nelze vypnout PC

[makuSHka]

k restartu ještě nedošlo, mám ho restartovat sama nebo počkat, co se bude dít?

[Márty84]

Jestli uz se zeptal na restart a ten neprobehl, tak restartujte sama.

[makuSHka]

zadny log se po restartu neobjevil

[Márty84]

Podivejte se, jestli neni tady C:\_OTL\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

[makuSHka]

tak tady je:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService

User: NetworkService

User: vlad

%systemdrive% .tmp files removed: 0 bytes
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
%systemroot% .tmp files removed: 2114584 bytes
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: vlad

Total Flash Files Cleaned = 0,00 mb

System Restore Service not available.
========== SERVICES/DRIVERS ==========
Error: No service named MBAMSwissArmy was found to stop!
No service named MBAMSwissArmy was found to delete!
Error: No service named gupdate was found to stop!
No service named gupdate was found to delete!
Error: No service named gupdatem was found to stop!
No service named gupdatem was found to delete!
Error: No service named NMIndexingService was found to stop!
No service named NMIndexingService was found to delete!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
File move failed. C:\WINDOWS\SET3.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SET4.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SET8.tmp scheduled to be moved on reboot.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\PCConfidential.job moved successfully.
C:\WINDOWS\tasks\WGASetup.job moved successfully.
========== OTL ==========
Unable to set value : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E!
Unable to set value : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E!
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry delete failed. HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry delete failed. HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry delete failed. HKEY_USERS\S-1-5-21-2052111302-484061587-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_USERS\S-1-5-21-2052111302-484061587-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry delete failed. HKEY_USERS\S-1-5-21-2052111302-484061587-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{3326ab56-742e-5603-906f-290517220122}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3326ab56-742e-5603-906f-290517220122}\ not found.
Registry key HKEY_USERS\S-1-5-21-2052111302-484061587-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry delete failed. HKEY_CURRENT_USER\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_CURRENT_USER\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Folder C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}\ not found.
Folder C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}\ not found.
Folder C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}\ not found.
Folder C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}\ not found.
Folder C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}\ not found.
Folder C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\extensions\{8675f4b3-2f19-11ed-2d6b-1823600c0a19}\ not found.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Folder move failed. C:\PROGRAM FILES\MOZILLA FIREFOX 3 BETA 3\EXTENSIONS\{52EF0988-5232-4465-86E7-6434B5891030}\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\MOZILLA FIREFOX 3 BETA 3\EXTENSIONS\{52EF0988-5232-4465-86E7-6434B5891030}\defaults scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\MOZILLA FIREFOX 3 BETA 3\EXTENSIONS\{52EF0988-5232-4465-86E7-6434B5891030}\chrome scheduled to be moved on reboot.
Folder move failed. C:\PROGRAM FILES\MOZILLA FIREFOX 3 BETA 3\EXTENSIONS\{52EF0988-5232-4465-86E7-6434B5891030} scheduled to be moved on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-2052111302-484061587-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Folder C:\Documents and Settings\vlad\Data aplikací\ICQ Toolbar\ not found.
Folder C:\Documents and Settings\vlad\Data aplikací\IObit\ not found.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
File delete failed. C:\WINDOWS\SET3.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\SET4.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\SET8.tmp scheduled to be deleted on reboot.
C:\WINDOWS\Installer\MSI2FB5.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5AA.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5CB.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5D2.tmp deleted successfully.
C:\WINDOWS\Installer\MSI68.tmp deleted successfully.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
File delete failed. C:\WINDOWS\system32\CONFIG.TMP scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
File delete failed. C:\WINDOWS\twain_32\hpqgends.tmp scheduled to be deleted on reboot.
Unable to delete ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT .
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:B623B5B8 deleted successfully.
========== REGISTRY ==========
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LanguageShortcut scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ImagePath"|hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ErrorControl"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ImagePath"|hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ErrorControl"|dword:00000001 /E!

OTL by OldTimer - Version 3.2.69.0 log created on 05082014_113258

[Márty84]

Nespustila jste to dvakrat?


Dejte novy log z RSIT


Jdu obedvat, takze se na nejakou dobu odmlcim

[makuSHka]

myslím, že nespustila..

dobrou chuť

[makuSHka]

Logfile of random's system information tool 1.09 (written by random/random)
Run by vlad at 2014-05-08 12:18:13
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (35%) free of 20 GB
Total RAM: 511 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:18:19, on 8.5.2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\Nero 8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
c:\program files\teamviewer\version7\TeamViewer_Desktop.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\vlad\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\vlad.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=centrum
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbox.digsby.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbox.digsby.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "D:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ICQ] "D:\icq\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4331696109
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {813A45F9-744F-435F-A815-19E2DF35A9D8} (O2C-Player - area constructor view (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayerac.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus (avast! antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DNTUS26.EXE
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

--
End of file - 8796 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/#utm_source=icq&u ... um=centrum"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, {52EF0988-5232-4465-86E7-6434B5891030}:1.0, {afcedbfe-7a6d-44c6-9f1d-664d608aecea}:2.7.2.0, {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2, {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.34, {6236BA26-C117-4007-928C-DE0716C7FA82}:1.0.2, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.16, {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1, {8675f4b3-2f19-11ed-2d6b-0800600c0a19}:1.0, wrc@avast.com:9.0.2013.75, {8675f4b3-2f19-11ed-2d6b-1823600c0a19}:1.0.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.265 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox 3 Beta 3\extensions\
{52EF0988-5232-4465-86E7-6434B5891030}
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox 3 Beta 3\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox 3 Beta 3\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox 3 Beta 3\searchplugins\
google.xml
jyxo-cz.xml
kwinzy121.xml
kwinzy123.xml
kwinzy127.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\extensions\
{6236BA26-C117-4007-928C-DE0716C7FA80}
{6236BA26-C117-4007-928C-DE0716C7FA82}
{6236BA26-C117-4007-928C-DE0716C7FA96}
{6236BA26-C117-4007-928C-DE0716C7FA99}
{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
{8675f4b3-2f19-11ed-2d6b-1823600c0a19}
{e968fc70-8f95-4ab9-9e79-304de2a71ee1}

C:\Documents and Settings\vlad\Data aplikací\Mozilla\Firefox\Profiles\p8cwiec3.default\searchplugins\
amazondotcom.xml
ebay.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-05 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-05 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2002-09-25 87751]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-10-28 7307264]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-10-28 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"RemoteControl"=D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]
"LanguageShortcut"=D:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"WinampAgent"=E:\Program Files\Winamp\winampa.exe []
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-05-03 3774312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
"ICQ"=D:\icq\ICQ7.2\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
D:\Program Files\Nero 8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="D:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"D:\icq\ICQ6\ICQ.exe"="D:\icq\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"D:\Program Files\Nero 8\Nero ShowTime\ShowTime.exe"="D:\Program Files\Nero 8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Disabled:µTorrent"
"D:\qip\QIP\qip.exe"="D:\qip\QIP\qip.exe:*:Disabled:Quiet Internet Pager"
"D:\Program Files\ArchiCAD 12\ArchiCAD.exe"="D:\Program Files\ArchiCAD 12\ArchiCAD.exe:*:Enabled:ArchiCAD 12.0.0 Component"
"D:\Program Files\TrackMania United\TmUnited.exe"="D:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"D:\icq\ICQ6.5\ICQ.exe"="D:\icq\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\Program Files\Pinnacle\Programs\RM.exe"="E:\Program Files\Pinnacle\Programs\RM.exe:*:Enabled:Render Manager"
"E:\Program Files\Pinnacle\Programs\umi.exe"="E:\Program Files\Pinnacle\Programs\umi.exe:*:Enabled:umi"
"E:\Program Files\Pinnacle\Programs\VideoSpin.exe"="E:\Program Files\Pinnacle\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL
"wave1"=serwvdrv.dll
"vidc.LEAD"=LCODCCMP.DLL
"MSVideo8"=VfWWDM32.dll

======File associations======

.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-05-08 11:32:59 ----D---- C:\_OTL
2014-05-08 11:29:50 ----D---- C:\Program Files\MozBackup
2014-05-04 07:51:40 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2014-05-04 07:47:23 ----ASH---- C:\hiberfil.sys
2014-05-04 07:40:47 ----A---- C:\WINDOWS\ntbtlog.txt
2014-05-03 19:33:33 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-05-03 19:32:50 ----D---- C:\AdwCleaner
2014-05-03 14:42:41 ----D---- C:\Documents and Settings\vlad\Data aplikací\Malwarebytes
2014-05-03 14:42:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-05-03 14:33:21 ----D---- C:\Program Files\trend micro
2014-05-03 14:33:18 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2014-05-08 12:18:16 ----D---- C:\WINDOWS\Temp
2014-05-08 12:03:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-05-08 11:33:30 ----SHD---- C:\WINDOWS\Installer
2014-05-08 11:33:28 ----SD---- C:\WINDOWS\Tasks
2014-05-08 11:30:04 ----D---- C:\WINDOWS\Prefetch
2014-05-08 11:29:50 ----RD---- C:\Program Files
2014-05-06 19:50:23 ----D---- C:\WINDOWS\system32\CatRoot2
2014-05-06 19:49:16 ----D---- C:\WINDOWS\system32
2014-05-06 16:21:29 ----D---- C:\WINDOWS\system32\drivers
2014-05-06 14:43:21 ----D---- C:\WINDOWS
2014-05-04 17:57:07 ----D---- C:\Documents and Settings\vlad\Data aplikací\TeamViewer
2014-05-04 17:56:48 ----D---- C:\Program Files\TeamViewer
2014-05-04 17:47:43 ----RSD---- C:\WINDOWS\Fonts
2014-05-04 07:44:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-05-03 22:44:59 ----SHD---- C:\WINDOWS\CSC
2014-05-03 19:27:18 ----HD---- C:\WINDOWS\$NtUninstallKB901214$
2014-05-03 19:20:05 ----D---- C:\WINDOWS\system32\CatRoot_bak
2014-05-03 19:20:05 ----D---- C:\WINDOWS\system32\CatRoot
2014-05-03 19:19:26 ----D---- C:\WINDOWS\inf
2014-05-03 14:01:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-12-10 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-01-02 180248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 aswrdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswtdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\WINDOWS\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\D:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-09-20 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-09-20 55936]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AgereSoftModem;Microcom InPorte Home; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2002-09-25 1141248]
R3 DwMirror;DwMirror; C:\WINDOWS\system32\DRIVERS\DamewareMini.sys [2007-02-07 2944]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-10-28 3532000]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-08-29 578304]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;ADSL USB MODEM WAN ADAPTER; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-04 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-02-05 50344]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2007-11-07 54784]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero 8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-10-28 131139]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-14 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 DNTUS26;DameWare NT Utilities 2.6; C:\WINDOWS\SYSTEM32\DNTUS26.EXE [2007-10-30 114688]
S3 DWMRCS;DameWare Mini Remote Control; C:\WINDOWS\SYSTEM32\DWRCS.EXE [2007-10-30 225792]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-14 135664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]

-----------------EOF-----------------

[Márty84]

Dekuji, chut byla vyborna

Neprobehlo to jak melo. Zkuste krok s OTL zopakovat, ale tentokrat v nouzovem rezimu.

[makuSHka]

provedu, po návratu z práce.

[Márty84]

OK

At vam to hezky utika

[makuSHka]

omlouvam se .. nečekané komplikace .. kontrolu se pokusím provézt do konce týdne.

[Márty84]

OK Doufam, ze nic vazneho



14.6. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975