Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pekelně zpomalený PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#16 Příspěvek od Caswalon »

ComboFix 14-04-26.01 - Sett 28.04.2014 13:18:59.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.1914 [GMT 2:00]
Spuštěný z: c:\documents and settings\Sett\Plocha\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Data aplikací\HirezPipeError.txt
c:\documents and settings\Sett\WINDOWS
C:\END
c:\windows\IsUn0405.exe
c:\windows\Readme.txt
c:\windows\system32\Cache
c:\windows\system32\Cache\05b3566814c1c2ec.fb
c:\windows\system32\Cache\075884af680ff6dc.fb
c:\windows\system32\Cache\106510aea847404a.fb
c:\windows\system32\Cache\17cae453d65bd7d5.fb
c:\windows\system32\Cache\227113dfa1ca894d.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\2efed7725b9c9b79.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\332f5cf92a2acb12.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\3d0c20e52984bab4.fb
c:\windows\system32\Cache\450d477ff55871e4.fb
c:\windows\system32\Cache\49fbbc5a8678d502.fb
c:\windows\system32\Cache\57b8735085c2d402.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5da898cfcc3a7e94.fb
c:\windows\system32\Cache\5f792de28eabf493.fb
c:\windows\system32\Cache\5fe642af980d0463.fb
c:\windows\system32\Cache\601fcb27b6af3e27.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\613e8ce7ab7106af.fb
c:\windows\system32\Cache\633a76311867bd11.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\691f14230153a9e1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6cb409d7ac73d9f1.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\7614bd6cfa99e546.fb
c:\windows\system32\Cache\77664b6ccc36be9f.fb
c:\windows\system32\Cache\77a63fce52270c47.fb
c:\windows\system32\Cache\881b3593316772f0.fb
c:\windows\system32\Cache\895b0fa307ac2927.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\98657d0579ae1930.fb
c:\windows\system32\Cache\a0fe2528705655a0.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\ad92d44a8edfad97.fb
c:\windows\system32\Cache\b9040adb9f0fae54.fb
c:\windows\system32\Cache\bf0ef6c221611fc4.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\cdf4b759b4266804.fb
c:\windows\system32\Cache\cec006b864adbfa2.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d5c0f4e7bbe35bf3.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\d9ca663388d21ec0.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f2cda51fd108941f.fb
c:\windows\system32\Cache\f34d8db84131d925.fb
c:\windows\system32\Cache\f469d1e5b4a9e1a7.fb
c:\windows\system32\Cache\f814b42f6b1e3213.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\Oleaut32.1
c:\windows\system32\SET268.tmp
c:\windows\system32\SET26D.tmp
c:\windows\system32\x.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WSYSSVC
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-28 do 2014-04-28 )))))))))))))))))))))))))))))))
.
.
2014-04-27 08:40 . 2014-04-27 08:40 -------- d-----w- c:\documents and settings\Sett\Data aplikací\Malwarebytes
2014-04-27 08:39 . 2014-04-27 08:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-04-26 22:41 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-04-26 21:22 . 2014-04-26 21:26 -------- d-----w- c:\program files\trend micro
2014-04-26 21:22 . 2014-04-26 21:26 -------- d-----w- C:\rsit
2014-04-19 23:27 . 2014-04-19 23:29 -------- d-----w- c:\documents and settings\Sett\Data aplikací\deluge
2014-04-07 19:22 . 2014-04-07 19:22 -------- d-----w- c:\documents and settings\Sett\Data aplikací\Awesomium
2014-04-07 19:21 . 2014-04-07 19:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hi-Rez Studios
2014-04-06 00:31 . 2013-06-28 09:44 27776 ----a-w- c:\windows\system32\drivers\lgandnetmodem.sys
2014-04-06 00:31 . 2013-04-18 14:09 23168 ----a-w- c:\windows\system32\drivers\lgandnetdiag.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-18 13:02 . 2011-12-23 11:32 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 14:11 . 2010-11-12 12:19 211224 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-03-31 14:11 . 2010-09-07 02:48 108312 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2014-03-27 20:15 . 2010-12-08 03:12 193304 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-03-27 20:14 . 2013-08-01 14:06 123160 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-03-27 20:04 . 2012-04-19 02:50 150296 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-03-27 20:04 . 2013-02-08 02:37 238872 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-03-27 20:03 . 2010-09-07 02:48 28440 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-03-27 20:03 . 2011-12-23 11:32 22296 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-03-21 15:57 . 2014-01-30 11:42 42272 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2014-03-12 13:33 . 2012-04-08 17:17 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 13:33 . 2012-03-14 05:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 13:33 . 2014-02-21 16:33 5777288 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-02-07 17:24 . 2014-02-07 16:43 94336 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-26 19522592]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-04-06 5180432]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"VICTORY Gaming Keyboard"="c:\program files\Gaming Keyboard\Monitor.exe" [2013-04-09 270336]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Printsrv"="c:\windows\System32\Printing_Admin_Scripts\en-US\drvupd.vbs" [2014-01-11 579]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Garena Messenger\\Room\\garena_room.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\Sett\\Plocha\\NFS\\Need For Speed - Most Wanted\\Speed.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Games\\Warcraft III\\Warcraft III.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Games\\Northland\\Game.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Documents and Settings\\Sett\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Garena Messenger\\ggdllhost.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"58090:TCP"= 58090:TCP:Pando Media Booster
"58090:UDP"= 58090:UDP:Pando Media Booster
"58866:TCP"= 58866:TCP:Pando Media Booster
"58866:UDP"= 58866:UDP:Pando Media Booster
"22:TCP"= 22:TCP:192.168.0.120/255.255.255.255:Enabled:Sivi_PC
"57267:TCP"= 57267:TCP:Pando Media Booster
"57267:UDP"= 57267:UDP:Pando Media Booster
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 150296]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [8.2.2013 4:37 238872]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7.9.2010 4:48 28440]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [1.8.2013 16:06 123160]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 199960]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 22296]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8.12.2010 5:12 193304]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [12.11.2010 14:19 211224]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30.1.2014 13:42 42272]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [30.10.2013 12:34 203024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [30.10.2013 12:34 103696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [18.4.2014 15:22 3645456]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [27.3.2014 22:10 291912]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\games\SMITE\HiPatchService.exe [7.4.2014 21:21 9216]
R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [15.7.2007 4:37 27992]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [9.10.2013 10:58 3275136]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [4.3.2013 23:06 3560800]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.4.2013 15:11 242240]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28.4.2011 21:19 44032]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2.8.2012 12:53 155824]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [15.10.2013 14:42 126224]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23.10.2013 9:15 172192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [28.4.2011 21:17 1691480]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\drivers\lgandnetdiag.sys [6.4.2014 2:31 23168]
S3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\drivers\lgandnetmodem.sys [6.4.2014 2:31 27776]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [21.6.2012 20:41 112640]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2.8.2012 12:55 12400]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena Messenger\Room\safedrv.sys --> c:\program files\Garena Messenger\Room\safedrv.sys [?]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [7.8.2012 9:37 100480]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [7.2.2014 18:43 94336]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [10.5.2013 21:52 25088]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [15.10.2013 14:42 114960]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - SONY_PC_COMPANION
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-26 03:19 1078088 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 13:33]
.
2014-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 13:54]
.
2014-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 13:54]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.10.10.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-vProt - c:\program files\AVG SafeGuard toolbar\vprot.exe
AddRemove-AVG SafeGuard toolbar - c:\program files\AVG SafeGuard toolbar\UNINSTALL.exe
AddRemove-Delta Chrome Toolbar - c:\documents and settings\Sett\Data aplikací\BabSolution\Shared\GUninstaller.exe
AddRemove-Tzar - c:\windows\IsUn0405.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-28 13:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:81,11,3a,ee,df,57,bb,c2,06,a9,c0,9e,95,eb,78,15,9d,0d,f0,52,42,90,bd,
53,0a,e3,00,b4,1c,49,91,1e,04,de,f8,f4,c8,44,40,73,46,30,87,76,1c,7b,a9,19,\
"??"=hex:72,ef,cb,f5,29,a2,69,2d,86,bf,b4,a5,52,fe,53,f6
.
[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\SecuROM\License information*]
"datasecu"=hex:f9,6b,98,d9,0b,11,16,09,96,79,da,f7,ec,f3,d8,e7,8f,78,0d,eb,75,
11,cd,63,31,d0,1a,c9,47,bb,41,65,78,5c,0a,35,ec,45,2c,c8,5c,cb,ff,e9,0a,da,\
"rkeysecu"=hex:17,25,b9,75,ca,61,49,35,79,c3,11,51,05,be,89,f5
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Cop Hummer H3 Mod]
"Install Dir"="c:\\Documents and Settings\\Sett\\Plocha\\NFS\\Need For Speed - Most Wanted"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1108)
c:\windows\system32\CLBCATQ.DLL
.
- - - - - - - > 'explorer.exe'(1368)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\RTHDCPL.EXE
c:\program files\Gaming Keyboard\OSD.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
c:\program files\Sony\Sony PC Companion\Drivers\DPInst.exe
.
**************************************************************************
.
Celkový čas: 2014-04-28 13:32:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-28 11:32
.
Před spuštěním: Volných bajtů: 26 196 713 472
Po spuštění: Volných bajtů: 26 366 242 816
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 222D93CF5EE623FE4CAA9738E93B3E7B
413FC2A0C716421B3158746D63736515
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pekelně zpomalený PC

#17 Příspěvek od Márty84 »

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe ARM"=-

Regnull::
[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Firefox::
FF - ProfilePath - c:\documents and settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

Driver::
Skype C2C Service
SkypeUpdate

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#18 Příspěvek od Caswalon »

ComboFix 14-04-26.01 - Sett 28.04.2014 18:29:50.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2273 [GMT 2:00]
Spuštěný z: c:\documents and settings\Sett\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Sett\Plocha\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Legacy_SKYPE_C2C_SERVICE
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-28 do 2014-04-28 )))))))))))))))))))))))))))))))
.
.
2014-04-28 11:32 . 2014-04-28 11:32 -------- d-----w- c:\windows\LastGood.Tmp
2014-04-27 08:40 . 2014-04-27 08:40 -------- d-----w- c:\documents and settings\Sett\Data aplikací\Malwarebytes
2014-04-27 08:39 . 2014-04-27 08:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-04-26 22:41 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-04-26 21:22 . 2014-04-26 21:26 -------- d-----w- c:\program files\trend micro
2014-04-26 21:22 . 2014-04-26 21:26 -------- d-----w- C:\rsit
2014-04-19 23:27 . 2014-04-19 23:29 -------- d-----w- c:\documents and settings\Sett\Data aplikací\deluge
2014-04-07 19:22 . 2014-04-07 19:22 -------- d-----w- c:\documents and settings\Sett\Data aplikací\Awesomium
2014-04-07 19:21 . 2014-04-07 19:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hi-Rez Studios
2014-04-06 00:31 . 2013-06-28 09:44 27776 ----a-w- c:\windows\system32\drivers\lgandnetmodem.sys
2014-04-06 00:31 . 2013-04-18 14:09 23168 ----a-w- c:\windows\system32\drivers\lgandnetdiag.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-18 13:02 . 2011-12-23 11:32 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 14:11 . 2010-11-12 12:19 211224 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-03-31 14:11 . 2010-09-07 02:48 108312 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2014-03-27 20:15 . 2010-12-08 03:12 193304 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-03-27 20:14 . 2013-08-01 14:06 123160 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-03-27 20:04 . 2012-04-19 02:50 150296 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-03-27 20:04 . 2013-02-08 02:37 238872 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-03-27 20:03 . 2010-09-07 02:48 28440 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-03-27 20:03 . 2011-12-23 11:32 22296 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-03-21 15:57 . 2014-01-30 11:42 42272 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2014-03-12 13:33 . 2012-04-08 17:17 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 13:33 . 2012-03-14 05:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 13:33 . 2014-02-21 16:33 5777288 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-02-07 17:24 . 2014-02-07 16:43 94336 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-26 19522592]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-04-06 5180432]
"VICTORY Gaming Keyboard"="c:\program files\Gaming Keyboard\Monitor.exe" [2013-04-09 270336]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"Printsrv"="c:\windows\System32\Printing_Admin_Scripts\en-US\drvupd.vbs" [2014-01-11 579]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Garena Messenger\\Room\\garena_room.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\Sett\\Plocha\\NFS\\Need For Speed - Most Wanted\\Speed.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Games\\Warcraft III\\Warcraft III.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Games\\Northland\\Game.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Documents and Settings\\Sett\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Garena Messenger\\ggdllhost.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"58090:TCP"= 58090:TCP:Pando Media Booster
"58090:UDP"= 58090:UDP:Pando Media Booster
"58866:TCP"= 58866:TCP:Pando Media Booster
"58866:UDP"= 58866:UDP:Pando Media Booster
"22:TCP"= 22:TCP:192.168.0.120/255.255.255.255:Enabled:Sivi_PC
"57267:TCP"= 57267:TCP:Pando Media Booster
"57267:UDP"= 57267:UDP:Pando Media Booster
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 150296]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [8.2.2013 4:37 238872]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7.9.2010 4:48 28440]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [1.8.2013 16:06 123160]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 199960]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 22296]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8.12.2010 5:12 193304]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [12.11.2010 14:19 211224]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30.1.2014 13:42 42272]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [30.10.2013 12:34 203024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [30.10.2013 12:34 103696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [18.4.2014 15:22 3645456]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [27.3.2014 22:10 291912]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\games\SMITE\HiPatchService.exe [7.4.2014 21:21 9216]
R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [15.7.2007 4:37 27992]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [4.3.2013 23:06 3560800]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.4.2013 15:11 242240]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28.4.2011 21:19 44032]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [15.10.2013 14:42 126224]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [28.4.2011 21:17 1691480]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\drivers\lgandnetdiag.sys [6.4.2014 2:31 23168]
S3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\drivers\lgandnetmodem.sys [6.4.2014 2:31 27776]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [21.6.2012 20:41 112640]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2.8.2012 12:55 12400]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena Messenger\Room\safedrv.sys --> c:\program files\Garena Messenger\Room\safedrv.sys [?]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [7.8.2012 9:37 100480]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [7.2.2014 18:43 94336]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2.8.2012 12:53 155824]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [10.5.2013 21:52 25088]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [15.10.2013 14:42 114960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-26 03:19 1078088 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 13:33]
.
2014-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 13:54]
.
2014-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 13:54]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.10.10.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-28 18:47
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\N*e*e*d* *F*o*r* *S*p*e*e*d* *W*o*r*l*d* *S*i*t*e*"!\NFS Most Wanted Cop Hummer H3 Mod]
"Install Dir"="c:\\Documents and Settings\\Sett\\Plocha\\NFS\\Need For Speed - Most Wanted"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2672)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\PnkBstrA.exe
c:\program files\Gaming Keyboard\OSD.exe
c:\windows\System32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2014-04-28 18:49:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-28 16:49
ComboFix2.txt 2014-04-28 11:32
.
Před spuštěním: Volných bajtů: 26 685 292 544
Po spuštění: Volných bajtů: 26 700 283 904
.
- - End Of File - - 7AFD1F387EA47DB581147477F712D0CF
413FC2A0C716421B3158746D63736515
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pekelně zpomalený PC

#19 Příspěvek od Márty84 »

Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#20 Příspěvek od Caswalon »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sett at 2014-04-29 11:20:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 40 GB (17%) free of 238 GB
Total RAM: 3070 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:17, on 29.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Games\SMITE\HiPatchService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Gaming Keyboard\Monitor.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Gaming Keyboard\OSD.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Sett\Plocha\RSIT.exe
C:\Program Files\trend micro\Sett.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\drvupd.vbs
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Games\SMITE\HiPatchService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 6504 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281

prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - ""

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.0.5.292


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files\Garena Messenger\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-03-26 19522592]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-04-06 5180432]
"VICTORY Gaming Keyboard"=C:\Program Files\Gaming Keyboard\Monitor.exe [2013-04-09 270336]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\drvupd.vbs [2014-01-11 579]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
C:\Program Files\GamersFirst\LIVE!\Live.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Garena Messenger\Room\garena_room.exe"="C:\Program Files\Garena Messenger\Room\garena_room.exe:*:Enabled:Garena"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Sett\Plocha\NFS\Need For Speed - Most Wanted\Speed.exe"="C:\Documents and Settings\Sett\Plocha\NFS\Need For Speed - Most Wanted\Speed.exe:*:Enabled:Speed"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Games\Warcraft III\Warcraft III.exe"="C:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Games\Northland\Game.exe"="C:\Games\Northland\Game.exe:*:Enabled:Cultures"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"
"C:\Documents and Settings\Sett\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Sett\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Garena Messenger\ggdllhost.exe"="C:\Program Files\Garena Messenger\ggdllhost.exe:*:Enabled:ggdllhost"
"C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe"="C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3.5"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Dragon Age 2\bin_ship\DragonAge2.exe"="C:\Program Files\Dragon Age 2\bin_ship\DragonAge2.exe:*:Enabled:Dragon Age II"
"C:\Program Files\Dragon Age 2\DragonAge2Launcher.exe"="C:\Program Files\Dragon Age 2\DragonAge2Launcher.exe:*:Enabled:Dragon Age II Launcher"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=C:\WINDOWS\system32\ir32_32.dll
"vidc.iv32"=C:\WINDOWS\system32\ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2014-04-28 18:49:23 ----A---- C:\ComboFix.txt
2014-04-28 18:36:40 ----D---- C:\WINDOWS\temp
2014-04-28 13:16:26 ----A---- C:\Boot.bak
2014-04-28 13:16:21 ----RASHD---- C:\cmdcons
2014-04-28 13:14:45 ----A---- C:\WINDOWS\zip.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\SWSC.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\SWREG.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\sed.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\PEV.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\NIRCMD.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\MBR.exe
2014-04-28 13:14:45 ----A---- C:\WINDOWS\grep.exe
2014-04-28 13:14:38 ----D---- C:\Qoobox
2014-04-28 13:14:25 ----D---- C:\WINDOWS\erdnt
2014-04-27 15:44:33 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-27 10:40:01 ----D---- C:\Documents and Settings\Sett\Data aplikací\Malwarebytes
2014-04-27 10:39:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-04-27 00:41:08 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-04-26 23:22:33 ----D---- C:\Program Files\trend micro
2014-04-26 23:22:32 ----D---- C:\rsit
2014-04-20 01:27:06 ----D---- C:\Documents and Settings\Sett\Data aplikací\deluge
2014-04-07 21:22:21 ----D---- C:\Documents and Settings\Sett\Data aplikací\Awesomium
2014-04-07 21:21:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hi-Rez Studios
2014-04-06 02:31:23 ----A---- C:\WINDOWS\system32\drivers\lgandnetmodem.sys
2014-04-06 02:31:22 ----A---- C:\WINDOWS\system32\drivers\lgandnetdiag.sys

======List of files/folders modified in the last 1 month======

2014-04-29 11:19:31 ----D---- C:\Documents and Settings\Sett\Data aplikací\Skype
2014-04-29 10:33:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-04-29 09:41:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-04-28 23:35:01 ----D---- C:\WINDOWS\Prefetch
2014-04-28 18:50:19 ----SHD---- C:\WINDOWS\Installer
2014-04-28 18:50:19 ----D---- C:\Config.Msi
2014-04-28 18:49:45 ----D---- C:\WINDOWS\system32\CatRoot2
2014-04-28 18:49:25 ----AD---- C:\WINDOWS\system32\drivers
2014-04-28 18:47:02 ----D---- C:\WINDOWS
2014-04-28 18:46:41 ----A---- C:\WINDOWS\system.ini
2014-04-28 18:45:52 ----D---- C:\WINDOWS\system32\drivers\etc
2014-04-28 18:36:56 ----D---- C:\WINDOWS\system32\config
2014-04-28 18:35:09 ----D---- C:\WINDOWS\AppPatch
2014-04-28 18:35:09 ----AD---- C:\WINDOWS\system32
2014-04-28 18:35:06 ----D---- C:\Program Files\Common Files
2014-04-28 13:32:49 ----HD---- C:\WINDOWS\inf
2014-04-28 13:32:44 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-04-28 13:31:54 ----SD---- C:\WINDOWS\Tasks
2014-04-28 13:30:05 ----HD---- C:\Program Files\InstallShield Installation Information
2014-04-28 13:26:34 ----SHD---- C:\System Volume Information
2014-04-28 13:26:34 ----D---- C:\WINDOWS\system32\Restore
2014-04-28 13:22:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-04-28 13:16:26 ----RASH---- C:\boot.ini
2014-04-27 19:53:30 ----RD---- C:\Program Files
2014-04-27 15:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-04-27 15:40:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
2014-04-27 15:40:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\eSafe
2014-04-27 15:40:55 ----D---- C:\Documents and Settings\Sett\Data aplikací\Omiga Plus
2014-04-27 00:52:52 ----D---- C:\AdwCleaner
2014-04-27 00:52:28 ----D---- C:\Documents and Settings\Sett\Data aplikací\Desk 365
2014-04-26 01:04:19 ----D---- C:\Games
2014-04-25 19:27:51 ----D---- C:\Documents and Settings\Sett\Data aplikací\DAEMON Tools Lite
2014-04-25 19:27:50 ----D---- C:\Documents and Settings\Sett\Data aplikací\uTorrent
2014-04-25 19:27:42 ----D---- C:\WINDOWS\Logs
2014-04-25 18:29:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2014
2014-04-24 15:48:37 ----D---- C:\Documents and Settings\Sett\Data aplikací\vlc
2014-04-20 20:39:38 ----A---- C:\WINDOWS\NeroDigital.ini
2014-04-19 06:33:21 ----D---- C:\Crash
2014-04-16 18:33:29 ----D---- C:\WINDOWS\system32\DirectX
2014-04-06 02:31:29 ----D---- C:\Program Files\LG Electronics
2014-04-04 22:23:32 ----A---- C:\WINDOWS\BlendSettings.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-03-27 150296]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-03-27 238872]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-03-31 108312]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-03-27 28440]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-03-27 123160]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2014-04-18 199960]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-03-27 22296]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-03-27 193304]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-03-31 211224]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2013-10-15 203024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2013-10-15 103696]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 PStrip;PStrip; C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 27992]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-04-23 242240]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-26 5883936]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2012-02-09 13415040]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2013-10-15 126224]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [2013-04-18 23168]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [2013-06-28 27776]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 atirage3;atirage3; C:\WINDOWS\System32\DRIVERS\atimpae.sys [2001-10-24 75136]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2009-07-23 112640]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2012-08-02 12400]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Messenger\Room\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2012-08-02 25200]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-25 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-25 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-25 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102528]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys [2009-07-23 100480]
S3 IT9135BDA;IT9135 BDA Devices; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [2014-02-07 94336]
S3 mbr;mbr; \??\C:\DOCUME~1\Sett\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2012-11-28 25088]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2013-10-15 114960]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Sony sa0102 ADB Interface; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-04-18 3645456]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-03-27 291912]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Games\SMITE\HiPatchService.exe [2014-02-28 9216]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-03-31 76888]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-26 136176]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-04-26 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-29 119408]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pekelně zpomalený PC

#21 Příspěvek od Márty84 »

Jeste jeden sken a budem mazat.


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#22 Příspěvek od Caswalon »

Extras.txt

OTL Extras logfile created on: 30.4.2014 12:13:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sett\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,77% Memory free
4,84 Gb Paging File | 3,89 Gb Available in Paging File | 80,46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 39,26 Gb Free Space | 16,86% Space Free | Partition Type: NTFS

Computer Name: RODINA | User Name: Sett | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"58090:TCP" = 58090:TCP:*:Enabled:Pando Media Booster
"58090:UDP" = 58090:UDP:*:Enabled:Pando Media Booster
"58866:TCP" = 58866:TCP:*:Enabled:Pando Media Booster
"58866:UDP" = 58866:UDP:*:Enabled:Pando Media Booster
"57267:TCP" = 57267:TCP:*:Enabled:Pando Media Booster
"57267:UDP" = 57267:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"58090:TCP" = 58090:TCP:*:Enabled:Pando Media Booster
"58090:UDP" = 58090:UDP:*:Enabled:Pando Media Booster
"58866:TCP" = 58866:TCP:*:Enabled:Pando Media Booster
"58866:UDP" = 58866:UDP:*:Enabled:Pando Media Booster
"22:TCP" = 22:TCP:192.168.0.120/255.255.255.255:Enabled:Sivi_PC
"57267:TCP" = 57267:TCP:*:Enabled:Pando Media Booster
"57267:UDP" = 57267:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Dragon Age 2\bin_ship\DragonAge2.exe" = C:\Program Files\Dragon Age 2\bin_ship\DragonAge2.exe:*:Enabled:Dragon Age II
"C:\Program Files\Dragon Age 2\DragonAge2Launcher.exe" = C:\Program Files\Dragon Age 2\DragonAge2Launcher.exe:*:Enabled:Dragon Age II Launcher

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Garena Messenger\Room\garena_room.exe" = C:\Program Files\Garena Messenger\Room\garena_room.exe:*:Enabled:Garena -- ()
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\Sett\Plocha\NFS\Need For Speed - Most Wanted\Speed.exe" = C:\Documents and Settings\Sett\Plocha\NFS\Need For Speed - Most Wanted\Speed.exe:*:Enabled:Speed -- ()
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Games\Warcraft III\Warcraft III.exe" = C:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Java\jre7\bin\java.exe" = C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Games\Northland\Game.exe" = C:\Games\Northland\Game.exe:*:Enabled:Cultures -- (Funatics Software GmbH)
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
"C:\Documents and Settings\Sett\Data aplikací\uTorrent\uTorrent.exe" = C:\Documents and Settings\Sett\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Garena Messenger\ggdllhost.exe" = C:\Program Files\Garena Messenger\ggdllhost.exe:*:Enabled:ggdllhost -- ()
"C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe" = C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3.5 -- (ArcSoft, Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgemcx.exe" = C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{10B43A43-FF73-47FD-83E8-A503E84F9ED6}" = OpenOffice.org 3.3
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2F9DA9-F762-491A-9651-94C09FE9668D}" = AVG 2014
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B97ADB7-3DA1-4964-BC10-68384BA6A66F}" = AVG 2014
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7F1AD376-F6A0-4C2D-B93B-6FECC45620D2}" = AVG 2014
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49D02BB-44C2-BD30-17FA-A60C6F6601DD}_is1" = gta-san-andreas-crack version for Windows
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}" = Gaming Keyboard Driver
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver 11.0 03
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E7F59211-0E74-4228-B1D8-4ADEAD001F07}" = Oracle VM VirtualBox 4.3.0
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.3.1.2614)
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.197
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Any Video Converter_is1" = Any Video Converter 3.5.7
"AVG" = AVG 2014
"Axxin Wow Logo Creator" = Axxin Wow Logo Creator
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"GCFScape_is1" = GCFScape 1.7.5
"Google Chrome" = Google Chrome
"im" = Garena Plus
"League of Legends 3.0.1" = League of Legends
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Notepad++" = Notepad++
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Registrace uživatele zařízení Canon MP250 series" = Registrace uživatele zařízení Canon MP250 series
"Sierra Utilities" = Sierra Utilities
"SpellForce" = SpellForce
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"Update Engine" = Sony Ericsson Update Engine
"VentriloMIX" = VentriloMIX
"VLC media player" = VLC media player 2.1.2
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"76f4758ca7e15dc6" = MusicJet
"ce2965ae71956536" = PerfectSphere
"SOE-C:/Documents and Settings/Sett/Data aplikacĂ­/Sony Online Entertainment/ApplicationUpdater" = applicationupdater
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.4.2014 14:38:34 | Computer Name = RODINA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace notepad.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.4.2014 3:58:05 | Computer Name = RODINA | Source = MsiInstaller | ID = 11706
Description = SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2014 -- Chyba
1706. SA_Error1706: StandardAction(0xC00706AA): Instalační balík produktu AVG 2014
nelze nalézt. Zkuste provést instalaci znovu za použití platné kopie instalačního
balíčku 'Avgx86.msi'.

Error - 25.4.2014 12:03:08 | Computer Name = RODINA | Source = MsiInstaller | ID = 1013
Description = Product: Skype Click to Call -- Installation cannot proceed on this
operating system.

Error - 26.4.2014 17:24:45 | Computer Name = RODINA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace RSIT.exe, verze 3.3.6.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.4.2014 13:53:23 | Computer Name = RODINA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace _iu14D2N.tmp, verze 51.52.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.4.2014 7:46:07 | Computer Name = RODINA | Source = Application Error | ID = 1000
Description = Chybující aplikace skype.exe, verze 6.11.0.102, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00012afb.

[ System Events ]
Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba ArcSoft Connect Daemon byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba Sony PC Companion byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba Adaptér výkonu služby WMI byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba Hi-Rez Studios Authenticate and Update Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7031
Description = Služba TeamViewer 8 byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7031
Description = Služba AVG WatchDog byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error - 28.4.2014 12:29:47 | Computer Name = RODINA | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.


< End of report >
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#23 Příspěvek od Caswalon »

OTL.txt

OTL logfile created on: 30.4.2014 12:13:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sett\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,77% Memory free
4,84 Gb Paging File | 3,89 Gb Available in Paging File | 80,46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 39,26 Gb Free Space | 16,86% Space Free | Partition Type: NTFS

Computer Name: RODINA | User Name: Sett | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.04.30 12:11:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sett\Plocha\OTL.exe
PRC - [2014.04.18 15:22:28 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2014.04.06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014.03.29 13:03:59 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.03.27 22:16:32 | 000,854,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2014.03.27 22:15:24 | 000,886,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2014.03.27 22:13:02 | 000,650,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2014.03.27 22:11:40 | 000,669,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2014.03.27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.02.28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) -- C:\Games\SMITE\HiPatchService.exe
PRC - [2013.12.18 22:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.04.09 13:13:44 | 000,270,336 | ---- | M] () -- C:\Program Files\Gaming Keyboard\Monitor.EXE
PRC - [2013.02.26 14:23:13 | 003,560,800 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.01.09 12:47:00 | 000,151,552 | ---- | M] () -- C:\Program Files\Gaming Keyboard\OSD.exe
PRC - [2012.04.26 23:06:16 | 001,609,728 | ---- | M] (Don HO don.h@free.fr) -- C:\Program Files\Notepad++\notepad++.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.10.19 04:12:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2014.03.29 13:03:57 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.12.18 07:22:30 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\2c710b9258a1566c10b04be27d9cc2e5\System.ServiceProcess.ni.dll
MOD - [2013.12.18 07:22:16 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
MOD - [2013.12.18 07:22:10 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
MOD - [2013.12.18 07:20:46 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\c6ff952d4f4a03514a1fea252cffc694\System.Configuration.ni.dll
MOD - [2013.12.18 07:18:14 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2013.12.18 07:16:55 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2013.08.10 21:08:05 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2013.08.10 21:08:02 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2013.08.10 21:07:59 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2013.04.09 13:13:44 | 000,270,336 | ---- | M] () -- C:\Program Files\Gaming Keyboard\Monitor.EXE
MOD - [2013.01.09 12:47:00 | 000,151,552 | ---- | M] () -- C:\Program Files\Gaming Keyboard\OSD.exe
MOD - [2012.11.05 09:37:28 | 000,061,440 | ---- | M] () -- C:\Program Files\Gaming Keyboard\hiddriver.dll
MOD - [2012.11.05 09:09:48 | 000,057,344 | ---- | M] () -- C:\Program Files\Gaming Keyboard\lan.dll
MOD - [2011.11.03 07:21:02 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.09.21 22:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files\Notepad++\plugins\NppFTP.dll
MOD - [2011.07.18 23:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files\Notepad++\plugins\NppExport.dll
MOD - [2011.07.18 23:04:08 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2010.08.26 01:12:26 | 000,555,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2010.04.11 19:48:06 | 000,327,680 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.03.15 12:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 09:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - [2014.04.29 12:39:47 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.18 15:22:28 | 003,645,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.03.29 13:03:58 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.02.28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Games\SMITE\HiPatchService.exe -- (HiPatchService)
SRV - [2013.12.18 22:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.26 14:23:13 | 003,560,800 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Sett\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Messenger\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2014.04.18 15:02:04 | 000,199,960 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014.03.31 16:11:58 | 000,211,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014.03.31 16:11:50 | 000,108,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014.03.27 22:15:18 | 000,193,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014.03.27 22:14:40 | 000,123,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014.03.27 22:04:22 | 000,150,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014.03.27 22:04:02 | 000,238,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014.03.27 22:03:22 | 000,028,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014.03.27 22:03:20 | 000,022,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2014.03.21 17:57:53 | 000,042,272 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2014.02.07 19:24:21 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2013.10.15 14:44:02 | 000,203,024 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2013.10.15 14:42:54 | 000,126,224 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2013.10.15 14:42:54 | 000,114,960 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2013.10.15 14:42:54 | 000,103,696 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2013.06.28 11:44:00 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2013.04.23 08:39:11 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013.04.18 16:09:22 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2012.11.28 19:49:00 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2012.08.02 12:55:19 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.02 12:55:19 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.03.26 12:21:26 | 005,883,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.11.18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.07.27 09:09:52 | 000,044,032 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009.07.23 11:57:22 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 11:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 11:57:22 | 000,100,480 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.07.13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.04.14 01:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2007.07.15 04:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pstrip.sys -- (PStrip)
DRV - [2007.06.25 10:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus)
DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2001.10.25 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.10.25 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001.10.24 12:46:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{9570B6A2-C5E3-40F2-B6A0-1F19BD1A85F2}: "URL" = http://www.toggle.com/en/index.php?rvs=google


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchT ... 6F6537B623
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... A2526F39D2
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{9570B6A2-C5E3-40F2-B6A0-1F19BD1A85F2}: "URL" = http://www.toggle.com/en/index.php?rvs=google
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={FEA ... 2014-02-08 18:37:36&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2790392
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files\Garena Messenger\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.0.5.292 [2014.03.21 17:58:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.03.29 13:03:39 | 000,000,000 | ---D | M]

[2011.01.16 22:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sett\Data aplikací\Mozilla\Extensions
[2014.03.21 16:51:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\extensions
[2013.11.08 17:11:37 | 000,001,907 | ---- | M] () (No name found) -- C:\Documents and Settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\extensions\{b6b1a201-b252-484f-b9fe-68efbb273fbd}.xpi
[2014.02.27 00:11:39 | 000,957,290 | ---- | M] () (No name found) -- C:\Documents and Settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.03.29 13:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014.03.29 13:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.29 13:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.03.29 13:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.29 13:04:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledávánĂ­ Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: VyhledávánĂ­ Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Sett\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.04.28 18:45:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Printsrv] C:\WINDOWS\system32\Printing_Admin_Scripts\en-US\drvupd.vbs ()
O4 - HKLM..\Run: [VICTORY Gaming Keyboard] C:\Program Files\Gaming Keyboard\Monitor.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: ([]msn in Tento počítač)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: clonewarsadventures.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: freerealms.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: soe.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: sony.com ([]* in Důvěryhodné servery)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B926852-046A-45C7-B999-58CC9C7A4135}: DhcpNameServer = 10.10.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9206D5B5-DD99-4A2E-99E9-E76F0E8BF7C6}: DhcpNameServer = 94.229.92.40 94.229.92.47
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sett\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sett\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.10 22:15:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\system32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\system32\ir32_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.04.30 12:11:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sett\Plocha\OTL.exe
[2014.04.28 18:36:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.04.28 13:16:21 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.04.28 13:14:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.04.28 13:14:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.04.28 13:14:45 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.04.28 13:14:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.04.28 13:14:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.04.28 13:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.04.28 13:12:20 | 005,196,309 | R--- | C] (Swearware) -- C:\Documents and Settings\Sett\Plocha\ComboFix.exe
[2014.04.27 19:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sett\Plocha\RK_Quarantine
[2014.04.27 10:40:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sett\Data aplikací\Malwarebytes
[2014.04.27 10:39:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.04.27 00:41:08 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\System32\sqlite3.dll
[2014.04.26 23:22:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.04.26 23:22:32 | 000,000,000 | ---D | C] -- C:\rsit
[2014.04.25 19:27:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sett\Recent
[2014.04.20 01:27:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sett\Data aplikací\deluge
[2014.04.07 21:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sett\Data aplikací\Awesomium
[2014.04.07 21:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Hi-Rez Studios
[2014.04.07 21:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Hi-Rez Studios
[2014.04.07 21:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2014.04.06 02:31:23 | 000,027,776 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandnetmodem.sys
[2014.04.06 02:31:22 | 000,023,168 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgandnetdiag.sys
[2014.04.01 09:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.04.30 12:14:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.04.30 12:11:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sett\Plocha\OTL.exe
[2014.04.30 11:33:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.04.30 11:19:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.04.30 04:19:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.04.29 12:39:47 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.04.29 12:39:47 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014.04.29 12:39:45 | 017,931,952 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2014.04.28 18:54:27 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2014.04.28 18:45:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.04.28 18:45:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.04.28 13:30:38 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Sony PC Companion 2.1.lnk
[2014.04.28 13:16:26 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014.04.28 13:12:36 | 005,196,309 | R--- | M] (Swearware) -- C:\Documents and Settings\Sett\Plocha\ComboFix.exe
[2014.04.27 19:50:19 | 003,972,608 | ---- | M] () -- C:\Documents and Settings\Sett\Plocha\RogueKiller.exe
[2014.04.27 15:49:27 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Sett\Plocha\Cata.exe.lnk
[2014.04.27 15:44:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.04.27 15:44:33 | 000,143,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.04.27 00:39:26 | 001,329,501 | ---- | M] () -- C:\Documents and Settings\Sett\Plocha\adwcleaner(1).exe
[2014.04.26 23:20:47 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Sett\Plocha\RSIT.exe
[2014.04.26 05:22:35 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.04.25 09:55:02 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 2014.lnk
[2014.04.20 20:39:38 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014.04.20 20:39:37 | 000,089,088 | ---- | M] () -- C:\Documents and Settings\Sett\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.04.20 16:29:26 | 000,003,744 | ---- | M] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2014.04.20 01:29:55 | 000,002,602 | ---- | M] () -- C:\Documents and Settings\Sett\Local Settings\Data aplikací\recently-used.xbel
[2014.04.18 15:02:04 | 000,199,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys
[2014.04.07 22:05:06 | 000,001,713 | ---- | M] () -- C:\Documents and Settings\Sett\Plocha\SpellForce - Platinum Edition.lnk
[2014.04.07 21:21:26 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Hi-Rez Diagnostics and Support.lnk
[2014.04.07 21:21:26 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Smite.lnk
[2014.04.04 22:23:32 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2014.03.31 16:11:58 | 000,211,224 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2014.03.31 16:11:50 | 000,108,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.04.30 12:14:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.04.28 13:16:26 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2014.04.28 13:16:21 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2014.04.28 13:14:45 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.04.28 13:14:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.04.28 13:14:45 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.04.28 13:14:45 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.04.28 13:14:45 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014.04.27 19:50:09 | 003,972,608 | ---- | C] () -- C:\Documents and Settings\Sett\Plocha\RogueKiller.exe
[2014.04.27 15:49:27 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Sett\Plocha\Cata.exe.lnk
[2014.04.27 15:44:33 | 000,143,312 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.04.27 00:39:23 | 001,329,501 | ---- | C] () -- C:\Documents and Settings\Sett\Plocha\adwcleaner(1).exe
[2014.04.26 23:20:45 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Sett\Plocha\RSIT.exe
[2014.04.20 01:29:55 | 000,002,602 | ---- | C] () -- C:\Documents and Settings\Sett\Local Settings\Data aplikací\recently-used.xbel
[2014.04.07 22:05:06 | 000,001,713 | ---- | C] () -- C:\Documents and Settings\Sett\Plocha\SpellForce - Platinum Edition.lnk
[2014.04.07 21:21:26 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Hi-Rez Diagnostics and Support.lnk
[2014.04.07 21:21:26 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Smite.lnk
[2014.03.25 13:45:35 | 000,279,955 | ---- | C] () -- C:\WINDOWS\libidn-11.dll
[2014.03.25 13:45:35 | 000,183,382 | ---- | C] () -- C:\WINDOWS\librtmp.dll
[2014.03.25 13:45:35 | 000,084,992 | ---- | C] () -- C:\WINDOWS\zlib1.dll
[2014.02.25 01:03:09 | 000,000,424 | ---- | C] () -- C:\WINDOWS\level.ini
[2014.02.22 01:26:38 | 000,000,120 | ---- | C] () -- C:\Program Files\CR8TRA~1info.cfg
[2014.01.30 13:41:18 | 000,003,744 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013.12.24 20:03:25 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2013.12.24 20:03:22 | 000,000,350 | R--- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2013.10.23 19:06:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2013.10.23 16:48:09 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2013.06.09 12:16:27 | 000,085,009 | ---- | C] () -- C:\Documents and Settings\Sett\Hck.mmt
[2013.05.21 19:56:00 | 000,000,096 | ---- | C] () -- C:\Documents and Settings\Sett\Data aplikací\launcher_settings.ini
[2013.04.28 08:40:59 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Sett\Local Settings\Data aplikací\fusioncache.dat
[2013.03.11 16:10:09 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Sett\Local Settings\Data aplikací\PUTTY.RND
[2012.06.15 22:01:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\Cuninst.exe
[2012.01.02 16:29:01 | 000,138,904 | ---- | C] () -- C:\Documents and Settings\Sett\Data aplikací\PnkBstrK.sys
[2011.12.10 23:59:50 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\Sett\Data aplikací\room_v3.dat
[2011.10.10 00:37:26 | 001,217,586 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1715567821-308236825-1801674531-1003-0.dat
[2011.10.10 00:37:26 | 000,156,546 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2011.02.13 22:11:00 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Sett\default.pls
[2011.01.23 16:14:15 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Sett\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.18 01:14:45 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Sett\Data aplikací\mainhst.zgh

========== ZeroAccess Check ==========

[2011.01.27 23:59:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.11.01 22:36:07 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 09:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.09.05 14:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ask
[2013.10.25 18:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.03.15 21:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar
[2014.03.02 22:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[2014.01.30 13:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2013.10.02 15:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2013
[2014.04.25 18:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2011.09.04 21:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Babylon
[2011.12.23 12:35:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.11.23 13:26:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2011.01.18 17:57:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.05.20 09:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.11.01 16:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2011.11.01 16:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2014.04.27 15:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\eSafe
[2013.12.09 00:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
[2014.04.07 21:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Hi-Rez Studios
[2012.12.02 10:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2014.04.30 09:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.11.04 20:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[2011.11.01 14:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2011.11.01 18:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2012.08.02 12:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2013.10.29 23:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Steam
[2014.04.27 15:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[2013.07.19 11:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
[2013.04.30 15:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Turbine
[2012.06.21 20:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2013.10.25 18:33:41 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.01.31 09:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2013.10.26 18:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2012.06.21 20:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2014.03.26 20:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\.minecraft
[2014.03.25 15:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\.technic
[2012.11.19 23:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\AnvSoft
[2013.10.25 18:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\AVG
[2014.01.08 23:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\AVG2014
[2014.04.07 21:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Awesomium
[2012.09.03 09:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\BitTorrent
[2012.11.23 13:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Canon
[2013.05.11 13:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\CorsixTH
[2014.04.25 19:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\DAEMON Tools Lite
[2014.04.20 01:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\deluge
[2014.04.27 00:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Desk 365
[2013.11.04 20:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\DriverCure
[2013.08.10 12:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\eIntaller
[2012.10.09 16:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ERS G-Studio
[2013.08.16 16:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\eUpdate
[2013.03.15 22:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\FontCreator
[2014.03.28 20:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ftblauncher
[2013.12.09 00:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\GarenaPlus
[2011.10.21 22:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\GetRightToGo
[2014.02.06 20:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\gtk-2.0
[2014.01.08 23:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\iSafe
[2013.05.02 21:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\LanViewer
[2012.10.19 17:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\LolClient
[2012.06.21 06:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\LOVE
[2011.09.12 18:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Mumble
[2012.07.06 16:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Notepad++
[2014.04.27 15:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Omiga Plus
[2011.12.27 13:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\OpenOffice.org
[2012.06.08 20:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Oracle
[2013.11.04 20:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ParetoLogic
[2012.05.20 15:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Red Alert 3
[2013.11.23 21:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Riot Games
[2013.08.10 21:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\SGP Systems
[2012.12.01 22:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment
[2013.03.28 21:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\stetic
[2013.03.06 21:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TeamViewer
[2013.05.03 05:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TERA
[2013.08.28 16:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TS3Client
[2013.06.28 09:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TuneUp Software
[2011.01.18 16:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Uniblue
[2014.04.25 19:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\uTorrent
[2012.06.21 20:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Vodafone
[2013.08.10 12:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\WinZipper
[2011.01.18 01:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ZipGenius

========== Purity Check ==========



========== Custom Scans ==========

< >
[2011.01.10 22:11:40 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.01.10 22:15:25 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.04.08 19:17:37 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.04.26 15:54:51 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.26 15:54:51 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: AHCIX86.SYS >
[2007.12.19 21:43:54 | 000,171,024 | ---- | M] (AMD Technologies Inc.) MD5=1A54B47E4439C67C8B040BFCA3F292B9 -- C:\ATI\SUPPORT\8-4_xp32_dd_ccc_wdm_enu_60999\SBDrv\RAID7xx\x86\ahcix86.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 03:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2002.09.20 20:05:14 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=82CD2AA659D68781D29BA87421BE0E40 -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2002.08.29 03:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2002.09.20 20:03:40 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 20:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2002.09.20 20:05:24 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2002.08.29 03:05:04 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2002.09.20 20:05:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002.08.29 04:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.20 20:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2002.09.20 20:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2002.09.20 20:05:44 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2001.10.25 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2002.08.29 03:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2002.09.20 20:05:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2002.09.20 20:05:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2001.10.25 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[33 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Avg2013\log\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Avg2013\log\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2014.04.07 21:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hi-Rez Studios

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

...
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#24 Příspěvek od Caswalon »

...

< %APPDATA%\*. >
[2014.03.26 20:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\.minecraft
[2014.03.25 15:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\.technic
[2011.02.25 21:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Adobe
[2014.01.20 21:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Ahead
[2012.11.19 23:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\AnvSoft
[2014.02.07 19:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ArcSoft
[2013.10.25 18:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\AVG
[2014.01.08 23:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\AVG2014
[2014.04.07 21:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Awesomium
[2012.09.03 09:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\BitTorrent
[2012.11.23 13:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Canon
[2013.05.11 13:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\CorsixTH
[2014.04.25 19:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\DAEMON Tools Lite
[2014.04.20 01:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\deluge
[2014.04.27 00:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Desk 365
[2013.11.04 20:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\DriverCure
[2013.08.10 12:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\eIntaller
[2012.10.09 16:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ERS G-Studio
[2013.08.16 16:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\eUpdate
[2013.03.15 22:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\FontCreator
[2014.03.28 20:35:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ftblauncher
[2013.12.09 00:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\GarenaPlus
[2011.10.21 22:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\GetRightToGo
[2012.06.08 20:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Google
[2014.02.06 20:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\gtk-2.0
[2011.01.10 22:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Identities
[2013.12.20 23:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\InstallShield
[2014.01.08 23:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\iSafe
[2013.05.02 21:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\LanViewer
[2012.10.19 17:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\LolClient
[2012.06.21 06:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\LOVE
[2011.01.17 23:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Macromedia
[2014.04.27 10:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Malwarebytes
[2013.11.22 16:40:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Sett\Data aplikací\Microsoft
[2011.01.16 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Mozilla
[2011.10.23 19:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\MSN6
[2011.09.12 18:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Mumble
[2012.07.06 16:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Notepad++
[2012.11.03 16:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\NVIDIA
[2014.04.27 15:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Omiga Plus
[2011.12.27 13:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\OpenOffice.org
[2012.06.08 20:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Oracle
[2013.11.04 20:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ParetoLogic
[2012.11.29 06:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\RealVNC
[2012.05.20 15:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Red Alert 3
[2013.11.23 21:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Riot Games
[2012.05.20 09:34:02 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Sett\Data aplikací\SecuROM
[2013.08.10 21:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\SGP Systems
[2014.04.30 12:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Skype
[2011.09.04 21:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\skypePM
[2012.12.01 22:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment
[2013.03.28 21:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\stetic
[2011.01.18 00:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Sun
[2013.03.06 21:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TeamViewer
[2013.05.03 05:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TERA
[2013.08.28 16:54:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TS3Client
[2013.06.28 09:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\TuneUp Software
[2011.01.18 16:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Uniblue
[2014.04.25 19:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\uTorrent
[2011.05.15 20:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Ventrilo
[2014.04.24 15:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\vlc
[2012.06.21 20:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\Vodafone
[2011.01.23 11:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\WinRAR
[2013.08.10 12:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\WinZipper
[2011.01.18 01:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sett\Data aplikací\ZipGenius

< %APPDATA%\*.exe /s >
[2012.11.20 15:42:07 | 000,787,936 | ---- | M] (Sony Online Entertainment) -- C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\ApplicationUpdaterService.exe
[2012.11.20 15:43:01 | 000,602,568 | ---- | M] () -- C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\Uninstaller.exe
[2012.10.27 04:42:33 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe
[2014.02.07 19:32:59 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Sett\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe
[2013.08.16 15:11:25 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Sett\Data aplikací\uTorrent\uTorrent.exe
[2013.08.12 09:17:06 | 001,129,552 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Sett\Data aplikací\uTorrent\updates\3.3.1_29963.exe
[2013.08.12 09:17:10 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Sett\Data aplikací\uTorrent\updates\3.3.1_30003.exe
[2013.08.16 15:11:25 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Sett\Data aplikací\uTorrent\updates\3.3.1_30017.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.01.10 22:46:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.01.10 22:46:49 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.01.10 22:46:49 | 000,409,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.04.29 12:39:47 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2014.04.29 12:39:47 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2014.04.29 12:39:45 | 017,931,952 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerInstaller.exe
[2014.04.27 15:44:33 | 000,143,312 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2014.04.27 15:44:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.04.30 12:14:36 | 000,000,512 | ---- | M] () MD5=8E46C69668A07482F3FD33F0E579F1BB -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.10.23 14:10:40 | 000,001,000 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\gta-san-andreas-crack\gta-san-andreas-crack.lnk
[2014.03.28 20:36:01 | 000,001,062 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\ftblauncher\ModPacks\MindCrack\logo_minecrack.png
[2014.03.28 20:36:01 | 000,008,681 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\ftblauncher\ModPacks\MindCrack\mindcrack_splash.png
[2014.02.22 12:39:16 | 000,000,504 | ---- | M] () -- \Documents and Settings\Sett\Plocha\Nová složka\MC\#README# cracked by greg0ree.txt
[2014.03.28 20:34:00 | 003,443,462 | ---- | M] () -- \Documents and Settings\Sett\Plocha\Nová složka\MC\Feed-The-Beast-FTB-launcher-cracked-(-warez-)-1.3.6-FUTURECRAFT-by-Racad.zip
[2014.02.22 19:07:32 | 003,842,203 | ---- | M] () -- \Documents and Settings\Sett\Plocha\Nová složka\MC\FTB_cracked_1.3.6f.jar
[2014.03.25 15:38:40 | 002,295,368 | ---- | M] () -- \Documents and Settings\Sett\Plocha\Nová složka\MC\Technic-Launcher-Cracked.exe
[2013.02.14 07:28:58 | 629,145,600 | ---- | M] () -- \Documents and Settings\Sett\Plocha\Nová složka\USB-Boot\CrackCd.iso
[2013.10.23 14:43:01 | 005,120,726 | ---- | M] () -- \Games\GTA\gta-san-andreas-crack.rar
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Games\GTA\GTA San Andreas\data\Decision\Craig\crack1.ped
[2013.09.27 12:40:10 | 005,120,726 | ---- | M] () -- \Games\GTA\GTA San Andreas\gta-san-andreas-crack\gta-san-andreas-crack.rar
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2012.08.13 12:01:42 | 412,357,971 | ---- | M] () -- \Program Files\Ubisoft\The Settlers 7 - Paths to a Kingdom\Settlers-7-Crack_Repack.rar

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.04.20 16:29:08 | 000,004,178 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\AVG SafeGuard toolbar\Chrome\content\icons\loader.gif.vir
[2014.04.20 16:29:08 | 000,019,497 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif.vir
[2014.02.08 19:37:22 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204\modules\skin\ajax-loader.gif
[2014.02.08 19:37:22 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204\modules\skin\loader.gif
[2014.01.30 13:41:04 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91\modules\skin\ajax-loader.gif
[2014.01.30 13:41:04 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91\modules\skin\loader.gif
[2014.03.02 22:20:27 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.0.0.248\modules\skin\ajax-loader.gif
[2014.03.02 22:20:27 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.0.0.248\modules\skin\loader.gif
[2014.04.20 16:29:08 | 000,006,494 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.0.5.292\modules\skin\ajax-loader.gif
[2014.04.20 16:29:08 | 000,000,729 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\AVG SafeGuard toolbar\FireFoxExt\18.0.5.292\modules\skin\loader.gif
[2012.10.19 23:55:25 | 000,016,655 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12079\FileLoader.dll
[2012.10.19 23:57:13 | 000,027,099 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12079\bbtalk\BTalkLoader.exe
[2012.12.07 22:26:36 | 000,016,654 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12154\FileLoader.dll
[2013.06.08 14:01:10 | 000,020,929 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12169\FileLoader.dll
[2013.06.08 14:10:50 | 000,945,655 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12169\ggdownloader.dll
[2013.06.08 14:05:55 | 000,027,494 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12169\bbtalk\BTalkLoader.exe
[2013.06.16 12:29:24 | 000,080,425 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\UpdateManager\12226\bbtalk\GarenaTalkLoader.exe
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 15:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 15:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.10.21 22:16:58 | 000,000,682 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Outlive.data
[2011.10.21 22:17:06 | 000,000,872 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Outlive.data0
[2013.08.10 12:14:01 | 000,030,313 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\Omiga Plus\icons\Torntv Downloader_1b1888d3ccb95dd7bb0065b113c0b55f.ico
[2013.08.10 12:14:01 | 000,001,282 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\Omiga Plus\icons\Torntv Downloader_1b1888d3ccb95dd7bb0065b113c0b55f_48_48.png
[2012.10.27 04:42:33 | 000,294,400 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe
[2013.03.25 17:21:00 | 000,388,776 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\TERA\launcher\live\downloader.bundle
[2013.03.20 08:02:00 | 000,694,656 | ---- | M] () -- \Documents and Settings\Sett\Data aplikací\TERA\launcher\live\downloader.dll
[2012.02.19 23:50:25 | 249,369,064 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Any Video Converter\AVI\Legenda.o.Lilith.2004.DVDRip.CZ.by.Colly.of.PowerUploaders_(www.KinoTip.cz)_xvid.avi
[2014.04.17 23:51:05 | 000,023,933 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\BloodNBones\minecraft\ForgeModLoader-client-0.log
[2014.04.17 23:51:03 | 000,000,000 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\BloodNBones\minecraft\ForgeModLoader-client-0.log.lck
[2014.04.17 23:49:14 | 000,023,933 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\BloodNBones\minecraft\ForgeModLoader-client-1.log
[2014.04.17 23:48:07 | 000,000,068 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\BloodNBones\minecraft\config\TConPreloader.cfg
[2014.04.19 05:30:26 | 000,890,969 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Magic_World_2\minecraft\ForgeModLoader-client-0.log
[2014.04.19 03:31:27 | 000,000,000 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Magic_World_2\minecraft\ForgeModLoader-client-0.log.lck
[2014.04.18 01:00:16 | 000,830,546 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Magic_World_2\minecraft\ForgeModLoader-client-1.log
[2014.04.17 23:55:33 | 000,474,940 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Magic_World_2\minecraft\ForgeModLoader-client-2.log
[2014.03.28 21:01:52 | 000,000,068 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Magic_World_2\minecraft\config\TConPreloader.cfg
[2014.04.17 23:58:48 | 000,143,448 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Monster\minecraft\ForgeModLoader-client-0.log
[2014.04.17 23:58:44 | 000,000,000 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Monster\minecraft\ForgeModLoader-client-0.log.lck
[2014.04.17 23:56:17 | 000,143,448 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Monster\minecraft\ForgeModLoader-client-1.log
[2014.04.17 23:53:55 | 000,143,448 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Monster\minecraft\ForgeModLoader-client-2.log
[2014.03.28 20:39:21 | 000,000,068 | ---- | M] () -- \Documents and Settings\Sett\Dokumenty\Stažené soubory\Monster\minecraft\config\TConPreloader.cfg
[2013.03.28 21:56:36 | 000,000,000 | ---- | M] () -- \Documents and Settings\Sett\Local Settings\Data aplikací\XamarinStudio-4.0\Cache\TempDownload\downloader-lock
[2014.04.28 18:55:22 | 000,001,870 | ---- | M] () -- \Documents and Settings\Sett\Local Settings\Temporary Internet Files\Content.IE5\890WCDTF\AdLoader[1].htm
[2014.04.28 18:55:15 | 000,112,122 | ---- | M] () -- \Documents and Settings\Sett\Local Settings\Temporary Internet Files\Content.IE5\IJERAZU1\AdLoader-7b473315d0084c71df83cdee72aab144.min[2].js
[2014.04.29 19:33:42 | 000,001,870 | ---- | M] () -- \Documents and Settings\Sett\Local Settings\Temporary Internet Files\Content.IE5\O1A38PUJ\AdLoader[1].htm
[2012.11.23 20:09:47 | 000,001,727 | ---- | M] () -- \Documents and Settings\Sett\Plocha\NFSMW Mod Loader.lnk
[2006.12.08 07:13:34 | 000,000,179 | ---- | M] () -- \Documents and Settings\Sett\Plocha\NFS\Need For Speed - Most Wanted\ADDONS\modloader.ini
[2012.02.17 18:38:36 | 480,078,285 | ---- | M] () -- \Documents and Settings\Sett\Plocha\Ostatní\Legenda.o.Lilith.2004.DVDRip.CZ.by.Colly.of.PowerUploaders_(www.KinoTip.cz).avi
[2011.08.29 17:48:54 | 000,010,145 | ---- | M] () -- \Documents and Settings\Sett\Plocha\Původní data aplikace Firefox\jqi64j1j.default\conduitCommon\modules\3.6.0.10\ExternalLibraryLoader.jsm
[2013.12.14 12:07:38 | 000,000,068 | ---- | M] () -- \Documents\config\TConPreloader.cfg
[2013.10.05 23:22:00 | 000,604,324 | ---- | M] () -- \Documents\mods\Smart Moving Universal for ModLoader or Minecraft Forge or MCPC+.zip
[2013.02.01 01:16:50 | 000,065,344 | ---- | M] () -- \Games\SMITE\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2011.01.25 20:45:08 | 002,172,400 | ---- | M] () -- \Games\WOTLK\World of Warcraft\BackgroundDownloader.exe
[2011.01.26 11:46:51 | 002,070,207 | ---- | M] () -- \Games\WOTLK\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2011.01.25 20:45:57 | 000,003,026 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2011.01.25 20:45:57 | 000,004,261 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2011.01.26 11:46:57 | 000,008,441 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Logs\Downloader.log
[2012.09.25 04:47:32 | 006,396,128 | ---- | M] () -- \Games\Wow-Cata\WoW Cata\BackgroundDownloader.exe
[2011.01.25 20:45:08 | 002,172,400 | ---- | M] () -- \Games\WoW-Wotlk\BackgroundDownloader.exe
[2011.01.26 11:46:51 | 002,070,207 | ---- | M] () -- \Games\WoW-Wotlk\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2011.01.25 20:45:57 | 000,003,026 | ---- | M] () -- \Games\WoW-Wotlk\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2011.01.25 20:45:57 | 000,004,261 | ---- | M] () -- \Games\WoW-Wotlk\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2011.01.26 11:46:57 | 000,008,441 | ---- | M] () -- \Games\WoW-Wotlk\Logs\Downloader.log
[2010.03.19 00:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2010.03.18 01:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2013.11.21 13:27:50 | 000,051,504 | ---- | M] () -- \Program Files\Garena Messenger\FileLoader.dll
[2013.11.21 13:27:54 | 002,941,232 | ---- | M] () -- \Program Files\Garena Messenger\ggdownloader.dll
[2013.11.21 12:55:50 | 000,255,280 | ---- | M] () -- \Program Files\Garena Messenger\bbtalk\GarenaTalkLoader.exe
[2011.04.18 05:18:54 | 000,050,688 | ---- | M] () -- \Program Files\Garena Messenger\temp\FileLoader.dll
[2011.05.21 13:04:00 | 000,018,727 | ---- | M] () -- \Program Files\Garena Messenger\temp\FileLoader.dll.z
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011.07.18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.01.17 17:21:04 | 000,006,263 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.12.27 13:21:46 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 20:07:52 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.12.27 13:21:56 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 13:24:20 | 000,003,689 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2013.05.16 13:27:36 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2010.03.15 12:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2013.11.23 22:00:02 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.79\deploy\assets\storeImages\layout\small_loader.gif
[2002.09.20 20:03:42 | 000,031,744 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 01:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 01:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< *minodlogin* /s >

< *tnod* /s >
[2013.08.11 16:29:07 | 000,002,304 | ---- | M] () -- \Documents and Settings\Sett\Local Settings\Data aplikací\Ares\Data\DHTnodes.dat
[2013.08.11 16:29:07 | 000,003,838 | ---- | M] () -- \Documents and Settings\Sett\Local Settings\Data aplikací\Ares\Data\MDHTnodes.dat

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2013.02.13 15:09:51 | 000,020,800 | ---- | M] () -- \Games\SMITE\HiRezGames\smite\Binaries\Autoreporter.XmlSerializers.dll
[2007.10.25 00:13:45 | 000,000,039 | ---- | M] () -- \Games\Warcraft III\serial.txt
[2010.08.14 18:46:10 | 000,009,066 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.08.14 18:46:10 | 000,000,219 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2011.11.06 16:51:46 | 000,009,066 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Interface\AddOns\GHI\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2011.11.06 16:51:46 | 000,000,219 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Interface\AddOns\GHI\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.03.30 14:21:40 | 000,009,066 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.03.30 14:21:40 | 000,000,219 | ---- | M] () -- \Games\WOTLK\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.08.14 18:46:10 | 000,009,066 | ---- | M] () -- \Games\WoW-Wotlk\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.08.14 18:46:10 | 000,000,219 | ---- | M] () -- \Games\WoW-Wotlk\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2011.11.06 16:51:46 | 000,009,066 | ---- | M] () -- \Games\WoW-Wotlk\Interface\AddOns\GHI\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2011.11.06 16:51:46 | 000,000,219 | ---- | M] () -- \Games\WoW-Wotlk\Interface\AddOns\GHI\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.03.30 14:21:40 | 000,009,066 | ---- | M] () -- \Games\WoW-Wotlk\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.03.30 14:21:40 | 000,000,219 | ---- | M] () -- \Games\WoW-Wotlk\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.03.18 20:31:26 | 000,370,552 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 20:31:26 | 000,042,904 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.31 04:48:08 | 000,009,272 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2009.08.31 04:48:08 | 000,285,032 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.xml
[2010.03.18 20:31:26 | 000,429,432 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.dll
[2010.03.18 20:31:26 | 000,032,664 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 20:47:54 | 000,007,862 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 23:09:56 | 000,332,539 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.xml
[2010.03.18 20:31:26 | 000,429,432 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 20:31:26 | 000,032,664 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 20:47:54 | 000,007,862 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 23:09:56 | 000,332,539 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.xml
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.08.31 04:48:08 | 000,285,032 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2013.05.16 13:25:40 | 000,049,217 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.serialio_2.13.6.201305161305.jar
[2013.05.16 13:25:50 | 000,005,999 | ---- | M] () -- \Program Files\Sony Ericsson\Update Engine\plugins\com.sonymobile.cs.serialcommunication_2.13.6.201305161305.jar
[2002.09.20 19:21:56 | 000,062,208 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2013.04.28 08:40:40 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 21:08:02 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.12.18 02:09:48 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 21:08:18 | 000,090,112 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2011.10.11 23:03:01 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.12.18 07:21:27 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.11.03 07:58:21 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.11.03 07:57:13 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2013.12.18 07:20:16 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
[2011.11.03 08:00:13 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\137a2ae391d89577ad63db08303a5158\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.18 07:26:40 | 002,637,312 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\391bda1a235cfdce5db36fc18ba11e09\System.Runtime.Serialization.ni.dll
[2013.03.16 12:57:10 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.12.18 02:05:05 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.03.16 12:57:09 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.12.18 02:05:03 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 08:08:04 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.09.10 17:46:28 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.08.31 04:48:08 | 000,009,272 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 08:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 08:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 19:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 08:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 21 bytes -> C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\Uninstaller.exe:crc
@Alternate Data Stream - 21 bytes -> C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\ApplicationUpdaterService.exe:crc
@Alternate Data Stream - 21 bytes -> \Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe:crc

< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pekelně zpomalený PC

#25 Příspěvek od Márty84 »

:!: Vypnete antivir, at nebrani programu v praci.
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
JavaQuickStarterService
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119776&tt=130313_80cr&babsrc=SP_ss&mntrId=10561C6F6537B623
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=470EA855-F63E-4267-BD53-F7A312181D5A&apn_sauid=8D611B89-79E7-4B3B-9068-CEA2526F39D2
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={FEAC9FB8-B995-4072-84D3-602C1EDC6C41}&mid=cab54c9c152647d697ead1544925332d-05b9a65e8ae14251357cda6a211f5205f581bf4e&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-08 18:37:36&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
[2013.11.08 17:11:37 | 000,001,907 | ---- | M] () (No name found) -- C:\Documents and Settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\extensions\{b6b1a201-b252-484f-b9fe-68efbb273fbd}.xpi
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: ([]msn in Tento počítač)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: clonewarsadventures.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: freerealms.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: soe.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1715567821-308236825-1801674531-1003\..Trusted Domains: sony.com ([]* in Důvěryhodné servery)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll File not found
[2012.09.05 14:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ask
[2011.09.04 21:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Babylon
[2012.12.02 10:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[33 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Avg2013\log\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Avg2013\log\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
@Alternate Data Stream - 21 bytes -> C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\Uninstaller.exe:crc
@Alternate Data Stream - 21 bytes -> C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\ApplicationUpdaterService.exe:crc
@Alternate Data Stream - 21 bytes -> \Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe:crc

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#26 Příspěvek od Caswalon »

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Sett
->Temp folder emptied: 37203850 bytes
->Temporary Internet Files folder emptied: 1823792 bytes
->Java cache emptied: 8386927 bytes
->FireFox cache emptied: 631365494 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2901 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1320378 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 694 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 649,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Sett
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Documents and Settings\Sett\Data aplikací\Mozilla\Firefox\Profiles\d103pnm3.default-1379008976281\extensions\{b6b1a201-b252-484f-b9fe-68efbb273fbd}.xpi moved successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1715567821-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
Invalid CLSID key: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}\ deleted successfully.
File {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll File not found not found.
C:\Documents and Settings\All Users\Data aplikací\Ask\APN-Stub folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ask folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Babylon folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster\Essentials folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster\BackLnk folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP237.tmp\Microsoft.SqlServer.Management.Sdk.Sfc.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP237.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP285.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2AE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP496.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4FF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5BA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP665.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6EE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP726.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP729.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP864.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP888.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB54.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBD5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC68.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI1F0.tmp deleted successfully.
C:\WINDOWS\Installer\MSI251.tmp deleted successfully.
C:\WINDOWS\Installer\MSI252.tmp deleted successfully.
C:\WINDOWS\Installer\MSI253.tmp deleted successfully.
C:\WINDOWS\Installer\MSI254.tmp deleted successfully.
C:\WINDOWS\Installer\MSI255.tmp deleted successfully.
C:\WINDOWS\Installer\MSI256.tmp deleted successfully.
C:\WINDOWS\Installer\MSI257.tmp deleted successfully.
C:\WINDOWS\Installer\MSI258.tmp deleted successfully.
C:\WINDOWS\Installer\MSI259.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI260.tmp deleted successfully.
C:\WINDOWS\Installer\MSI261.tmp deleted successfully.
C:\WINDOWS\Installer\MSI262.tmp deleted successfully.
C:\WINDOWS\Installer\MSI263.tmp deleted successfully.
C:\WINDOWS\Installer\MSI264.tmp deleted successfully.
C:\WINDOWS\Installer\MSI265.tmp deleted successfully.
C:\WINDOWS\Installer\MSI266.tmp deleted successfully.
C:\WINDOWS\Installer\MSI267.tmp deleted successfully.
C:\WINDOWS\Installer\MSI268.tmp deleted successfully.
C:\WINDOWS\Installer\MSI28.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5EA.tmp deleted successfully.
C:\WINDOWS\Installer\MSI628.tmp deleted successfully.
C:\WINDOWS\Installer\MSI629.tmp deleted successfully.
C:\WINDOWS\Installer\MSI62A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI62B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI62C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI79.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Avg2013\log\avg-3090a63a-2fbd-4d20-8078-4043c73b2e2a.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp deleted successfully.
ADS C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe:crc deleted successfully.
ADS C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\Uninstaller.exe:crc deleted successfully.
ADS C:\Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\ApplicationUpdaterService.exe:crc deleted successfully.
Unable to delete ADS \Documents and Settings\Sett\Data aplikací\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe:crc .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 04302014_201503

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pekelně zpomalený PC

#27 Příspěvek od Márty84 »

:arrow: Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

:arrow:
vyosek píše: :arrow: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

:arrow: Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

:arrow: Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

:arrow: Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#28 Příspěvek od Caswalon »

Velmi děkuji za veškerou pomoc,
počítač jede značně rychleji, není to sice ten stav jako když jsem opakovaně dával bod obnovení, ale povětšinou už mi necrashne kdekterý program. Problém mám stále akorát s mozillou. Dneska když jsem počítač spustil, tak se opět zasekla aniž by najela byť jen domovská stránka, začala problikávat (Jen mozila, monitor ne) a celý PC nereagoval na žádné podněty, takže nezbývalo než opět tvrdě restartovat.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pekelně zpomalený PC

#29 Příspěvek od Márty84 »

Mozillu preinstalujte. Pokud nechcete prijit o zalozky, zazalohujte si je pomoci mozbackup http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/

Pak napiste, jestli nastala nejaka zmena.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Caswalon
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 26 dub 2014 22:30

Re: Pekelně zpomalený PC

#30 Příspěvek od Caswalon »

Bohužel. Nově po přeinstalování se mi dost lagují i videa pokuď je dám na full screen.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“