Pocitac byl po dlouhe dobe procisten.
Tak prosim o pomoc s dokonalym dokoncenim.
Dekuji
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Systém Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4.3.2014 20:16:32
System Uptime: 21.7.2014 17:22:52 (0 hours ago)
.
Motherboard: ASRock | | 960GC-GS FX
Processor: AMD Phenom(tm) 8450 Triple-Core Processor | CPUSocket | 2104/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 166 GiB total, 17,01 GiB free.
D: is FIXED (NTFS) - 300 GiB total, 257,281 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP123: 21.7.2014 17:10:04 - Kontrolní bod systému
RP124: 21.7.2014 17:24:39 - avast! antivirus system restore point
.
==== Installed Programs ======================
.
Adobe Flash Player 14 Plugin
Adobe Reader XI - Czech
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
avast! Free Antivirus
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Localization All
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Codec Pack - All In 1 6.0.3.0
Counter-Strike 1.6
Google Chrome
Google Update Helper
Half-Life Dedicated Server Update Tool
Microsoft .NET Framework 2.0
Microsoft Office Professional Edition 2003
Mozilla Firefox 30.0 (x86 cs)
Mozilla Maintenance Service
Nero 6 Ultra Edition
Oprava Hotfix systému Windows XP (KB942288-v3)
PowerDVD
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Skins
Softarová utilita ATI - Odinstalovat
Total Commander (Remove or Repair)
WebFldrs XP
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by user at 17:25:48 on 2014-07-21
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1791.1231 [GMT 2:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [UserFaultCheck] c:\windows\system32\dumprep 0 -u
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: Interfaces\{4C0B7A73-2C4C-45CC-B7B1-E20613D4F16A} : NameServer = 10.10.10.1 88.146.248.2
TCP: Interfaces\{754736E2-C6F1-4394-A101-59D061CF1C43} : DHCPNameServer = 10.10.10.1
Notify: AtiExtEvent - Ati2evxx.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\36.0.1985.125\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-3-4 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-3-4 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-3-4 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-3-4 414520]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-5-4 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [2014-3-4 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-3-4 50344]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-4-13 69120]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2014-3-4 1691480]
S3 zxrjcbgo;zxrjcbgo; [x]
.
=============== Created Last 30 ================
.
2014-07-21 15:25:28 43152 ----a-w- c:\windows\avastSS.scr
2014-07-21 15:10:35 -------- d-----w- c:\program files\CCleaner
2014-07-09 06:59:29 11204096 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
==================== Find3M ====================
.
2014-07-21 15:25:29 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-21 15:25:29 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-07-21 15:25:29 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-21 15:25:29 414392 ----a-w- c:\windows\system32\drivers\aswsp.sys.1405956347453
2014-07-21 15:25:29 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-21 15:25:29 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-09 06:59:34 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 06:59:34 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-04 07:22:15 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1400154126296
2014-05-04 07:22:14 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1400154126296
.
============= FINISH: 17:26:08,63 ===============
info.txt logfile of random's system information tool 1.10 2014-07-21 17:27:00
======MBR======
0x33C08ED0BC007CFB5007501FFCBE1B7CBF1B065057B9E501F3A4CBBDBE07B104386E007C09751383C510E2F4CD188BF583C610497419382C74F6A0B507B4078BF0AC3C0074FCBB0700B40ECD10EBF2884E10E84600732AFE4610807E040B740B807E040C7405A0B60775D2804602068346080683560A00E821007305A0B607EBBC813EFE7D55AA740B807E100074C8A0B707EBA98BFC1E578BF5CBBF05008A5600B408CD1372238AC1243F988ADE8AFC43F7E38BD186D6B106D2EE42F7E239560A77237205394608731CB80102BB007C8B4E028B5600CD1373514F744E32E48A5600CD13EBE48A560060BBAA55B441CD13723681FB55AA7530F6C101742B61606A006A00FF760AFF76086A0068007C6A016A10B4428BF4CD136161730E4F740B32E48A5600CD13EBD661F9C34E65706C61746EA020746162756C6B61206F6464A16C850043687962612070FD69206E619FA174A06EA1206F706572619F6EA1686F2073797374826D75004F706572619F6EA12073797374826D206E656E616C657A656E00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002C446A5710571000008001010007FEFFFF3F0000006982C01400FEFFFF0FFEFFFFA882C014D88A7725000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 14 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -maintain plugin
Adobe Reader XI - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x3564
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
Google Chrome-->"C:\Program Files\Google\Chrome\Application\36.0.1985.125\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Half-Life Dedicated Server Update Tool-->D:\PROGRA~1\Valve\HLServer\UNWISE.EXE D:\PROGRA~1\Valve\HLServer\INSTALL.LOG
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox 30.0 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
Softarová utilita ATI - Odinstalovat-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
======System event log======
Computer Name: USER-4DF80C3055
Event Code: 7036
Message: Stav služby Kompatibilita pro rychlé přepínání uživatelů byl změněn na: Spuštěno
Record Number: 4792
Source Name: Service Control Manager
Time Written: 20140712183029.000000+120
Event Type: Informace
User:
Computer Name: USER-4DF80C3055
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Kompatibilita pro rychlé přepínání uživatelů úspěšně odeslán.
Record Number: 4791
Source Name: Service Control Manager
Time Written: 20140712183029.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: USER-4DF80C3055
Event Code: 7036
Message: Stav služby Terminálová služba byl změněn na: Spuštěno
Record Number: 4790
Source Name: Service Control Manager
Time Written: 20140712183029.000000+120
Event Type: Informace
User:
Computer Name: USER-4DF80C3055
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 4789
Source Name: EventLog
Time Written: 20140712183026.000000+120
Event Type: Informace
User:
Computer Name: USER-4DF80C3055
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.
Record Number: 4788
Source Name: EventLog
Time Written: 20140712183026.000000+120
Event Type: Informace
User:
=====Application event log=====
Computer Name: USER-4DF80C3055
Event Code: 102
Message: wuaueng.dll (3448) SUS20ClientDataStore: Databázový stroj spustil novou instanci (0).
Record Number: 2250
Source Name: ESENT
Time Written: 20140619105403.000000+120
Event Type: Informace
User:
Computer Name: USER-4DF80C3055
Event Code: 100
Message: wuauclt (3448) Databázový stroj 5.01.2600.5512 byl spuštěn.
Record Number: 2249
Source Name: ESENT
Time Written: 20140619105403.000000+120
Event Type: Informace
User:
Computer Name: USER-4DF80C3055
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 2248
Source Name: SecurityCenter
Time Written: 20140619105318.000000+120
Event Type: Informace
User:
Computer Name: USER-4DF80C3055
Event Code: 0
Message:
Record Number: 2247
Source Name: gupdate
Time Written: 20140619105318.000000+120
Event Type: Informace
User:
Computer Name: USER-4DF80C3055
Event Code: 1001
Message: Chybný blok 990512863
Record Number: 2246
Source Name: Application Error
Time Written: 20140619104804.000000+120
Event Type: Chyba
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0203
"NUMBER_OF_PROCESSORS"=3
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-07-21 17:26:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (10%) free of 170 GB
Total RAM: 1791 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:58, on 21.7.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\user\Plocha\RSIT.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C0B7A73-2C4C-45CC-B7B1-E20613D4F16A}: NameServer = 10.10.10.1 88.146.248.2
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 6007 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\User_Feed_Synchronization-{61ACE36D-D796-4A23-86E6-54010246ED98}.job - C:\WINDOWS\system32\msfeedssync.exe sync
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-06-25 98304]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2013-03-12 20143688]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-04 3890208]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-06-25 155648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Counter-Strike\cstrike.exe"="D:\Program Files\Counter-Strike\cstrike.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2014-07-21 17:26:51 ----D---- C:\rsit
2014-07-21 17:26:51 ----D---- C:\Program Files\trend micro
2014-07-21 17:25:28 ----A---- C:\WINDOWS\avastSS.scr
2014-07-21 17:10:35 ----D---- C:\Program Files\CCleaner
2014-07-09 08:59:29 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
======List of files/folders modified in the last 1 month======
2014-07-21 17:26:51 ----D---- C:\Program Files
2014-07-21 17:26:24 ----D---- C:\WINDOWS\Prefetch
2014-07-21 17:26:09 ----D---- C:\WINDOWS\Temp
2014-07-21 17:25:47 ----D---- C:\WINDOWS\system32\drivers
2014-07-21 17:25:44 ----SD---- C:\WINDOWS\Tasks
2014-07-21 17:25:30 ----D---- C:\WINDOWS
2014-07-21 17:25:28 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-07-21 17:23:08 ----D---- C:\Program Files\Google
2014-07-21 17:22:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-07-21 17:11:59 ----D---- C:\WINDOWS\Debug
2014-07-21 17:09:57 ----SHD---- C:\System Volume Information
2014-07-21 17:09:57 ----D---- C:\WINDOWS\system32\Restore
2014-07-21 17:09:29 ----SHD---- C:\WINDOWS\Installer
2014-07-21 17:03:30 ----D---- C:\WINDOWS\system32
2014-07-21 17:03:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-21 07:24:20 ----A---- C:\WINDOWS\NeroDigital.ini
2014-07-15 13:49:16 ----D---- C:\WINDOWS\system32\CatRoot2
2014-07-09 08:59:34 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-21 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-21 192352]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-07-21 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-07-21 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-21 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-07-21 57800]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-21 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-21 67824]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-06-25 4125696]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-03-29 5444680]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-11-08 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2013-05-15 403912]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 mbr;mbr; \??\C:\DOCUME~1\user\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 zxrjcbgo;zxrjcbgo; C:\WINDOWS\system32\drivers\zxrjcbgo.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-06-25 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-04 50344]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-01 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-01 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-12 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by user (administrator) on USER-4DF80C3055 on 21-07-2014 17:28:29
Running from C:\Documents and Settings\user\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
==================== Registry (Whitelisted) ==================
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\.DEFAULT\...\RunOnce: [nltide3] => cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\.DEFAULT\...\RunOnce: [nltide2] => cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N
HKU\.DEFAULT\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\RunOnce: [nltide3] => cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\RunOnce: [nltide2] => cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [nltide3] => cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [nltide2] => cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-2025429265-492894223-1801674531-1003\...\MountPoints2: F - F:\Install.bat
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{4C0B7A73-2C4C-45CC-B7B1-E20613D4F16A}: [NameServer]10.10.10.1 88.146.248.2
FireFox:
========
FF ProfilePath: C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\tj5cm1ty.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-04]
Chrome:
=======
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-04]
CHR Extension: (Disk Google) - C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-04]
CHR Extension: (YouTube) - C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-04]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-04]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-04]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-04]
CHR Extension: (Gmail) - C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-21]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
==================== Drivers (Whitelisted) ====================
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-21] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-21] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-21] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-21] ()
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S4 IntelIde; No ImagePath
U1 WS2IFSL;
S3 zxrjcbgo; No ImagePath
U3 mbr; \??\C:\DOCUME~1\user\LOCALS~1\Temp\mbr.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-21 17:28 - 2014-07-21 17:28 - 00007754 _____ () C:\Documents and Settings\user\Plocha\FRST.txt
2014-07-21 17:28 - 2014-07-21 17:28 - 00000000 ____D () C:\FRST
2014-07-21 17:27 - 2014-07-21 17:27 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\user\Plocha\FRSTLauncher.exe
2014-07-21 17:26 - 2014-07-21 17:27 - 00000000 ____D () C:\rsit
2014-07-21 17:26 - 2014-07-21 17:26 - 00005217 _____ () C:\Documents and Settings\user\Plocha\dds.txt
2014-07-21 17:26 - 2014-07-21 17:26 - 00002282 _____ () C:\Documents and Settings\user\Plocha\attach.txt
2014-07-21 17:26 - 2014-07-21 17:26 - 00000000 ____D () C:\Program Files\trend micro
2014-07-21 17:25 - 2014-07-21 17:25 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-21 17:25 - 2014-07-21 17:25 - 00000000 ___RD () C:\Documents and Settings\user\Nabídka Start\Programy\Nástroje pro správu
2014-07-21 17:18 - 2014-07-21 17:18 - 00688992 ____R (Swearware) C:\Documents and Settings\user\Plocha\dds.exe
2014-07-21 17:15 - 2014-07-21 17:19 - 00000464 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{61ACE36D-D796-4A23-86E6-54010246ED98}.job
2014-07-21 17:10 - 2014-07-21 17:10 - 00000682 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
2014-07-21 17:10 - 2014-07-21 17:10 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-21 17:10 - 2014-07-21 17:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\CCleaner
2014-07-21 17:10 - 2014-07-21 17:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\CCleaner
2014-07-21 17:03 - 2014-07-21 17:03 - 01080320 _____ (Farbar) C:\Documents and Settings\user\Plocha\FRST.exe
2014-07-21 17:02 - 2014-07-21 17:02 - 01107968 _____ () C:\Documents and Settings\user\Plocha\RSIT.exe
2014-07-09 08:59 - 2014-07-09 08:59 - 11204096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-09 08:48 - 2014-07-09 09:58 - 620913388 _____ () C:\Documents and Settings\user\Plocha\4.oneway_mix-letitroll_festival.wav
==================== One Month Modified Files and Folders =======
2014-07-21 17:28 - 2014-07-21 17:28 - 00007754 _____ () C:\Documents and Settings\user\Plocha\FRST.txt
2014-07-21 17:28 - 2014-07-21 17:28 - 00000000 ____D () C:\FRST
2014-07-21 17:28 - 2014-03-04 21:36 - 00000000 ____D () C:\Documents and Settings\user\Plocha
2014-07-21 17:28 - 2014-03-04 21:36 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Temp
2014-07-21 17:27 - 2014-07-21 17:27 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\user\Plocha\FRSTLauncher.exe
2014-07-21 17:27 - 2014-07-21 17:26 - 00000000 ____D () C:\rsit
2014-07-21 17:27 - 2014-03-04 22:04 - 00920954 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-21 17:26 - 2014-07-21 17:26 - 00005217 _____ () C:\Documents and Settings\user\Plocha\dds.txt
2014-07-21 17:26 - 2014-07-21 17:26 - 00002282 _____ () C:\Documents and Settings\user\Plocha\attach.txt
2014-07-21 17:26 - 2014-07-21 17:26 - 00000000 ____D () C:\Program Files\trend micro
2014-07-21 17:25 - 2014-07-21 17:25 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-21 17:25 - 2014-07-21 17:25 - 00000000 ___RD () C:\Documents and Settings\user\Nabídka Start\Programy\Nástroje pro správu
2014-07-21 17:25 - 2014-05-24 12:05 - 00001733 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Free Antivirus.lnk
2014-07-21 17:25 - 2014-05-04 09:22 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-21 17:25 - 2014-03-04 22:08 - 00000316 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-07-21 17:25 - 2014-03-04 22:07 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-21 17:25 - 2014-03-04 22:07 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-21 17:25 - 2014-03-04 22:07 - 00414392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1405956347453
2014-07-21 17:25 - 2014-03-04 22:07 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-21 17:25 - 2014-03-04 22:07 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-21 17:25 - 2014-03-04 22:07 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-07-21 17:25 - 2014-03-04 22:07 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-07-21 17:25 - 2014-03-04 22:07 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2014-07-21 17:25 - 2014-03-04 22:07 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-21 17:25 - 2014-03-04 21:36 - 00000000 ___RD () C:\Documents and Settings\user\Nabídka Start\Programy
2014-07-21 17:24 - 2014-03-04 21:13 - 00480457 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-21 17:23 - 2014-03-06 01:57 - 00001652 _____ () C:\Documents and Settings\user\Plocha\VPNXP-Ludik.cz.pbk
2014-07-21 17:23 - 2014-03-04 22:07 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 17:23 - 2014-03-04 22:07 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-21 17:23 - 2014-03-04 22:07 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-21 17:23 - 2014-03-04 21:32 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-21 17:23 - 2012-12-01 10:14 - 00000000 ____D () C:\Program Files\Google
2014-07-21 17:23 - 2009-06-25 12:22 - 00219120 _____ () C:\WINDOWS\system32\ativvaxx.cap
2014-07-21 17:22 - 2014-03-04 21:49 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-07-21 17:22 - 2014-03-04 21:36 - 00000178 ___SH () C:\Documents and Settings\user\ntuser.ini
2014-07-21 17:22 - 2014-03-04 21:32 - 00032544 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-21 17:21 - 2014-03-04 21:36 - 00000000 ___RD () C:\Documents and Settings\user\Oblíbené položky
2014-07-21 17:19 - 2014-07-21 17:15 - 00000464 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{61ACE36D-D796-4A23-86E6-54010246ED98}.job
2014-07-21 17:18 - 2014-07-21 17:18 - 00688992 ____R (Swearware) C:\Documents and Settings\user\Plocha\dds.exe
2014-07-21 17:10 - 2014-07-21 17:10 - 00000682 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
2014-07-21 17:10 - 2014-07-21 17:10 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-21 17:10 - 2014-07-21 17:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\CCleaner
2014-07-21 17:10 - 2014-07-21 17:10 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\CCleaner
2014-07-21 17:10 - 2014-03-04 22:04 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-07-21 17:10 - 2014-03-04 22:04 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-07-21 17:10 - 2014-03-04 22:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Plocha
2014-07-21 17:09 - 2014-03-04 22:07 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Data aplikací\Google
2014-07-21 17:09 - 2014-03-04 22:03 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2014-07-21 17:09 - 2014-03-04 21:36 - 00000000 __RHD () C:\Documents and Settings\user\Data aplikací
2014-07-21 17:09 - 2002-01-01 22:57 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-07-21 17:03 - 2014-07-21 17:03 - 01080320 _____ (Farbar) C:\Documents and Settings\user\Plocha\FRST.exe
2014-07-21 17:02 - 2014-07-21 17:02 - 01107968 _____ () C:\Documents and Settings\user\Plocha\RSIT.exe
2014-07-21 16:57 - 2014-03-09 18:08 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-21 16:36 - 2014-03-04 22:07 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 07:24 - 2014-03-05 20:16 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-07-20 21:12 - 2014-03-04 21:36 - 00000000 ___HD () C:\Documents and Settings\user\Local Settings\Data aplikací
2014-07-20 12:39 - 2014-03-04 22:08 - 00001813 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
2014-07-15 13:11 - 2014-03-16 10:10 - 00000000 ____D () C:\Documents and Settings\user\Plocha\Nikola
2014-07-15 13:11 - 2013-02-24 18:49 - 00000000 ____D () C:\Documents and Settings\user\Plocha\filmy nikola
2014-07-09 10:08 - 2012-05-23 18:26 - 00000000 ____D () C:\Documents and Settings\user\Plocha\hudba
2014-07-09 09:58 - 2014-07-09 08:48 - 620913388 _____ () C:\Documents and Settings\user\Plocha\4.oneway_mix-letitroll_festival.wav
2014-07-09 08:59 - 2014-07-09 08:59 - 11204096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-09 08:59 - 2014-03-09 18:08 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-09 08:59 - 2014-03-09 18:08 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-06-26 16:38 - 2014-03-05 23:07 - 00071168 _____ () C:\Documents and Settings\user\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Documents and Settings\MSimek\Local Settings\Temp\comver.dll
C:\Documents and Settings\MSimek\Local Settings\Temp\DTLite4461-0327.exe
C:\Documents and Settings\MSimek\Local Settings\Temp\EBU187.EXE
C:\Documents and Settings\MSimek\Local Settings\Temp\EBU188.DLL
C:\Documents and Settings\MSimek\Local Settings\Temp\mpegc.dll
C:\Documents and Settings\MSimek\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\MSimek\Local Settings\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS_8070.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:20-07-2014
Ran by user at 2014-07-21 17:29:02
Running from C:\Documents and Settings\user\Plocha
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0625.1811 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.631-090625a-084196C - )
ATI Parental Control & Encoder (Version: 3.0 - Název společnosti:) Hidden
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Catalyst Control Center Core Implementation (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Localization All (Version: 2009.0625.1812.30825 - ATI) Hidden
CCC Help Czech (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Danish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Dutch (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help English (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Finnish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help French (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help German (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Greek (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Italian (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Japanese (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Korean (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Polish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Russian (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Spanish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Swedish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Thai (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Turkish (Version: 2009.0625.1811.30825 - ATI) Hidden
ccc-core-preinstall (Version: 2009.0625.1812.30825 - ATI) Hidden
ccc-core-static (Version: 2009.0625.1812.30825 - ATI) Hidden
ccc-utility (Version: 2009.0625.1812.30825 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM\...\Cool's_Codec_pack_4.12) (Version: - )
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Half-Life Dedicated Server Update Tool (HKLM\...\Half-Life Dedicated Server Update Tool) (Version: - )
Microsoft .NET Framework 2.0 (HKLM\...\Microsoft .NET Framework 2.0) (Version: - Microsoft Corporation)
Microsoft .NET Framework 2.0 (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 cs) (HKLM\...\Mozilla Firefox 30.0 (x86 cs)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
Oprava Hotfix systému Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6873 - Realtek Semiconductor Corp.)
Skins (Version: 2009.0625.1812.30825 - ATI) Hidden
Softarová utilita ATI - Odinstalovat (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
==================== Restore Points =========================
21-07-2014 15:10:04 Kontrolní bod systému
21-07-2014 15:24:39 avast! antivirus system restore point
==================== Hosts content: ==========================
2001-10-25 14:00 - 2001-10-25 14:00 - 00000737 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{61ACE36D-D796-4A23-86E6-54010246ED98}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2014-07-21 15:46 - 2014-07-21 15:46 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14072100\algo.dll
2002-01-02 00:18 - 2012-02-17 21:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2002-01-02 00:18 - 2012-02-21 01:08 - 00344064 _____ () C:\Program Files\WinRAR\rarlng.dll
2014-03-04 22:07 - 2014-03-04 22:07 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-04 21:43 - 2014-03-04 21:43 - 00014848 _____ () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2014-03-04 21:43 - 2014-03-04 21:43 - 00270336 _____ () C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/21/2014 04:56:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul AcGenral.dll, verze 5.1.2600.5512, adresa chyby 0x000116e2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])
Error: (07/21/2014 04:30:01 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: Chybující aplikace svchost.exe, verze 0.0.0.0, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Chyba při vytváření výsledného kontejneru PEAP-TLV v odezvě na přijatý kontejner PEAP-TLV (svchost.exe!ld!)
Error: (07/21/2014 04:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace , verze 0.0.0.0, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Zpracování události, specifické pro médium ([!ws!])
Error: (07/21/2014 03:48:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul AcGenral.dll, verze 5.1.2600.5512, adresa chyby 0x000116e2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])
Error: (07/20/2014 09:28:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul AcGenral.dll, verze 5.1.2600.5512, adresa chyby 0x000116e2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])
Error: (07/20/2014 09:14:59 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: Chybující aplikace svchost.exe, verze 0.0.0.0, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Chyba při vytváření výsledného kontejneru PEAP-TLV v odezvě na přijatý kontejner PEAP-TLV (svchost.exe!ld!)
Error: (07/20/2014 09:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace , verze 0.0.0.0, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Zpracování události, specifické pro médium ([!ws!])
Error: (07/20/2014 06:20:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x6f8917c2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])
Error: (07/20/2014 05:29:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul AcGenral.dll, verze 5.1.2600.5512, adresa chyby 0x000116e2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])
Error: (07/20/2014 02:14:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul AcGenral.dll, verze 5.1.2600.5512, adresa chyby 0x000116e2.
Zpracování události, specifické pro médium ([svchost.exe!ws!])
System errors:
=============
Error: (07/21/2014 05:23:44 PM) (Source: W32Time) (EventID: 29) (User: )
Description: Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není aktuálně k dispozici.
Po dobu 14 minut nebude proveden žádný pokus o kontaktování zdroje.
Klient NTP nemá k dispozici žádný zdroj času.
Error: (07/21/2014 05:23:44 PM) (Source: W32Time) (EventID: 17) (User: )
Description: Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně nakonfigurovaného partnera
time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí o vyhledání pomocí služby DNS
znovu za 15 minut.
Chyba: Došlo k pokusu o operaci se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error: (07/19/2014 04:36:42 PM) (Source: W32Time) (EventID: 29) (User: )
Description: Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není aktuálně k dispozici.
Po dobu 14 minut nebude proveden žádný pokus o kontaktování zdroje.
Klient NTP nemá k dispozici žádný zdroj času.
Error: (07/19/2014 04:36:42 PM) (Source: W32Time) (EventID: 17) (User: )
Description: Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně nakonfigurovaného partnera
time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí o vyhledání pomocí služby DNS
znovu za 15 minut.
Chyba: Došlo k pokusu o operaci se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error: (07/18/2014 06:27:22 PM) (Source: W32Time) (EventID: 29) (User: )
Description: Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není aktuálně k dispozici.
Po dobu 14 minut nebude proveden žádný pokus o kontaktování zdroje.
Klient NTP nemá k dispozici žádný zdroj času.
Error: (07/18/2014 06:27:22 PM) (Source: W32Time) (EventID: 17) (User: )
Description: Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně nakonfigurovaného partnera
time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí o vyhledání pomocí služby DNS
znovu za 15 minut.
Chyba: Došlo k pokusu o operaci se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error: (07/18/2014 04:04:57 PM) (Source: W32Time) (EventID: 29) (User: )
Description: Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není aktuálně k dispozici.
Po dobu 14 minut nebude proveden žádný pokus o kontaktování zdroje.
Klient NTP nemá k dispozici žádný zdroj času.
Error: (07/18/2014 04:04:57 PM) (Source: W32Time) (EventID: 17) (User: )
Description: Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně nakonfigurovaného partnera
time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí o vyhledání pomocí služby DNS
znovu za 15 minut.
Chyba: Došlo k pokusu o operaci se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error: (07/18/2014 07:03:03 AM) (Source: W32Time) (EventID: 29) (User: )
Description: Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není aktuálně k dispozici.
Po dobu 14 minut nebude proveden žádný pokus o kontaktování zdroje.
Klient NTP nemá k dispozici žádný zdroj času.
Error: (07/18/2014 07:03:03 AM) (Source: W32Time) (EventID: 17) (User: )
Description: Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně nakonfigurovaného partnera
time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí o vyhledání pomocí služby DNS
znovu za 15 minut.
Chyba: Došlo k pokusu o operaci se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Microsoft Office Sessions:
=========================
Error: (07/21/2014 04:56:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.5512AcGenral.dll5.1.2600.5512000116e2
Error: (07/21/2014 04:30:01 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: svchost.exe0.0.0.0unknown0.0.0.000000000
Error: (07/21/2014 04:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 0.0.0.0unknown0.0.0.000000000
Error: (07/21/2014 03:48:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.5512AcGenral.dll5.1.2600.5512000116e2
Error: (07/20/2014 09:28:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.5512AcGenral.dll5.1.2600.5512000116e2
Error: (07/20/2014 09:14:59 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: svchost.exe0.0.0.0unknown0.0.0.000000000
Error: (07/20/2014 09:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 0.0.0.0unknown0.0.0.000000000
Error: (07/20/2014 06:20:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.5512unknown0.0.0.06f8917c2
Error: (07/20/2014 05:29:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.5512AcGenral.dll5.1.2600.5512000116e2
Error: (07/20/2014 02:14:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.5512AcGenral.dll5.1.2600.5512000116e2
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 1791.16 MB
Available physical RAM: 1258.31 MB
Total Pagefile: 3685.75 MB
Available Pagefile: 3244.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:166.02 GB) (Free:16.97 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:299.74 GB) (Free:257.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 10571057)
Partition 1: (Active) - (Size=166 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300 GB) - (Type=OF Extended)
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka po cisteni PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka po cisteni PC
Zdravim 
Ktere programy byly pouzity na to cisteni?
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Ktere programy byly pouzity na to cisteni? Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka po cisteni PC
Ozyvam se po dlouhe dobe, ale prece
Na cisteni byl pouzi Ccleaner.
Posilam log a mezitim zacaly problemy viz screen
# AdwCleaner v3.308 - Report created 27/08/2014 at 18:00:42
# Updated 20/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - USER-4DF80C3055
# Running from : C:\Documents and Settings\user\Plocha\adwcleaner_3.308.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\MSimek\Data aplikací\CheckPoint\ZoneAlarm LTD Toolbar
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Documents and Settings\MSimek\Data aplikací\Mozilla\Firefox\Profiles\iknwqihw.default\prefs.js ]
[ File : C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\tj5cm1ty.default\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ File : C:\Documents and Settings\MSimek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1337 octets] - [27/08/2014 17:57:08]
AdwCleaner[S0].txt - [1260 octets] - [27/08/2014 18:00:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1320 octets] ##########
Na cisteni byl pouzi Ccleaner.
Posilam log a mezitim zacaly problemy viz screen
# AdwCleaner v3.308 - Report created 27/08/2014 at 18:00:42
# Updated 20/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - USER-4DF80C3055
# Running from : C:\Documents and Settings\user\Plocha\adwcleaner_3.308.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\MSimek\Data aplikací\CheckPoint\ZoneAlarm LTD Toolbar
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Documents and Settings\MSimek\Data aplikací\Mozilla\Firefox\Profiles\iknwqihw.default\prefs.js ]
[ File : C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\tj5cm1ty.default\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ File : C:\Documents and Settings\MSimek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Documents and Settings\user\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1337 octets] - [27/08/2014 17:57:08]
AdwCleaner[S0].txt - [1260 octets] - [27/08/2014 18:00:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1320 octets] ##########
- Přílohy
-
- Bez názvu.JPG (51.45 KiB) Zobrazeno 538 x
Re: Preventivka po cisteni PC
Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=11522211.10. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?