prosim o kontrolu logu dekuji

Zpráva

#16 Příspěvek od **Márty84** » 27 led 2014 20:54

OTL byl spusten bez toho textu. Ten text tam musite zkopirovat, aby mi log ukazal co potrebuji. Bez toho je mi to k nicemu. Takze znovu

rosta · #17 Příspěvek od **rosta** » 28 led 2014 09:48

no jasne

, to se nepovedlo, vecer to napravim, zatim diky za vas cas a trpelivost

#18 Příspěvek od **Márty84** » 28 led 2014 11:11

zatim neni zac

rosta · #19 Příspěvek od **rosta** » 29 led 2014 17:57

vytvoril se pouze jeden log

(

OTL logfile created on: 29.1.2014 17:07:29 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\mama\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,17 Mb Total Physical Memory | 361,19 Mb Available Physical Memory | 35,58% Memory free
2,39 Gb Paging File | 1,81 Gb Available in Paging File | 76,01% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 122,14 Gb Free Space | 87,85% Space Free | Partition Type: NTFS

Computer Name: MAMČA | User Name: mama | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.27 20:36:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mama\Plocha\OTL.exe
PRC - [2014.01.03 08:20:32 | 000,244,024 | ---- | M] (Maxthon International ltd.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe
PRC - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.10.23 15:01:10 | 000,300,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.10.23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2008.07.16 14:00:00 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013.11.26 02:25:42 | 015,990,664 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll
MOD - [2013.11.21 07:37:14 | 000,109,336 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\libEGL.dll
MOD - [2013.11.21 07:37:06 | 000,887,064 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\libGLESv2.dll
MOD - [2013.11.18 02:18:38 | 000,258,944 | ---- | M] () -- C:\Program Files\Maxthon\Bin\Maxzlib.dll
MOD - [2013.11.18 02:18:36 | 000,232,760 | ---- | M] () -- C:\Program Files\Maxthon\Addons\Mobile\MxMobile.dll
MOD - [2013.10.10 18:25:06 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013.08.18 18:16:15 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\cf3c9d1496acdcb836853e59fe20223b\System.Management.ni.dll
MOD - [2013.08.18 18:12:37 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.08.18 18:12:21 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\f4ea3ea9bbe98bbc32c6def83bd2962d\System.Runtime.Remoting.ni.dll
MOD - [2013.08.15 19:41:49 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.08.15 19:37:23 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.07.11 18:28:00 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2009.12.13 16:47:22 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009.12.13 16:47:22 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll
MOD - [2009.12.13 16:47:22 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Framework.Utility\3.0.3010.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2009.12.13 16:47:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3010.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll
MOD - [2009.12.13 16:47:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3010.0__14bcaafdb44b5951\Framework.Model.Controller.dll
MOD - [2009.12.13 16:47:22 | 000,015,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Framework.Host\3.0.3010.0__672b450de5a7e94a\Framework.Host.dll
MOD - [2009.12.13 16:47:22 | 000,009,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2009.12.13 16:47:22 | 000,006,144 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3010.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
MOD - [2008.07.16 14:00:00 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.12.11 19:59:51 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2008.07.16 14:00:00 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008.05.05 23:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.08.17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.03.23 13:06:52 | 000,130,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.02.20 08:45:28 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.02.20 08:43:38 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.02.20 08:42:26 | 005,030,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.07.16 13:56:06 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2007.06.14 18:34:00 | 000,457,856 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007.04.11 15:33:14 | 000,028,688 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.04.11 15:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACEW

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes\{3B606E8A-20C2-4AE8-802F-0C36DE6FCC9E}: "URL" = http://websearch.ask.com/redirect?clien ... 20521CAE22
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... SJ_csCZ516
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={search ... c=iesearch
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: Glary Search (Enabled)
CHR - default_search_provider: search_url = http://www.google.com
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.seznam.cz/
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2014.01.26 18:44:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D22A25DC-DF51-4085-817C-DC3EC79CD560}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\mama\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\mama\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.27 09:38:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.29 17:06:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014.01.27 20:36:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mama\Plocha\OTL.exe
[2014.01.26 18:43:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.01.26 17:44:15 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.01.26 17:42:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.01.26 17:42:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.01.26 17:42:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.01.26 17:42:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.01.26 17:42:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.26 17:42:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mama\Dokumenty\Filmy
[2014.01.26 17:42:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Filmy
[2014.01.26 17:42:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.01.26 17:30:01 | 005,175,240 | R--- | C] (Swearware) -- C:\Documents and Settings\mama\Plocha\ComboFix.exe
[2014.01.26 14:34:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mama\Plocha\RK_Quarantine
[2014.01.26 13:46:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2014.01.26 12:57:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.25 16:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.01.25 16:45:53 | 000,000,000 | ---D | C] -- C:\rsit
[2014.01.25 16:23:52 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014.01.25 16:23:52 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014.01.25 16:23:35 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014.01.25 16:23:35 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014.01.25 16:23:35 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014.01.25 16:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
[2014.01.24 20:25:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mama\Recent
[2014.01.14 20:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2014.01.12 11:11:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Maxthon Cloud Browser
[2014.01.12 11:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mama\Data aplikací\Maxthon3
[2014.01.12 11:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon
[2014.01.11 13:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mama\Data aplikací\Logitech
[2014.01.11 13:21:42 | 000,079,376 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\LMouKE.Sys
[2014.01.11 13:21:42 | 000,063,248 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\L8042mou.Sys
[2014.01.11 13:21:41 | 000,056,080 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\KHALMNPR.Exe
[2014.01.11 13:21:41 | 000,036,112 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LMouFilt.Sys
[2014.01.11 13:21:41 | 000,020,496 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\L8042Kbd.sys
[2014.01.11 13:21:40 | 001,419,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01005.dll
[2014.01.11 13:21:40 | 000,034,832 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHidFilt.Sys
[2014.01.11 13:21:40 | 000,028,688 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LUsbFilt.sys
[2014.01.11 13:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\LogiShrd
[2014.01.04 22:47:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mama\Nabídka Start\Programy\Nástroje pro správu
[2014.01.04 20:54:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mama\Local Settings\Data aplikací\Help
[2014.01.04 20:54:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mama\Data aplikací\Help
[2014.01.04 20:40:15 | 000,231,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2014.01.04 20:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014.01.04 20:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2014.01.04 19:25:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mama\Data aplikací\Malwarebytes
[2014.01.04 19:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.01.04 19:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.01.04 19:25:23 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.01.04 19:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.01.04 13:17:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2014.01.04 13:16:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014.01.04 13:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.01.04 13:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software

========== Files - Modified Within 30 Days ==========

[2014.01.29 17:10:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.29 17:04:41 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014.01.29 16:59:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.29 16:54:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\LogConfigTemp.xml
[2014.01.29 16:54:34 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.29 16:54:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.29 16:54:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.29 16:54:26 | 1064,554,496 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.27 21:48:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.27 20:36:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mama\Plocha\OTL.exe
[2014.01.26 18:44:40 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.01.26 17:44:20 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014.01.26 17:30:07 | 005,175,240 | R--- | M] (Swearware) -- C:\Documents and Settings\mama\Plocha\ComboFix.exe
[2014.01.26 14:32:21 | 003,792,384 | ---- | M] () -- C:\Documents and Settings\mama\Plocha\RogueKiller(1).exe
[2014.01.26 14:31:41 | 003,792,384 | ---- | M] () -- C:\Documents and Settings\mama\Plocha\RogueKiller.exe
[2014.01.26 13:55:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.01.26 12:53:21 | 001,236,282 | ---- | M] () -- C:\Documents and Settings\mama\Plocha\adwcleaner.exe
[2014.01.25 16:41:30 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\mama\Plocha\RSIT.exe
[2014.01.24 20:26:21 | 000,001,694 | ---- | M] () -- C:\Documents and Settings\mama\Dokumenty\cc_20140112_114243.reg
[2014.01.20 18:16:33 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2014.01.19 08:32:23 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2014.01.17 17:02:45 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.01.12 11:21:41 | 000,001,477 | ---- | M] () -- C:\Documents and Settings\mama\Plocha\Průzkumník Windows.lnk
[2014.01.12 11:11:44 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Maxthon Cloud Browser.lnk
[2014.01.12 11:05:55 | 000,432,202 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.01.12 11:05:55 | 000,428,180 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.01.12 11:05:55 | 000,078,046 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.01.12 11:05:55 | 000,067,322 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.01.11 13:49:57 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2014.01.04 20:41:47 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2014.01.04 19:26:53 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.01.04 13:09:52 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

========== Files Created - No Company Name ==========

[2014.01.29 17:10:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.26 17:44:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2014.01.26 17:44:18 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2014.01.26 17:42:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.01.26 17:42:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.01.26 17:42:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.01.26 17:42:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.01.26 17:42:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014.01.26 14:32:21 | 003,792,384 | ---- | C] () -- C:\Documents and Settings\mama\Plocha\RogueKiller(1).exe
[2014.01.26 14:31:41 | 003,792,384 | ---- | C] () -- C:\Documents and Settings\mama\Plocha\RogueKiller.exe
[2014.01.26 13:33:45 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014.01.26 12:53:20 | 001,236,282 | ---- | C] () -- C:\Documents and Settings\mama\Plocha\adwcleaner.exe
[2014.01.25 16:45:37 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\mama\Plocha\RSIT.exe
[2014.01.12 11:42:45 | 000,001,694 | ---- | C] () -- C:\Documents and Settings\mama\Dokumenty\cc_20140112_114243.reg
[2014.01.12 11:21:32 | 000,001,477 | ---- | C] () -- C:\Documents and Settings\mama\Plocha\Průzkumník Windows.lnk
[2014.01.12 11:11:44 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Maxthon Cloud Browser.lnk
[2014.01.12 11:05:16 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\mama\Nabídka Start\Programy\Outlook Express.lnk
[2014.01.11 13:49:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2014.01.04 20:47:56 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014.01.04 20:41:47 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2014.01.04 20:37:57 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
[2014.01.04 19:25:27 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.02.16 17:18:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009.12.13 19:09:02 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\mama\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.13 18:44:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\mama\Data aplikací\wklnhst.dat

========== ZeroAccess Check ==========

[2009.02.27 10:12:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.01.04 13:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.01.16 18:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2014.01.26 14:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.12.13 16:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.06.20 08:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WildTangent
[2014.01.04 19:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\GlarySoft
[2013.01.16 18:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\go
[2014.01.12 11:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Maxthon3
[2009.12.13 19:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\OpenOffice.org
[2009.12.13 18:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Template
[2010.12.08 19:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\WildTangent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.02.27 09:40:56 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.02.27 18:22:57 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.12.26 14:23:16 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.12.27 18:06:18 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.27 18:06:19 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014.01.04 20:47:56 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\AGP440.SYS
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\$NtUninstallKB932716-v2$\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[30 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.12.30 12:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Adobe
[2014.01.04 19:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\GlarySoft
[2013.01.16 18:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\go
[2009.12.13 17:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Google
[2014.01.04 20:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Help
[2009.02.27 09:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Identities
[2009.02.27 09:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\InstallShield
[2014.01.11 13:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Logitech
[2009.12.13 17:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Macromedia
[2014.01.04 19:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Malwarebytes
[2014.01.12 11:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Maxthon3
[2014.01.11 13:20:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\mama\Data aplikací\Microsoft
[2011.08.28 17:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Mozilla
[2009.12.13 19:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\OpenOffice.org
[2014.01.22 17:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Skype
[2011.05.29 10:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\skypePM
[2009.02.27 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Sun
[2009.12.13 18:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\Template
[2013.01.16 18:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\U3
[2010.12.08 19:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mama\Data aplikací\WildTangent

< %APPDATA%\*.exe /s >
[2014.01.25 16:21:57 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\mama\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\mama\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\mama\Data aplikací\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.02.27 10:30:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.02.27 10:30:42 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.02.27 10:30:42 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.01.29 16:54:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\LogConfigTemp.xml
[2014.01.29 16:54:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.29 17:10:46 | 000,000,512 | ---- | M] () MD5=1A0C7C0F3FEAC26E197FA9596D105A25 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003.06.24 21:49:00 | 000,016,978 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sounds\firecrackle.ogg
[2008.03.25 20:14:36 | 000,008,316 | ---- | M] () -- \Program Files\eMachines Games\Polar Pool\levels\ice_cave\scene\crack.jpg
[2008.03.25 20:14:36 | 000,007,666 | ---- | M] () -- \Program Files\eMachines Games\Polar Pool\levels\ice_cave\scene\crack_alpha.jpg

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.02.19 16:28:20 | 000,000,747 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\Common\css\online_loader.css
[2011.02.19 16:28:11 | 000,000,640 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_off.gif
[2011.02.19 16:28:11 | 000,002,068 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\mini_loader_on.gif
[2011.02.19 16:28:11 | 000,012,527 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\Common\img\windowed_loader_75.gif
[2011.02.19 16:28:20 | 000,003,194 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\Common\js\online_loader.js
[2011.02.19 16:28:20 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\de\Online_Loader.html
[2011.02.19 16:28:11 | 000,003,083 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\de\img\going_online_loader.gif
[2011.02.19 16:28:11 | 000,003,241 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\de\img\onlineloader_retry.gif
[2011.02.19 16:28:21 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\en\Online_Loader.html
[2011.02.19 16:28:11 | 000,003,065 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\en\img\going_online_loader.gif
[2011.02.19 16:28:11 | 000,003,097 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\en\img\onlineloader_retry.gif
[2011.02.19 16:28:22 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\en-us\Online_Loader.html
[2011.02.19 16:28:12 | 000,003,065 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\going_online_loader.gif
[2011.02.19 16:28:12 | 000,003,097 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\en-us\img\onlineloader_retry.gif
[2011.02.19 16:28:22 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\es\Online_Loader.html
[2011.02.19 16:28:12 | 000,003,199 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\es\img\going_online_loader.gif
[2011.02.19 16:28:12 | 000,003,515 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\es\img\onlineloader_retry.gif
[2011.02.19 16:28:23 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\es-es\Online_Loader.html
[2011.02.19 16:28:12 | 000,003,031 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\going_online_loader.gif
[2011.02.19 16:28:12 | 000,003,665 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\es-es\img\onlineloader_retry.gif
[2011.02.19 16:28:23 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\fr\Online_Loader.html
[2011.02.19 16:28:13 | 000,003,143 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\going_online_loader.gif
[2011.02.19 16:28:13 | 000,003,545 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\fr\img\onlineloader_retry.gif
[2011.02.19 16:28:23 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\it\Online_Loader.html
[2011.02.19 16:28:13 | 000,003,186 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\it\img\going_online_loader.gif
[2011.02.19 16:28:13 | 000,003,368 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\it\img\onlineloader_retry.gif
[2011.02.19 16:28:24 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\Online_Loader.html
[2011.02.19 16:28:14 | 000,003,160 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\going_online_loader.gif
[2011.02.19 16:28:14 | 000,003,054 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\ko-kr\img\onlineloader_retry.gif
[2011.02.19 16:28:24 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\pt\Online_Loader.html
[2011.02.19 16:28:14 | 000,003,210 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\going_online_loader.gif
[2011.02.19 16:28:14 | 000,003,581 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\pt\img\onlineloader_retry.gif
[2011.02.19 16:28:25 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\zh\Online_Loader.html
[2011.02.19 16:28:14 | 000,003,111 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\going_online_loader.gif
[2011.02.19 16:28:14 | 000,003,092 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\zh\img\onlineloader_retry.gif
[2011.02.19 16:28:25 | 000,000,659 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\Online_Loader.html
[2011.02.19 16:28:15 | 000,002,778 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\going_online_loader.gif
[2011.02.19 16:28:15 | 000,003,219 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\WildTangent\eMachines Game Console\UI\htdocs2\zh-cn\img\onlineloader_retry.gif
[2004.04.08 22:29:00 | 000,002,116 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\blue-Loader.jpg
[2004.04.08 02:08:00 | 000,007,604 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Flash-Loader.jpg
[2004.04.08 02:13:00 | 000,007,963 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Flash-Loader_.jpg
[2004.04.08 02:11:00 | 000,006,428 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Loader.jpg
[2003.12.17 20:32:00 | 000,028,201 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\loaderbar.png
[2004.04.08 02:12:00 | 000,002,693 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Loader_.jpg
[2004.03.12 02:25:00 | 000,110,633 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader.gif
[2004.03.11 00:08:00 | 000,011,370 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlay.jpg
[2004.03.12 02:36:00 | 000,003,973 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlaylit.jpg
[2004.03.12 02:36:00 | 000,001,932 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlaylit_.gif
[2004.05.07 01:35:00 | 000,003,829 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlay_.gif
[2004.04.14 18:17:00 | 000,006,343 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\purple-Loader.jpg
[2004.03.11 19:29:00 | 000,006,979 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar.jpg
[2004.03.17 22:20:00 | 000,004,691 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbarlit.jpg
[2004.03.17 22:20:00 | 000,002,208 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbarlit_.gif
[2004.03.11 19:30:00 | 000,003,075 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_.gif
[2004.04.06 00:45:00 | 000,008,190 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_clickhere.jpg
[2004.04.06 00:40:00 | 000,008,725 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_clickhere_over.jpg
[2013.11.18 02:18:40 | 000,066,872 | ---- | M] () -- \Program Files\Maxthon\Bin\MxAppLoader.exe
[2013.11.20 07:05:08 | 000,654,136 | ---- | M] () -- \Program Files\Maxthon\Bin\MxDownloader.dll
[2009.09.16 22:33:50 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2009.09.16 15:22:08 | 000,022,528 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2009.09.17 20:12:18 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2009.09.11 16:36:38 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2009.09.18 11:48:12 | 000,003,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.10.10 18:19:31 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.09 19:08:57 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.17 18:37:28 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.16 18:07:12 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 13:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

#20 Příspěvek od **Márty84** » 29 led 2014 19:59

rosta píše:vytvoril se pouze jeden log

To je v poradku, ten druhy se vytvori jen pri prvnim spusteni

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
SRTSP
SRTSPX
NAVENG
NAVEX15
JavaQuickStarterService
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes\{3B606E8A-20C2-4AE8-802F-0C36DE6FCC9E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=723FFEDE-35ED-426F-9465-6F00338661C9&apn_sauid=8E300B4E-29FE-4F48-92C4-9220521CAE22
IE - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
O3 - HKU\S-1-5-21-3133978997-2939153371-2801439982-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
[2014.01.04 13:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[30 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

rosta · #21 Příspěvek od **rosta** » 29 led 2014 20:47

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 7720864 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49286 bytes

User: mama
->Temp folder emptied: 10660265 bytes
->Temporary Internet Files folder emptied: 9650310 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1067 bytes

User: NetworkService
->Temp folder emptied: 9582 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33742 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 2593 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33438 bytes
RecycleBin emptied: 3893668 bytes

Total Files Cleaned = 31,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: mama
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service SRTSP stopped successfully!
Service SRTSP deleted successfully!
Service SRTSPX stopped successfully!
Service SRTSPX deleted successfully!
Service NAVENG stopped successfully!
Service NAVENG deleted successfully!
Service NAVEX15 stopped successfully!
Service NAVEX15 deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-3133978997-2939153371-2801439982-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3133978997-2939153371-2801439982-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3133978997-2939153371-2801439982-1005\Software\Microsoft\Internet Explorer\SearchScopes\{3B606E8A-20C2-4AE8-802F-0C36DE6FCC9E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B606E8A-20C2-4AE8-802F-0C36DE6FCC9E}\ not found.
Registry key HKEY_USERS\S-1-5-21-3133978997-2939153371-2801439982-1005\Software\Microsoft\Internet Explorer\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1d89ae7-449d-4929-b24b-fded04adbe06}\ not found.
Registry value HKEY_USERS\S-1-5-21-3133978997-2939153371-2801439982-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
Invalid CLSID key: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Persistent Data\Avast\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Persistent Data\Avast folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Persistent Data folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP148.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP155.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16.tmp\System.EnterpriseServices.Wrapper.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP188.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1BB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3.tmp\System.ServiceModel.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP328.tmp\System.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP328.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP396.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B.tmp\WindowsLiveLocal.WriterPlugin.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E7.tmp\WindowsFormsIntegration.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F.tmp\System.Data.Entity.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP69.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP83.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB5.tmp folder deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01292014_204109

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#22 Příspěvek od **Márty84** » 29 led 2014 22:17

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

rosta · #23 Příspěvek od **rosta** » 30 led 2014 22:28

vse provedeno, zatim to vypada nadejne

, pc je rychlejsi a problem se zablokovanim prohlizece se jiz neprojevuje, snad to vydrzi
pokud ne budu psat

diky za vas cas a pomoc

#24 Příspěvek od **Márty84** » 31 led 2014 10:48

OK

Jestli to zacne zlobit behem dneska, napiste mail a tema znovu otevru. Jestli pozdeji, zalozte nove tema, stejne by se muselo zacit znovu od zacatku.

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji

Re: prosim o kontrolu logu dekuji