-11e1-a3c1-00166f443547}\Shell - "" = AutoRun
O33 - MountPoints2\{1d90e151-ff14-11e1-a3c1-00166f443547}\Shell\AutoRun\command - "" = E:\NokiaPCIA_Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.09.29 13:11:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Plocha\RK_Quarantine
[2013.09.29 13:11:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2013.09.29 07:59:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2013.09.28 18:07:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Plocha\CrystalDiskInfo5_0_0
[2013.09.28 16:42:10 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.28 16:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.09.28 16:16:09 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.28 14:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
[2013.09.28 14:54:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.09.28 14:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.09.28 14:54:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.09.28 14:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.09.28 14:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\TuneUp Software
[2013.09.28 14:37:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2013.09.28 14:37:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.09.28 14:37:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.09.28 14:33:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Uživatel\Recent
[2013.09.28 14:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2013.09.28 14:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.09.17 05:29:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[3 C:\Documents and Settings\Uživatel\Plocha\*.tmp files -> C:\Documents and Settings\Uživatel\Plocha\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.09.29 13:19:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.29 13:02:16 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.09.29 12:56:42 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.29 12:56:27 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.09.29 12:53:43 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.29 12:53:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.09.29 12:10:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2013.09.29 12:10:20 | 000,922,112 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\RogueKiller.exe
[2013.09.29 08:00:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.09.28 16:41:02 | 001,042,066 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\adwcleaner.exe
[2013.09.28 14:54:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.09.28 14:26:20 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.09.27 09:07:51 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.09.25 11:26:05 | 000,261,435 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\DIC-Prijmov.dokl_10tis_dle sml.3102310296.pdf
[2013.09.25 11:24:26 | 000,303,129 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\DIC-Odstoup.od sml.3102310296.pdf
[2013.09.25 11:22:52 | 000,897,592 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\DIC-sml.3102310296.pdf
[2013.09.20 06:02:35 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.09.20 06:02:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.09.04 12:28:03 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.09.04 12:28:02 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[3 C:\Documents and Settings\Uživatel\Plocha\*.tmp files -> C:\Documents and Settings\Uživatel\Plocha\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.09.29 13:19:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.29 13:11:18 | 000,922,112 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\RogueKiller.exe
[2013.09.29 08:06:54 | 001,042,066 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\adwcleaner.exe
[2013.09.29 08:00:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.09.28 14:54:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.09.28 14:26:20 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.09.25 11:26:05 | 000,261,435 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\DIC-Prijmov.dokl_10tis_dle sml.3102310296.pdf
[2013.09.25 11:24:26 | 000,303,129 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\DIC-Odstoup.od sml.3102310296.pdf
[2013.09.25 11:22:49 | 000,897,592 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\DIC-sml.3102310296.pdf
[2012.02.22 20:26:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.22 19:37:30 | 000,104,376 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012.02.22 19:13:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.02.22 19:07:15 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.02.22 18:57:56 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.02.22 18:56:45 | 000,189,000 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.12.19 10:53:25 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.02.22 22:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2013.06.23 22:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.09.28 14:37:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.09.15 16:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.02.22 19:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
[2013.09.28 14:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2013.09.28 14:50:36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.02.22 22:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Ashampoo
[2013.09.28 14:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\TuneUp Software
[2013.09.28 14:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ViberPC

========== Purity Check ==========

========== Custom Scans ==========

< >
[2012.02.22 19:08:33 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.02.22 19:15:23 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.04.12 11:40:54 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.01.29 16:35:20 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.29 16:35:21 | 000,000,944 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,081,152 | ---- | M] (Microsoft Corporation) MD5=C4BA879B581BE34536FE01F79AC28631 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2013.01.23 09:38:08 | 000,763,448 | ---- | M] (Google Inc.) -- C:\ChromeSetup.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.03.04 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Adobe
[2012.02.22 22:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Ashampoo
[2013.06.23 22:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Avira
[2012.02.22 19:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Identities
[2012.02.22 21:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Macromedia
[2013.09.28 14:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
[2012.12.19 16:33:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
[2013.06.22 16:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla
[2013.09.28 14:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Skype
[2012.02.22 21:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Sun
[2013.09.28 14:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\TuneUp Software
[2013.09.28 14:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ViberPC

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2012.02.22 18:55:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.02.22 18:55:58 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.02.22 18:55:58 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.09.29 08:00:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2013.09.29 12:56:27 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2013.01.23 09:38:08 | 000,763,448 | ---- | M] (Google Inc.) -- C:\ChromeSetup.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.29 13:19:32 | 000,000,512 | ---- | M] () MD5=C6AA7723328C9FC99ABD3D2F8E864FAD -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.05.13 15:14:36 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.dll
[2013.09.22 05:53:12 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20513.0\System.Runtime.Serialization.ni.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Files - Unicode (All) ==========
[2013.09.28 20:20:58 | 098,442,955 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\﷡꜓咔;
[2013.09.28 20:20:58 | 098,442,955 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\﷡꜓咔;
[2013.09.28 14:21:50 | 098,430,869 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\魐坴咔;
[2013.09.28 14:21:50 | 098,430,869 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\魐坴咔;
[2013.09.28 04:43:48 | 098,372,650 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\캻榔咔;
[2013.09.28 04:43:48 | 098,372,650 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\캻榔咔;
[2013.09.27 11:55:24 | 098,201,609 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\귒滥咔;
[2013.09.27 11:55:24 | 098,201,609 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\귒滥咔;
[2013.09.27 04:29:36 | 098,009,570 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\栲咔;
[2013.09.27 04:29:36 | 098,009,570 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\栲咔;
[2013.09.26 14:00:06 | 097,927,968 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\⋪婣咔;
[2013.09.26 14:00:06 | 097,927,968 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\⋪婣咔;
[2013.09.26 05:39:29 | 097,892,804 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\⇵驓咔;
[2013.09.26 05:39:29 | 097,892,804 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\⇵驓咔;
[2013.09.25 11:03:59 | 097,673,008 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ଛ叐咔;
[2013.09.25 11:03:59 | 097,673,008 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ଛ叐咔;
[2013.09.25 06:22:35 | 097,665,434 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꡏ봻咔;
[2013.09.25 06:22:35 | 097,665,434 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꡏ봻咔;
[2013.09.24 12:15:26 | 097,525,606 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ࡊⓟ咔;
[2013.09.24 12:15:26 | 097,525,606 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ࡊⓟ咔;
[2013.09.24 08:39:04 | 000,030,538 | ---- | M] ()(C:\Documents and Settings\Uživatel\Plocha\?????? ?????_Hordejcuk_24.9.13.docx) -- C:\Documents and Settings\Uživatel\Plocha\АНКЕТА Прага_Hordejcuk_24.9.13.docx
[2013.09.24 08:39:01 | 000,030,538 | ---- | C] ()(C:\Documents and Settings\Uživatel\Plocha\?????? ?????_Hordejcuk_24.9.13.docx) -- C:\Documents and Settings\Uživatel\Plocha\АНКЕТА Прага_Hordejcuk_24.9.13.docx
[2013.09.24 08:19:54 | 098,848,089 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\疽䍎咔;
[2013.09.24 08:19:54 | 098,848,089 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\疽䍎咔;
[2013.09.24 00:40:16 | 098,798,431 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\鹀㲺咔;
[2013.09.24 00:40:16 | 098,798,431 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\鹀㲺咔;
[2013.09.22 16:53:21 | 098,592,964 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\쒊뺕咔;
[2013.09.22 16:53:21 | 098,592,964 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\쒊뺕咔;
[2013.09.21 14:03:30 | 098,547,399 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\츹䈓咔;
[2013.09.21 14:03:30 | 098,547,399 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\츹䈓咔;
[2013.09.21 05:39:10 | 098,498,750 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\뗦咔;
[2013.09.21 05:39:10 | 098,498,750 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\뗦咔;
[2013.09.20 12:55:39 | 098,467,286 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\膉抹咔;
[2013.09.20 12:55:39 | 098,467,286 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\膉抹咔;
[2013.09.20 09:43:39 | 098,453,713 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\戵볨咔;
[2013.09.20 09:43:39 | 098,453,713 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\戵볨咔;
[2013.09.20 05:39:37 | 098,443,620 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\홴䕃咔;
[2013.09.20 05:39:37 | 098,443,620 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\홴䕃咔;
[2013.09.19 19:08:30 | 098,395,704 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㞠咔;
[2013.09.19 19:08:30 | 098,395,704 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㞠咔;
[2013.09.19 11:22:50 | 098,343,078 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\囒咨咔;
[2013.09.19 11:22:50 | 098,343,078 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\囒咨咔;
[2013.09.19 05:24:49 | 098,201,083 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\鏻㙏咔;
[2013.09.19 05:24:49 | 098,201,083 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\鏻㙏咔;
[2013.09.18 23:41:13 | 000,057,128 | ---- | M] ()(C:\Documents and Settings\Uživatel\Plocha\???_NoST-Voronezh (Automaticky uloženo).docx) -- C:\Documents and Settings\Uživatel\Plocha\ООО_NoST-Voronezh (Automaticky uloženo).docx
[2013.09.18 23:41:09 | 000,057,128 | ---- | C] ()(C:\Documents and Settings\Uživatel\Plocha\???_NoST-Voronezh (Automaticky uloženo).docx) -- C:\Documents and Settings\Uživatel\Plocha\ООО_NoST-Voronezh (Automaticky uloženo).docx
[2013.09.18 22:33:10 | 098,177,822 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\礻⣎咔;
[2013.09.18 22:33:10 | 098,177,822 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\礻⣎咔;
[2013.09.18 12:29:59 | 098,123,923 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\泆咔;
[2013.09.18 12:29:59 | 098,123,923 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\泆咔;
[2013.09.18 05:38:34 | 098,106,403 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�瘥咔;
[2013.09.18 05:38:34 | 098,106,403 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�瘥咔;
[2013.09.17 12:31:40 | 097,931,385 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�㖚咔;
[2013.09.17 12:31:40 | 097,931,385 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�㖚咔;
[2013.09.17 05:27:34 | 097,887,760 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꈄᷥ咔;
[2013.09.17 05:27:34 | 097,887,760 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꈄᷥ咔;
[2013.09.16 06:56:18 | 097,671,483 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\츙咔;
[2013.09.16 06:56:18 | 097,671,483 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\츙咔;
[2013.09.15 07:31:40 | 000,000,162 | -H-- | M] ()(C:\Documents and Settings\Uživatel\Plocha\~$?_NoST-Voronezh.docx) -- C:\Documents and Settings\Uživatel\Plocha\~$О_NoST-Voronezh.docx
[2013.09.15 07:31:40 | 000,000,162 | -H-- | C] ()(C:\Documents and Settings\Uživatel\Plocha\~$?_NoST-Voronezh.docx) -- C:\Documents and Settings\Uživatel\Plocha\~$О_NoST-Voronezh.docx
[2013.09.15 07:18:52 | 097,600,188 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\쫬཰咔;
[2013.09.15 07:18:52 | 097,600,188 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\쫬཰咔;
[2013.09.14 06:32:02 | 097,519,942 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ﲅ滚咔;
[2013.09.14 06:32:02 | 097,519,942 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ﲅ滚咔;
[2013.09.13 13:44:58 | 097,463,612 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\઴걳咔;
[2013.09.13 13:44:58 | 097,463,612 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\઴걳咔;
[2013.09.13 07:12:06 | 097,443,711 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꨓ咔;
[2013.09.13 07:12:06 | 097,443,711 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꨓ咔;
[2013.09.11 14:04:26 | 097,124,766 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\裠ﻆ咔;
[2013.09.11 14:04:26 | 097,124,766 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\裠ﻆ咔;
[2013.09.11 12:05:55 | 097,080,355 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\囗媯咔;
[2013.09.11 12:05:55 | 097,080,355 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\囗媯咔;
[2013.09.11 07:43:39 | 097,063,418 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\燾�咔;
[2013.09.11 07:43:39 | 097,063,418 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\燾�咔;
[2013.09.10 20:01:42 | 096,985,259 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ퟷ咔;
[2013.09.10 20:01:42 | 096,985,259 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ퟷ咔;
[2013.09.10 08:50:26 | 096,910,367 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\弾檓咔;
[2013.09.10 08:50:26 | 096,910,367 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\弾檓咔;
[2013.09.09 16:36:32 | 096,665,497 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ᕜ഍咔;
[2013.09.09 16:36:32 | 096,665,497 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ᕜ഍咔;
[2013.09.09 12:44:47 | 096,665,497 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\뤟⦔咔;
[2013.09.09 12:44:47 | 096,665,497 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\뤟⦔咔;
[2013.09.09 05:03:51 | 096,592,724 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꛣ醶咔;
[2013.09.09 05:03:51 | 096,592,724 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꛣ醶咔;
[2013.09.08 15:13:18 | 096,566,691 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\璯ㆎ咔;
[2013.09.08 15:13:18 | 096,566,691 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\璯ㆎ咔;
[2013.09.08 06:15:45 | 096,533,415 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�偸咔;
[2013.09.08 06:15:45 | 096,533,415 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�偸咔;
[2013.09.07 18:51:15 | 096,533,415 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�佬咔;
[2013.09.07 18:51:15 | 096,533,415 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�佬咔;
[2013.09.07 06:33:46 | 096,496,803 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\뮟郪咔;
[2013.09.07 06:33:46 | 096,496,803 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\뮟郪咔;
[2013.09.06 19:45:47 | 096,462,459 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\䧟捆咔;
[2013.09.06 19:45:47 | 096,462,459 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\䧟捆咔;
[2013.09.06 15:08:03 | 096,334,488 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꋱ咔;
[2013.09.06 15:08:03 | 096,334,488 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꋱ咔;
[2013.09.06 06:54:26 | 096,269,118 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\᫪ꢷ咔;
[2013.09.06 06:54:26 | 096,269,118 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\᫪ꢷ咔;
[2013.09.05 12:30:45 | 096,044,050 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\髯咔;
[2013.09.05 12:30:45 | 096,044,050 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\髯咔;
[2013.09.05 07:27:16 | 096,012,847 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�晱咔;
[2013.09.05 07:27:16 | 096,012,847 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�晱咔;
[2013.09.04 20:28:49 | 095,920,262 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\혰䙨咔;
[2013.09.04 20:28:49 | 095,920,262 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\혰䙨咔;
[2013.09.04 05:45:35 | 095,780,347 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㷓ந咔;
[2013.09.04 05:45:35 | 095,780,347 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㷓ந咔;
[2013.09.03 17:21:32 | 095,638,383 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\䯉�咔;
[2013.09.03 17:21:32 | 095,638,383 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\䯉�咔;
[2013.09.03 03:23:20 | 095,452,537 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㚾ǌ咔;
[2013.09.03 03:23:20 | 095,452,537 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㚾ǌ咔;
[2013.09.02 20:14:54 | 095,286,781 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�ौ咔;
[2013.09.02 20:14:54 | 095,286,781 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�ौ咔;
[2013.08.23 20:55:07 | 000,023,363 | ---- | M] ()(C:\Documents and Settings\Uživatel\Plocha\???_NoST-Voronezh.docx) -- C:\Documents and Settings\Uživatel\Plocha\ООО_NoST-Voronezh.docx
[2013.08.23 20:55:05 | 000,023,363 | ---- | C] ()(C:\Documents and Settings\Uživatel\Plocha\???_NoST-Voronezh.docx) -- C:\Documents and Settings\Uživatel\Plocha\ООО_NoST-Voronezh.docx

< End of report >

melo15 · #9 Příspěvek od **melo15** » 29 zář 2013 13:55

Odinstaloval jsem Aviru, hodil tam Avast a NB šlape téměř rychle jako v nouzáku.
Omlouvám se, ale k tomuto NB se dostanu zase až za týden...
Z mé strany to vypadá, že už je to vyřešené, ale jestli je potřeba ještě něco udělat, tak to provedu.
Děkuju

#10 Příspěvek od **Márty84** » 29 zář 2013 14:55

No par veci na smazani tam je, ale nic velkeho.

Akorat, v logu z OTL je tato cast ========== Files - Unicode (All) ==========
a tam spousta slozek, to tam bylo vzdycky? Nebyva to tak caste

melo15 · #11 Příspěvek od **melo15** » 29 zář 2013 15:21

Máte na mysli ty složky, které jsou pojmenované činskýma znakama? No taky mě to v tom logu překvapilo, netuším, co to je.
Až budu mít příležitost, tak se na to mrknu.
Prozatím děkuju za pomoc.

#12 Příspěvek od **Márty84** » 29 zář 2013 15:28

Ano, presne ty mam na mysli

Kouknete pak co v nic je. Nerikam ze je to neco spatneho, jen je to neobvykle

No prozatim neni zac. Az tedy budete u toho pc, napiste co je v nektere z tech slozek a dejte novy log z RSIT.

25.11. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Prosím o kontrolu logu staršího NB-šíleně pomalý po spuštění

Prosím o kontrolu logu staršího NB-šíleně pomalý po spuštění

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš

Re: Prosím o kontrolu logu staršího NB-šíleně pomalý po spuš