Nefungující přehrávač

Zpráva

#16 Příspěvek od **Márty84** » 21 črc 2015 02:06

Nastala nejaka zmena?

DESTNA22 · #17 Příspěvek od **DESTNA22** » 24 črc 2015 16:26

Změna k lepšímu nastala,stream už funguje.Problém už je pouze s blokovanými stránkami-na jiném PC jsou samozřejmě funkční.

#18 Příspěvek od **Márty84** » 24 črc 2015 21:31

To blokovani stranek je ve vsech prohlizecich?

DESTNA22 · #19 Příspěvek od **DESTNA22** » 27 črc 2015 19:17

V Exploreru fungují všechny stránky,zlobí jen Opera a Chrome(stránky szu.cz a radiohistoria.sk)

#20 Příspěvek od **Márty84** » 28 črc 2015 08:28

Vyzkousejte, jestli stranky funguji, kdyz na chvili vypnete antivir a firewall. Pak zkuste, jestli funguji v nouzovem rezimu s praci v siti.

DESTNA22 · #21 Příspěvek od **DESTNA22** » 29 črc 2015 17:03

Vyzkoušel jsem všechny tři možnosti-žádná změna.

#22 Příspěvek od **Márty84** » 29 črc 2015 18:52

Pokud na jinem pc ve stejne siti stranky jdou a u vas jdou v IE, ale v tech dalsich dvou prohlizecich ne, je problem v tech prohlizecich. Odinstaloval jste je opravdu poradne? Se vsemi zbytky?

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

DESTNA22 · #23 Příspěvek od **DESTNA22** » 31 črc 2015 20:46

Opravuji a omlouvám se.Ani v IE nejdou stránky zobrazit zadáním adresy,jen z odkazu.Jinak jsem Operu znova nainstaloval.Výsledek Combofixu zde:
ComboFix 15-07-31.01 - Vlastník 31.07.2015 20:27:37.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1124 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vlastník\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-28 do 2015-07-31 )))))))))))))))))))))))))))))))
.
.
2015-07-31 17:45 . 2015-07-31 17:45 19303112 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2015-07-27 16:30 . 2015-07-27 16:30 161472 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2015-07-27 16:30 . 2015-07-27 16:30 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-07-27 16:30 . 2015-07-27 16:30 43112 ----a-w- c:\windows\avastSS.scr
2015-07-20 15:39 . 2015-07-20 15:39 -------- d-----w- C:\zoek
2015-07-19 12:10 . 2015-07-19 12:14 -------- d-----w- c:\program files\Opera
2015-07-15 15:07 . 2015-07-15 15:07 -------- d-----w- c:\program files\CCleaner
2015-07-13 15:21 . 2015-07-13 15:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2015-07-13 15:21 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-31 17:45 . 2012-04-13 16:32 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-31 17:45 . 2011-09-27 11:21 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-27 16:30 . 2014-07-17 15:20 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-27 16:30 . 2013-03-20 18:20 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-27 16:30 . 2013-03-20 18:20 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-27 16:30 . 2013-03-20 18:20 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-27 16:30 . 2011-09-27 11:10 433264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-07-27 16:30 . 2011-09-27 11:10 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-07-27 16:30 . 2011-09-27 11:10 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-07-27 16:30 . 2011-09-27 11:33 788784 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-19 13:28 . 2015-02-12 20:56 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-04-01 18:34 . 2012-04-01 18:34 32811469 ----a-w- c:\program files\WDM_R267.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-27 16:30 692512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-11-23 442640]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-07-27 6109776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [20.3.2013 20:20 49776]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [20.3.2013 20:20 208664]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [20.3.2013 20:20 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.9.2011 13:33 788784]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.9.2011 13:10 433264]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [17.7.2014 17:20 24016]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [20.3.2013 20:20 76000]
R3 aswStmXP;Avast StreamFilter Driver;c:\windows\system32\drivers\aswStmXP.sys [27.7.2015 18:30 161472]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1.4.2012 20:36 1691480]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.1.2013 21:37 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.1.2013 21:37 8576]
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 17:45]
.
2015-07-29 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-07-27 16:30]
.
2015-07-29 c:\windows\Tasks\Opera scheduled Autoupdate 1437307846.job
- c:\program files\Opera\launcher.exe [2015-07-19 13:44]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.16.0.5 172.16.10.1 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-07-31 20:30
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3036)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2015-07-31 20:31:49
ComboFix-quarantined-files.txt 2015-07-31 18:31
.
Před spuštěním: Volných bajtů: 447 005 999 104
Po spuštění: Volných bajtů: 447 150 710 784
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 878827CF317ED0B0BB8200979D94D2CF
413FC2A0C716421B3158746D63736515

#24 Příspěvek od **Márty84** » 01 srp 2015 07:50

Jde o to, ze ty stranky v tom pc fungujou, takze je nic neblokuje. Akorat nejdou z toho adresniho radku. Cili opet, problem je nekde v nastaveni

Zkuste spustit firefox v jeho nouzovem rezimu https://support.mozilla.org/cs/kb/Nouzo ... re%C5%BEim

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

DESTNA22 · #25 Příspěvek od **DESTNA22** » 02 srp 2015 17:51

Ano vypadá to na problém s nastavením,zkouším co umím ale nemohu na nic přijít.Pokud nemáte nějaký tip,není to až takový podstatný problém-lze to obejít.Firefox na mém PC nemám.Combofix zde
ComboFix 15-07-31.01 - Vlastník 02.08.2015 18:10:38.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1278 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vlastník\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Vlastník\Plocha\cfscript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-07-02 do 2015-08-02 )))))))))))))))))))))))))))))))
.
.
2015-08-02 14:08 . 2015-08-02 16:14 -------- d-----w- c:\windows\system32\config\systemprofile\Opera Autoupdate
2015-07-31 20:40 . 2015-07-31 20:40 -------- d-----w- c:\program files\predm
2015-07-31 20:38 . 2015-07-31 20:38 -------- d-----w- c:\documents and settings\Vlastník\Local Settings\Data aplikací\gamesdesktop
2015-07-31 20:36 . 2015-08-02 14:41 -------- d-----w- c:\program files\globalUpdate
2015-07-31 20:36 . 2015-07-31 20:36 -------- d-----w- c:\documents and settings\Vlastník\Local Settings\Data aplikací\globalUpdate
2015-07-31 20:34 . 2015-07-31 20:34 -------- d-----w- c:\program files\Seznam.cz
2015-07-31 20:34 . 2015-08-02 14:09 -------- d-----w- c:\documents and settings\Vlastník\Data aplikací\Seznam.cz
2015-07-31 20:34 . 2015-08-02 16:14 -------- d-----w- c:\documents and settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046
2015-07-31 20:34 . 2015-07-31 20:40 -------- d-----w- c:\program files\gmsd_re_002020046
2015-07-31 20:34 . 2015-07-31 20:36 -------- d-----w- c:\program files\GUPlayer
2015-07-31 20:25 . 2015-07-31 20:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\7b24ec7cc000461ebe26d116b88142c8
2015-07-31 20:25 . 2015-07-31 20:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SecurityUtility
2015-07-31 20:24 . 2015-07-31 20:46 -------- d-----w- c:\program files\OLBPre
2015-07-31 20:21 . 2015-07-31 20:21 -------- d-----w- c:\documents and settings\Vlastník\Data aplikací\dlg
2015-07-31 20:18 . 2015-07-31 20:34 -------- d-----w- c:\program files\Zrychleni Pocitace
2015-07-31 20:18 . 2015-07-31 20:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IHProtectUpDate
2015-07-31 20:18 . 2015-07-31 20:18 -------- d-----w- c:\program files\MiuiTab
2015-07-31 20:18 . 2015-07-31 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SWinManProS
2015-07-31 20:18 . 2015-07-31 20:18 0 ----a-w- c:\windows\prleth.sys
2015-07-31 20:18 . 2015-07-31 20:18 0 ----a-w- c:\windows\hgfs.sys
2015-07-31 18:57 . 2015-07-31 18:58 -------- d-----w- c:\program files\Opera
2015-07-31 17:45 . 2015-07-31 17:45 19303112 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2015-07-27 16:30 . 2015-07-27 16:30 161472 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2015-07-27 16:30 . 2015-07-27 16:30 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-07-27 16:30 . 2015-07-27 16:30 43112 ----a-w- c:\windows\avastSS.scr
2015-07-20 15:39 . 2015-07-20 15:39 -------- d-----w- C:\zoek
2015-07-15 15:07 . 2015-07-15 15:07 -------- d-----w- c:\program files\CCleaner
2015-07-13 15:21 . 2015-07-13 15:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2015-07-13 15:21 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-31 17:45 . 2012-04-13 16:32 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-31 17:45 . 2011-09-27 11:21 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-27 16:30 . 2014-07-17 15:20 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-27 16:30 . 2013-03-20 18:20 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-27 16:30 . 2013-03-20 18:20 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-27 16:30 . 2013-03-20 18:20 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-27 16:30 . 2011-09-27 11:10 433264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-07-27 16:30 . 2011-09-27 11:10 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-07-27 16:30 . 2011-09-27 11:10 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-07-27 16:30 . 2011-09-27 11:33 788784 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-19 13:28 . 2015-02-12 20:56 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-04-01 18:34 . 2012-04-01 18:34 32811469 ----a-w- c:\program files\WDM_R267.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-27 16:30 692512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-11-23 442640]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
"cz.seznam.software.szndesktop"="c:\documents and settings\Vlastník\Data aplikací\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
"cz.seznam.software.autoupdate"="c:\documents and settings\Vlastník\Data aplikací\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-07-27 6109776]
"upgmsd_re_002020046.exe"="c:\documents and settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046\upgmsd_re_002020046.exe" [2015-07-30 3320976]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [20.3.2013 20:20 49776]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [20.3.2013 20:20 208664]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [20.3.2013 20:20 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.9.2011 13:33 788784]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.9.2011 13:10 433264]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [17.7.2014 17:20 24016]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [20.3.2013 20:20 76000]
R2 IHProtect Service;IHProtect Service;c:\program files\MiuiTab\ProtectService.exe [30.7.2015 4:42 125112]
R2 WindowsMangerProtect;WindowsMangerProtect Service;c:\documents and settings\All Users\Data aplikací\SWinManProS\ProtectWindowsManager.exe -service --> c:\documents and settings\All Users\Data aplikací\SWinManProS\ProtectWindowsManager.exe -service [?]
R3 aswStmXP;Avast StreamFilter Driver;c:\windows\system32\drivers\aswStmXP.sys [27.7.2015 18:30 161472]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1.4.2012 20:36 1691480]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.1.2013 21:37 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.1.2013 21:37 8576]
.
Obsah adresáře 'Naplánované úlohy'
.
2015-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 17:45]
.
2015-08-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-07-27 16:30]
.
2015-08-02 c:\windows\Tasks\Opera scheduled Autoupdate 1438368498.job
- c:\program files\Opera\launcher.exe [2015-07-31 13:44]
.
2015-08-02 c:\windows\Tasks\Opera scheduled Autoupdate 1438369079.job
- c:\program files\Opera\launcher.exe [2015-07-31 13:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=14383 ... 6172061720
mStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=14383 ... 6172061720
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.16.0.5 172.16.10.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-gmsd_re_002020046 - (no file)
AddRemove-SecurityUtility - c:\documents and settings\All Users\Data aplikac?\SecurityUtility\SoftConfigTest.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-08-02 18:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2432)
c:\documents and settings\Vlastník\Data aplikací\Seznam.cz\bin\28294libfoxloader.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\zuzka\Nokia PC Suite 7\PhoneBrowser.dll
c:\zuzka\Nokia PC Suite 7\NGSCM.DLL
c:\zuzka\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\zuzka\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\documents and settings\All Users\Data aplikací\SWinManProS\ProtectWindowsManager.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\MiuiTab\cmdshell.exe
c:\program files\MiuiTab\HPNotify.exe
c:\windows\RTHDCPL.EXE
c:\documents and settings\Vlastník\Data aplikací\Seznam.cz\bin\szndesktop.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2015-08-02 18:17:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-08-02 16:17
ComboFix2.txt 2015-07-31 18:31
.
Před spuštěním: Volných bajtů: 446 313 197 568
Po spuštění: Volných bajtů: 446 644 269 056
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 44E865FDD93330D6BC56A9E6D9410F8B
413FC2A0C716421B3158746D63736515

#26 Příspěvek od **Márty84** » 03 srp 2015 00:57

DESTNA22 píše:Firefox na mém PC nemám.

Tim lip. Vyzkousejte ho. Kdyz se bude ptat, jestli chcete integrovat nastaveni z jinych prohlizecu, odmitnete to.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

DESTNA22 · #27 Příspěvek od **DESTNA22** » 03 srp 2015 20:15

Ano, Firefox vyzkouším.OTL přikládám.
OTL logfile created on: 3.8.2015 20:52:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Vlastník\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 70,26% Memory free
3,60 Gb Paging File | 3,18 Gb Available in Paging File | 88,29% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 415,94 Gb Free Space | 89,31% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 6,47 Gb Free Space | 86,81% Space Free | Partition Type: FAT32

Computer Name: VLASTN-566ACEAC | User Name: Vlastník | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.08.03 20:48:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vlastník\Plocha\OTL.exe
PRC - [2015.07.30 14:28:28 | 003,320,976 | ---- | M] () -- C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046\upgmsd_re_002020046.exe
PRC - [2015.07.27 18:30:28 | 006,109,776 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2015.07.27 18:30:26 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2015.06.01 20:27:22 | 006,405,912 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\szndesktop.exe
PRC - [2011.11.23 15:17:10 | 000,442,640 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011.11.23 15:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2015.08.03 20:13:15 | 002,959,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\15080301\algo.dll
MOD - [2015.08.02 16:09:50 | 002,959,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\15080101\algo.dll
MOD - [2015.07.30 14:28:28 | 003,320,976 | ---- | M] () -- C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046\upgmsd_re_002020046.exe
MOD - [2015.07.27 18:30:27 | 000,102,864 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\log.dll
MOD - [2015.07.27 18:30:26 | 000,123,976 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
MOD - [2015.06.01 19:28:38 | 000,047,104 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1029.dll
MOD - [2015.05.26 13:39:20 | 001,778,376 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\libfoxcub.dll
MOD - [2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\szndesktop.exe
MOD - [2015.05.26 13:38:34 | 000,862,888 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\lightspeed.dll
MOD - [2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\28294libfoxloader.dll
MOD - [2015.04.21 19:40:51 | 040,540,672 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2015.02.17 10:35:00 | 000,764,416 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\libchinst.dll
MOD - [2012.10.24 16:42:06 | 000,247,352 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\unlockInstance.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2015.07.31 19:45:21 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.07.27 18:30:26 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.11.23 15:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\VLASTN~1\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2015.07.27 18:30:30 | 000,433,264 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2015.07.27 18:30:30 | 000,208,664 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.07.27 18:30:30 | 000,161,472 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswStmXP.sys -- (aswStmXP)
DRV - [2015.07.27 18:30:30 | 000,076,000 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015.07.27 18:30:30 | 000,057,888 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2015.07.27 18:30:30 | 000,055,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2015.07.27 18:30:30 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.07.27 18:30:30 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.07.27 18:30:22 | 000,788,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 01:33:22 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.11.09 16:33:32 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.11.09 16:33:32 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.11.09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.11.09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.11.09 16:33:30 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.11.09 16:33:30 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.10.17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2011.12.13 18:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.11.23 15:17:08 | 000,131,856 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010.07.06 05:13:10 | 000,234,392 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.04.08 20:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2010.03.22 12:29:08 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 6172061720
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?type= ... earchTerms}
IE - HKLM\..\SearchScopes\{9B58AFEB-3F3B-494B-944C-69D23CED7238}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes,DefaultScope = {E36265ED-3621-46E9-A8C2-C0D0AD116355}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{3B3B5D40-5B9E-4205-BA1C-226F4600C9AA}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{5CA53FBE-B95A-4912-B74E-BF4450A62967}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{72D363DC-E7F1-4D54-83E1-759BD44F924B}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{9B58AFEB-3F3B-494B-944C-69D23CED7238}: "URL" = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{C9D07BC4-5F5D-4B9A-82D3-5A868EA63DC2}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{CFEA5B8D-4B0F-469D-A098-CDE69DE18D50}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{D4208935-DBEA-4095-954D-E23F0861DF97}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{E36265ED-3621-46E9-A8C2-C0D0AD116355}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.mystartsearch.com/web/?utm_s ... earchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{EFF739DB-0B78-4F07-878A-9F915E342237}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{F5F8CA78-C87D-4B7C-B703-2FE092FBF6AA}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_20808
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015.07.27 18:30:24 | 000,000,000 | ---D | M]

[2012.05.05 13:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vlastník\Data aplikací\Mozilla\Extensions

O1 HOSTS File: ([2015.08.02 18:14:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [upgmsd_re_002020046.exe] C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046\upgmsd_re_002020046.exe ()
O4 - HKU\S-1-5-21-1275210071-573735546-725345543-1004..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1275210071-573735546-725345543-1004..\Run: [cz.seznam.software.autoupdate] C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-1275210071-573735546-725345543-1004..\Run: [cz.seznam.software.szndesktop] C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-1275210071-573735546-725345543-1004..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1275210071-573735546-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1275210071-573735546-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1275210071-573735546-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1275210071-573735546-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.5 172.16.10.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B58ADFD6-4819-4E55-9389-2888119EB6A5}: DhcpNameServer = 172.16.0.5 172.16.10.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.09.27 11:45:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.08.03 20:48:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vlastník\Plocha\OTL.exe
[2015.08.02 18:56:27 | 000,000,000 | R--D | C] -- C:\Sandbox
[2015.08.02 18:09:19 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2015.07.31 22:40:13 | 000,000,000 | ---D | C] -- C:\Program Files\predm
[2015.07.31 22:38:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gamesdesktop
[2015.07.31 22:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2015.07.31 22:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\globalUpdate
[2015.07.31 22:34:47 | 000,000,000 | ---D | C] -- C:\Program Files\Seznam.cz
[2015.07.31 22:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz
[2015.07.31 22:34:27 | 000,000,000 | ---D | C] -- C:\Program Files\gmsd_re_002020046
[2015.07.31 22:34:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046
[2015.07.31 22:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\GUPlayer
[2015.07.31 22:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\7b24ec7cc000461ebe26d116b88142c8
[2015.07.31 22:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SecurityUtility
[2015.07.31 22:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\OLBPre
[2015.07.31 22:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Data aplikací\dlg
[2015.07.31 22:18:38 | 000,000,000 | ---D | C] -- C:\Program Files\Zrychleni Pocitace
[2015.07.31 22:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IHProtectUpDate
[2015.07.31 22:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SWinManProS
[2015.07.31 20:57:59 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2015.07.31 20:24:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2015.07.31 20:24:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2015.07.31 20:24:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2015.07.31 20:24:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2015.07.31 20:24:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2015.07.31 20:21:12 | 005,633,745 | R--- | C] (Swearware) -- C:\Documents and Settings\Vlastník\Plocha\ComboFix.exe
[2015.07.31 19:45:16 | 019,303,112 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2015.07.27 18:30:48 | 000,161,472 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswStmXP.sys
[2015.07.27 18:30:34 | 000,313,472 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2015.07.27 18:30:28 | 000,043,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2015.07.20 17:39:31 | 000,000,000 | ---D | C] -- C:\zoek
[2015.07.20 17:30:35 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2015.07.20 17:05:54 | 001,798,288 | ---- | C] (Malwarebytes Corporation) -- C:\Documents and Settings\Vlastník\Plocha\JRT.exe
[2015.07.19 14:03:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Dokumenty\Downloads
[2015.07.15 17:10:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Vlastník\Recent
[2015.07.15 17:07:49 | 004,532,776 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Vlastník\Dokumenty\dfsetup219.exe
[2015.07.15 17:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.07.15 17:05:08 | 006,565,736 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Vlastník\Dokumenty\ccsetup507.exe
[2015.07.14 17:35:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Nabídka Start\Programy\CyberLink PowerDVD
[2015.07.13 17:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2015.07.13 17:21:03 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2015.07.13 17:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.01 20:34:21 | 032,811,469 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Program Files\WDM_R267.exe

========== Files - Modified Within 30 Days ==========

[2015.08.03 20:53:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.08.03 20:49:00 | 000,000,398 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1438368498.job
[2015.08.03 20:48:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vlastník\Plocha\OTL.exe
[2015.08.03 20:45:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015.08.03 09:43:10 | 000,071,602 | ---- | M] () -- C:\Documents and Settings\Vlastník\Dokumenty\fa_3520076404 (2).pdf
[2015.08.03 09:43:09 | 000,071,602 | ---- | M] () -- C:\Documents and Settings\Vlastník\Dokumenty\fa_3520076404 (1).pdf
[2015.08.03 09:37:48 | 000,071,602 | ---- | M] () -- C:\Documents and Settings\Vlastník\Dokumenty\fa_3520076404.pdf
[2015.08.02 18:30:00 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2015.08.02 18:14:40 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2015.08.02 18:14:36 | 000,000,398 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1438369079.job
[2015.08.02 18:14:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015.08.02 18:14:27 | 1878,249,472 | -HS- | M] () -- C:\hiberfil.sys
[2015.08.02 18:09:24 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2015.08.02 16:33:29 | 000,109,018 | ---- | M] () -- C:\Documents and Settings\Vlastník\Dokumenty\faktura_16fv00523.pdf
[2015.08.02 16:07:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015.07.31 22:18:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\prleth.sys
[2015.07.31 22:18:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\hgfs.sys
[2015.07.31 22:15:55 | 000,517,400 | ---- | M] ( ) -- C:\Documents and Settings\Vlastník\Dokumenty\SandboxieInstall348.exe
[2015.07.31 20:58:02 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2015.07.31 20:26:34 | 000,000,327 | ---- | M] () -- C:\Boot.bak
[2015.07.31 20:21:26 | 005,633,745 | R--- | M] (Swearware) -- C:\Documents and Settings\Vlastník\Plocha\ComboFix.exe
[2015.07.31 19:45:21 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2015.07.31 19:45:20 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2015.07.31 19:45:16 | 019,303,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2015.07.29 19:34:36 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Vlastník\Plocha\Microsoft Office Word 2003.lnk
[2015.07.29 17:54:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2015.07.27 18:30:30 | 000,433,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2015.07.27 18:30:30 | 000,208,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2015.07.27 18:30:30 | 000,161,472 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswStmXP.sys
[2015.07.27 18:30:30 | 000,076,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2015.07.27 18:30:30 | 000,057,888 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2015.07.27 18:30:30 | 000,055,200 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2015.07.27 18:30:30 | 000,049,776 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2015.07.27 18:30:30 | 000,024,016 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2015.07.27 18:30:28 | 000,313,472 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2015.07.27 18:30:28 | 000,043,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2015.07.27 18:30:22 | 000,788,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2015.07.26 20:23:15 | 000,218,972 | ---- | M] () -- C:\Documents and Settings\Vlastník\Dokumenty\2015_zpravodaj_31.pdf
[2015.07.20 19:03:01 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Vlastník\Plocha\Microsoft Office Excel 2003.lnk
[2015.07.20 17:42:24 | 143,421,440 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2015.07.20 17:29:55 | 001,308,672 | ---- | M] () -- C:\Documents and Settings\Vlastník\Plocha\zoek.exe
[2015.07.20 17:06:00 | 001,798,288 | ---- | M] (Malwarebytes Corporation) -- C:\Documents and Settings\Vlastník\Plocha\JRT.exe
[2015.07.19 15:28:05 | 000,035,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2015.07.19 15:27:16 | 018,070,088 | ---- | M] () -- C:\Documents and Settings\Vlastník\Plocha\RogueKiller.exe
[2015.07.19 15:14:24 | 000,753,480 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Vlastník\Dokumenty\install_flashplayer11x32ax_gtbd_aih.exe
[2015.07.16 20:52:13 | 000,000,459 | ---- | M] () -- C:\Documents and Settings\Vlastník\Plocha\Zástupce - screen.lnk
[2015.07.15 17:07:54 | 004,532,776 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Vlastník\Dokumenty\dfsetup219.exe
[2015.07.15 17:07:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2015.07.15 17:05:14 | 006,565,736 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Vlastník\Dokumenty\ccsetup507.exe
[2015.07.13 17:21:04 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2015.07.09 21:35:34 | 000,097,721 | ---- | M] () -- C:\Documents and Settings\Vlastník\Dokumenty\409946621.PDF

========== Files Created - No Company Name ==========

[2015.08.03 20:53:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.08.03 09:43:10 | 000,071,602 | ---- | C] () -- C:\Documents and Settings\Vlastník\Dokumenty\fa_3520076404 (2).pdf
[2015.08.03 09:43:09 | 000,071,602 | ---- | C] () -- C:\Documents and Settings\Vlastník\Dokumenty\fa_3520076404 (1).pdf
[2015.08.03 09:37:47 | 000,071,602 | ---- | C] () -- C:\Documents and Settings\Vlastník\Dokumenty\fa_3520076404.pdf
[2015.08.02 16:33:28 | 000,109,018 | ---- | C] () -- C:\Documents and Settings\Vlastník\Dokumenty\faktura_16fv00523.pdf
[2015.08.02 16:08:20 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Vlastník\Nabídka Start\Programy\Internet Explorer.lnk
[2015.07.31 22:18:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\prleth.sys
[2015.07.31 22:18:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hgfs.sys
[2015.07.31 22:15:52 | 000,517,400 | ---- | C] ( ) -- C:\Documents and Settings\Vlastník\Dokumenty\SandboxieInstall348.exe
[2015.07.31 20:58:02 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2015.07.31 20:58:02 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
[2015.07.31 20:58:02 | 000,000,398 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1438369079.job
[2015.07.31 20:48:21 | 000,000,398 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1438368498.job
[2015.07.31 20:24:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2015.07.31 20:24:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2015.07.31 20:24:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2015.07.31 20:24:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2015.07.31 20:24:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2015.07.29 17:55:31 | 1878,249,472 | -HS- | C] () -- C:\hiberfil.sys
[2015.07.29 17:54:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2015.07.26 20:23:15 | 000,218,972 | ---- | C] () -- C:\Documents and Settings\Vlastník\Dokumenty\2015_zpravodaj_31.pdf
[2015.07.20 17:29:50 | 001,308,672 | ---- | C] () -- C:\Documents and Settings\Vlastník\Plocha\zoek.exe
[2015.07.19 16:38:00 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015.07.19 15:27:06 | 018,070,088 | ---- | C] () -- C:\Documents and Settings\Vlastník\Plocha\RogueKiller.exe
[2015.07.16 20:50:50 | 000,000,459 | ---- | C] () -- C:\Documents and Settings\Vlastník\Plocha\Zástupce - screen.lnk
[2015.07.15 17:07:12 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2015.07.13 17:21:04 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2015.07.09 21:35:34 | 000,097,721 | ---- | C] () -- C:\Documents and Settings\Vlastník\Dokumenty\409946621.PDF
[2015.03.09 23:30:14 | 000,005,487 | ---- | C] () -- C:\Documents and Settings\Vlastník\Data aplikací\BYAIAMUF
[2015.02.12 22:56:13 | 000,035,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2013.12.30 14:22:50 | 006,023,168 | ---- | C] () -- C:\Documents and Settings\Vlastník\P1000782.JPG
[2013.12.30 14:22:50 | 005,975,040 | ---- | C] () -- C:\Documents and Settings\Vlastník\P1000789.JPG
[2011.09.27 14:24:04 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013.10.18 23:09:28 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.06.21 20:18:03 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2015.07.31 22:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\7b24ec7cc000461ebe26d116b88142c8
[2011.09.27 13:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.12.05 21:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2015.07.31 22:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IHProtectUpDate
[2012.04.22 15:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.01.14 17:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2012.01.14 17:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2011.12.11 18:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2015.04.23 21:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RogueKiller
[2015.07.31 22:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SecurityUtility
[2015.08.02 18:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SWinManProS
[2013.12.06 12:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\AVAST Software
[2012.01.14 01:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\BSplayer
[2015.07.31 22:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\dlg
[2011.09.27 12:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\GHISLER
[2011.12.11 18:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Nokia
[2015.07.31 20:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Opera Software
[2011.12.11 18:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\PC Suite
[2012.07.20 21:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\QuickScan
[2015.08.02 18:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz
[2011.12.23 18:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2011.09.27 11:44:02 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.09.27 11:47:53 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.07.12 10:40:14 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2015.07.19 16:38:00 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2015.07.31 20:48:21 | 000,000,398 | ---- | C] () -- C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438368498.job
[2015.07.31 20:58:02 | 000,000,398 | ---- | C] () -- C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438369079.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVGTS.SYS >
[2010.04.08 20:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) MD5=52DCE3B30C9D61C8E20FE3C6DA4BDFB7 -- C:\WINDOWS\system32\drivers\nvgts.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.09.27 13:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Adobe
[2013.12.06 12:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\AVAST Software
[2012.01.14 01:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\BSplayer
[2011.11.02 23:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\CyberLink
[2015.07.31 22:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\dlg
[2011.09.27 12:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\GHISLER
[2013.10.10 21:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Google
[2011.10.28 22:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Help
[2011.09.27 11:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Identities
[2011.09.27 15:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Macromedia
[2011.10.04 21:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Malwarebytes
[2015.07.31 22:19:58 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Microsoft
[2012.05.05 13:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Mozilla
[2011.09.29 08:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Nero
[2011.12.11 18:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Nokia
[2015.07.31 20:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Opera Software
[2011.12.11 18:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\PC Suite
[2012.07.20 21:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\QuickScan
[2015.08.02 18:19:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz
[2011.12.23 18:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vlastník\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2013.02.13 21:38:19 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Documents and Settings\Vlastník\Data aplikací\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
[2013.02.13 21:38:19 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Documents and Settings\Vlastník\Data aplikací\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2013.02.13 21:38:19 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Documents and Settings\Vlastník\Data aplikací\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2013.02.13 21:38:19 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Documents and Settings\Vlastník\Data aplikací\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2013.02.13 21:38:19 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Documents and Settings\Vlastník\Data aplikací\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\sznsetup.exe
[2015.05.26 13:36:54 | 000,073,896 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\szndesktop.exe
[2015.05.26 13:38:44 | 000,103,080 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 11:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 13:52:36 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\data\ffinstall\regctrl.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.09.27 13:30:37 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.09.27 13:30:37 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.09.27 13:30:36 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.08.02 16:07:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SandboxieControl" = "C:\Program Files\Sandboxie\SbieCtrl.exe" -- [2011.11.23 15:17:10 | 000,442,640 | ---- | M] (SANDBOXIE L.T.D)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR -- [2015.06.01 20:27:22 | 006,405,912 | ---- | M] (Piriform Ltd)
"cz.seznam.software.szndesktop" = "C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q -- [2015.05.26 13:38:44 | 000,103,080 | ---- | M] ()
"cz.seznam.software.autoupdate" = "C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.08.03 20:53:54 | 000,000,512 | ---- | M] () MD5=2DC9F803281F49E37537B9EDBEE22EFC -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2009.04.17 10:10:22 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- \Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\28294libfoxloader.dll
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\28297libfoxloader-x64.dll
[2015.08.02 16:09:36 | 000,000,165 | ---- | M] () -- \Documents and Settings\Vlastník\Data aplikací\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Documents and Settings\Vlastník\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Documents and Settings\Vlastník\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2015.08.02 18:29:05 | 000,006,878 | ---- | M] () -- \Documents and Settings\Vlastník\Local Settings\Temporary Internet Files\Content.IE5\LUYX3Z9K\loader[1].js
[2015.07.27 18:30:26 | 000,072,440 | ---- | M] () -- \Program Files\Alwil Software\Avast5\aswWrcIELoader32.exe
[2 \Program Files\Alwil Software\Avast5\*.tmp files -> \Program Files\Alwil Software\Avast5\*.tmp -> ]
[2012.06.19 17:32:14 | 000,705,968 | ---- | M] () -- \Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe
[2012.06.26 02:55:15 | 000,000,032 | ---- | M] () -- \Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe.md5
[2012.06.26 02:14:42 | 000,466,432 | ---- | M] () -- \Program Files\Common Files\Bitdefender\SetupInformation\downloader\en-US\setupdownloader.ui
[2012.06.26 02:55:16 | 000,000,032 | ---- | M] () -- \Program Files\Common Files\Bitdefender\SetupInformation\downloader\en-US\setupdownloader.ui.md5
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2012.09.25 05:39:16 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2013.04.23 16:35:56 | 000,031,516 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2010.04.29 16:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.22 18:02:26 | 000,319,488 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2010.04.29 16:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2010.04.22 16:49:30 | 000,323,584 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2011.09.26 18:54:38 | 000,003,860 | ---- | M] () -- \Záloha\Disk_C\Documents and Settings\Vlastník\Local Settings\Temporary Internet Files\Content.IE5\RQO1FK9C\loader[1].js
[2011.09.26 13:51:38 | 000,001,849 | ---- | M] () -- \Záloha\Disk_C\Documents and Settings\Vlastník\Local Settings\Temporary Internet Files\Content.IE5\WLN1NKJX\loader[1].gif
[2011.09.26 13:54:34 | 000,006,331 | ---- | M] () -- \Záloha\Disk_C\Documents and Settings\Vlastník\Local Settings\Temporary Internet Files\Content.IE5\WLN1NKJX\loader[2].gif
[2011.05.09 13:52:16 | 000,002,560 | ---- | M] () -- \Zuzka\Nokia PC Suite 7\Lang\MapLoader_cze.NLR

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2014.05.14 00:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.11.05 22:54:04 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014.02.12 23:42:20 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.21 20:28:28 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.12 23:39:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 23:37:51 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[2011.06.12 19:25:08 | 000,000,024 | ---- | M] () -- \Záloha\Disk_C\Documents and Settings\Vlastník\Local Settings\Data aplikací\Google\Picasa2\cache\cacheindex_serial.pmp

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Vlastník\Dokumenty\install_flashplayer11x32ax_gtbd_aih.exe:SummaryInformation

< End of report >
OTL Extras logfile created on: 3.8.2015 20:52:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Vlastník\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 70,26% Memory free
3,60 Gb Paging File | 3,18 Gb Available in Paging File | 88,29% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 415,94 Gb Free Space | 89,31% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 6,47 Gb Free Space | 86,81% Space Free | Partition Type: FAT32

Computer Name: VLASTN-566ACEAC | User Name: Vlastník | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}" = Setup
"{80e00bb9-c390-4de1-98b5-ddddf15c3f68}" = Nero 9 Essentials
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 19 PPAPI
"Audacity_is1" = Audacity 1.2.6
"avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"ESET Online Scanner" = ESET Online Scanner v3
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 30.0.1835.125" = Opera Stable 30.0.1835.125
"PhotoFiltre" = PhotoFiltre
"PRO100 Demo verze 5_is1" = PRO100 verze 5 Demo
"QuickTime" = QuickTime
"Revo Uninstaller" = Revo Uninstaller 1.91
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9.7.2015 12:35:18 | Computer Name = VLASTN-566ACEAC | Source = Application Error | ID = 1000
Description = Chybující aplikace mbam.exe, verze 1.0.2.929, chybující modul msvcr100.dll,
verze 10.0.40219.325, adresa chyby 0x0008d6fd.

Error - 10.7.2015 14:19:41 | Computer Name = VLASTN-566ACEAC | Source = Application Error | ID = 1000
Description = Chybující aplikace mbam.exe, verze 1.0.2.929, chybující modul msvcr100.dll,
verze 10.0.40219.325, adresa chyby 0x0008d6fd.

Error - 20.7.2015 15:01:12 | Computer Name = VLASTN-566ACEAC | Source = Application Error | ID = 1000
Description = Chybující aplikace defraggler.exe, verze 2.19.0.982, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x59c7b9b0.

Error - 29.7.2015 12:19:25 | Computer Name = VLASTN-566ACEAC | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 43.0.2357.65, chybující modul
chrome.dll, verze 43.0.2357.65, adresa chyby 0x011be0e6.

Error - 31.7.2015 14:29:17 | Computer Name = VLASTN-566ACEAC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 31.7.2015 14:29:40 | Computer Name = VLASTN-566ACEAC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 31.7.2015 14:29:41 | Computer Name = VLASTN-566ACEAC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 31.7.2015 16:28:08 | Computer Name = VLASTN-566ACEAC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SandboxieInstall348.tmp, verze 51.1052.0.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.7.2015 16:37:00 | Computer Name = VLASTN-566ACEAC | Source = MsiInstaller | ID = 11309
Description = Product: Google Update Helper -- Error 1309. Error reading from file:
C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.
System error 3. Verify that the file exists and that you can access it.

Error - 31.7.2015 16:41:32 | Computer Name = VLASTN-566ACEAC | Source = Application Error | ID = 1000
Description = Chybující aplikace uninstall.exe, verze 0.0.0.0, chybující modul uninstall.exe,
verze 0.0.0.0, adresa chyby 0x000079f0.

[ System Events ]
Error - 30.7.2015 15:45:01 | Computer Name = VLASTN-566ACEAC | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.2 pro síťovou kartu se síťovou
adresou 6C626DC53B42 byla ukončena.

Error - 31.7.2015 12:58:12 | Computer Name = VLASTN-566ACEAC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.2 pro síťovou kartu s adresou 6C626DC53B42
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 2.8.2015 12:07:25 | Computer Name = VLASTN-566ACEAC | Source = Service Control Manager | ID = 7034
Description = Služba WindowsMangerProtect Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 2.8.2015 12:10:36 | Computer Name = VLASTN-566ACEAC | Source = Service Control Manager | ID = 7034
Description = Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 2.8.2015 12:10:36 | Computer Name = VLASTN-566ACEAC | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 2.8.2015 12:10:36 | Computer Name = VLASTN-566ACEAC | Source = Service Control Manager | ID = 7034
Description = Služba IHProtect Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 2.8.2015 12:10:36 | Computer Name = VLASTN-566ACEAC | Source = Service Control Manager | ID = 7034
Description = Služba Sandboxie Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 2.8.2015 12:23:27 | Computer Name = VLASTN-566ACEAC | Source = Service Control Manager | ID = 7034
Description = Služba WindowsMangerProtect Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 3.8.2015 3:25:59 | Computer Name = VLASTN-566ACEAC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.2 pro síťovou kartu s adresou 6C626DC53B42
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 3.8.2015 14:12:47 | Computer Name = VLASTN-566ACEAC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.2 pro síťovou kartu s adresou 6C626DC53B42
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

#28 Příspěvek od **Márty84** » 04 srp 2015 13:46

Vidim, ze uz je tam zas novy bordel. Kdy se vam to zase povedlo nasbirat? Vy moc pri instalacich nectete, ze?

Znovu pouzijte ADWCleaner!!!

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Co ta mozilla, funguje, nebo je to stejne?

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
catchme

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 6172061720
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?type= ... 2061720&q={searchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes,DefaultScope = {E36265ED-3621-46E9-A8C2-C0D0AD116355}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{9B58AFEB-3F3B-494B-944C-69D23CED7238}: "URL" = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
IE - HKU\S-1-5-21-1275210071-573735546-725345543-1004\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.mystartsearch.com/web/?utm_s ... default&q={searchTerms}
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [upgmsd_re_002020046.exe] C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046\upgmsd_re_002020046.exe ()
O4 - HKU\S-1-5-21-1275210071-573735546-725345543-1004..\Run: [cz.seznam.software.autoupdate] C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-1275210071-573735546-725345543-1004..\Run: [cz.seznam.software.szndesktop] C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\wszndesktop.exe ()
[2015.03.09 23:30:14 | 000,005,487 | ---- | C] () -- C:\Documents and Settings\Vlastník\Data aplikací\BYAIAMUF
[2015.07.31 22:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\7b24ec7cc000461ebe26d116b88142c8
[2015.07.31 22:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SecurityUtility
[2015.07.19 16:38:00 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2015.07.31 20:48:21 | 000,000,398 | ---- | C] () -- C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438368498.job
[2015.07.31 20:58:02 | 000,000,398 | ---- | C] () -- C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438369079.job
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 \Program Files\Alwil Software\Avast5\*.tmp files -> \Program Files\Alwil Software\Avast5\*.tmp -> ]
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Vlastník\Dokumenty\install_flashplayer11x32ax_gtbd_aih.exe:SummaryInformation
[2015.07.31 22:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2015.07.31 22:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\globalUpdate

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

DESTNA22 · #29 Příspěvek od **DESTNA22** » 04 srp 2015 18:18

Máte to se mnou trápení.Musím dodat že nejsem na PC sám,občas jej mají v rukou i dorostenci.Jinak Firefox pracuje bezvadně a budu se s ním dále seznamovat.Logy zde:
# AdwCleaner v4.208 - Log vytvořen 04/08/2015 v 18:47:56
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Vlastník - VLASTN-566ACEAC
# Spuštěno z : C:\Documents and Settings\Vlastník\Plocha\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\IHProtectUpDate
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\SecurityUtility
Složka Smazáno : C:\Program Files\globalUpdate
Složka Smazáno : C:\Program Files\predm
Složka Smazáno : C:\Program Files\Zrychleni Pocitace
Složka Smazáno : C:\Program Files\GUPlayer
Složka Smazáno : C:\Program Files\OLBPre
Složka Smazáno : C:\Program Files\gmsd_re_002020046
Složka Smazáno : C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\globalUpdate
Složka Smazáno : C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\GAMESDESKTOP
Složka Smazáno : C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046
Soubor Smazáno : C:\Documents and Settings\Vlastník\Data aplikací\BYAIAMUF
Soubor Smazáno : C:\Documents and Settings\Vlastník\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Soubor Smazáno : C:\Documents and Settings\Vlastník\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [upgmsd_re_002020046.exe]
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9B58AFEB-3F3B-494B-944C-69D23CED7238}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\Tutorials
Klíč Smazáno : HKCU\Software\TutoTag
Klíč Smazáno : HKCU\Software\GAMESDESKTOP
Klíč Smazáno : HKCU\Software\WajIEnhance
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\WajIntEnhance
Klíč Smazáno : HKCU\Software\SearchProtectWS
Klíč Smazáno : HKCU\Software\Linkey
Klíč Smazáno : HKCU\Software\Kromtech
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Iminent
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Tutorials
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKLM\SOFTWARE\AIM Toolbar
Klíč Smazáno : HKLM\SOFTWARE\SecurityUtility
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SecurityUtility

***** [ Prohlížeče ] *****

-\\ Internet Explorer v8.0.6001.18702

Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v39.0 (x86 cs)

-\\ Google Chrome v

-\\ Opera v30.0.1835.125

[C:\Documents and Settings\Vlastník\Data aplikací\Opera Software\Opera Stable\Preferences] - Smazáno [Startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=14383 ... 6172061720

*************************

AdwCleaner[R0].txt - [6187 bytů] - [04/08/2015 18:46:08]
AdwCleaner[S0].txt - [5837 bytů] - [04/08/2015 18:47:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5895 bytů] ##########
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Vlastník
->Temp folder emptied: 14146209 bytes
->Temporary Internet Files folder emptied: 4182430 bytes
->FireFox cache emptied: 5118490 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 728 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1582104 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 167372 bytes

Total Files Cleaned = 24,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Vlastník
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9B58AFEB-3F3B-494B-944C-69D23CED7238}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9B58AFEB-3F3B-494B-944C-69D23CED7238}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
C:\Program Files\Seznam.cz\distribution\szninstall.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\upgmsd_re_002020046.exe not found.
File C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046\upgmsd_re_002020046.exe not found.
Registry value HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate deleted successfully.
C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\szninstall.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop deleted successfully.
C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\wszndesktop.exe moved successfully.
File C:\Documents and Settings\Vlastník\Data aplikací\BYAIAMUF not found.
C:\Documents and Settings\All Users\Data aplikací\7b24ec7cc000461ebe26d116b88142c8 folder moved successfully.
Folder C:\Documents and Settings\All Users\Data aplikací\SecurityUtility\ not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438368498.job moved successfully.
C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438369079.job moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3EC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP420.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP51A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5BC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP618.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP69D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP82A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP90D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP99.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB36.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB7D.tmp folder deleted successfully.
File delete failed. \Program Files\Alwil Software\Avast5\BCU133.tmp scheduled to be deleted on reboot.
File delete failed. \Program Files\Alwil Software\Avast5\Bro134.tmp scheduled to be deleted on reboot.
ADS C:\Documents and Settings\Vlastník\Dokumenty\install_flashplayer11x32ax_gtbd_aih.exe:SummaryInformation deleted successfully.
Folder C:\Program Files\globalUpdate\ not found.
Folder C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\globalUpdate\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 08042015_185835

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\avast_ash2\Mozilla Firefox\download.ini moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_844.dat moved successfully.
File move failed. \Program Files\Alwil Software\Avast5\BCU133.tmp scheduled to be moved on reboot.
File move failed. \Program Files\Alwil Software\Avast5\Bro134.tmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

DESTNA22 · #30 Příspěvek od **DESTNA22** » 04 srp 2015 18:18

Máte to se mnou trápení.Musím dodat že nejsem na PC sám,občas jej mají v rukou i dorostenci.Jinak Firefox pracuje bezvadně a budu se s ním dále seznamovat.Logy zde:
# AdwCleaner v4.208 - Log vytvořen 04/08/2015 v 18:47:56
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Vlastník - VLASTN-566ACEAC
# Spuštěno z : C:\Documents and Settings\Vlastník\Plocha\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\IHProtectUpDate
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\SecurityUtility
Složka Smazáno : C:\Program Files\globalUpdate
Složka Smazáno : C:\Program Files\predm
Složka Smazáno : C:\Program Files\Zrychleni Pocitace
Složka Smazáno : C:\Program Files\GUPlayer
Složka Smazáno : C:\Program Files\OLBPre
Složka Smazáno : C:\Program Files\gmsd_re_002020046
Složka Smazáno : C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\globalUpdate
Složka Smazáno : C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\GAMESDESKTOP
Složka Smazáno : C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046
Soubor Smazáno : C:\Documents and Settings\Vlastník\Data aplikací\BYAIAMUF
Soubor Smazáno : C:\Documents and Settings\Vlastník\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Soubor Smazáno : C:\Documents and Settings\Vlastník\Data aplikací\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [upgmsd_re_002020046.exe]
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9B58AFEB-3F3B-494B-944C-69D23CED7238}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\Tutorials
Klíč Smazáno : HKCU\Software\TutoTag
Klíč Smazáno : HKCU\Software\GAMESDESKTOP
Klíč Smazáno : HKCU\Software\WajIEnhance
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\WajIntEnhance
Klíč Smazáno : HKCU\Software\SearchProtectWS
Klíč Smazáno : HKCU\Software\Linkey
Klíč Smazáno : HKCU\Software\Kromtech
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Iminent
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Tutorials
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKLM\SOFTWARE\AIM Toolbar
Klíč Smazáno : HKLM\SOFTWARE\SecurityUtility
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SecurityUtility

***** [ Prohlížeče ] *****

-\\ Internet Explorer v8.0.6001.18702

Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v39.0 (x86 cs)

-\\ Google Chrome v

-\\ Opera v30.0.1835.125

[C:\Documents and Settings\Vlastník\Data aplikací\Opera Software\Opera Stable\Preferences] - Smazáno [Startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=14383 ... 6172061720

*************************

AdwCleaner[R0].txt - [6187 bytů] - [04/08/2015 18:46:08]
AdwCleaner[S0].txt - [5837 bytů] - [04/08/2015 18:47:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5895 bytů] ##########
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Vlastník
->Temp folder emptied: 14146209 bytes
->Temporary Internet Files folder emptied: 4182430 bytes
->FireFox cache emptied: 5118490 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 728 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1582104 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 167372 bytes

Total Files Cleaned = 24,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Vlastník
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9B58AFEB-3F3B-494B-944C-69D23CED7238}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9B58AFEB-3F3B-494B-944C-69D23CED7238}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
C:\Program Files\Seznam.cz\distribution\szninstall.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\upgmsd_re_002020046.exe not found.
File C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\gmsd_re_002020046\upgmsd_re_002020046.exe not found.
Registry value HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate deleted successfully.
C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\szninstall.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1275210071-573735546-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop deleted successfully.
C:\Documents and Settings\Vlastník\Data aplikací\Seznam.cz\bin\wszndesktop.exe moved successfully.
File C:\Documents and Settings\Vlastník\Data aplikací\BYAIAMUF not found.
C:\Documents and Settings\All Users\Data aplikací\7b24ec7cc000461ebe26d116b88142c8 folder moved successfully.
Folder C:\Documents and Settings\All Users\Data aplikací\SecurityUtility\ not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438368498.job moved successfully.
C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1438369079.job moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3EC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP420.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP51A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5BC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP618.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP69D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP82A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP90D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP99.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB36.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB7D.tmp folder deleted successfully.
File delete failed. \Program Files\Alwil Software\Avast5\BCU133.tmp scheduled to be deleted on reboot.
File delete failed. \Program Files\Alwil Software\Avast5\Bro134.tmp scheduled to be deleted on reboot.
ADS C:\Documents and Settings\Vlastník\Dokumenty\install_flashplayer11x32ax_gtbd_aih.exe:SummaryInformation deleted successfully.
Folder C:\Program Files\globalUpdate\ not found.
Folder C:\Documents and Settings\Vlastník\Local Settings\Data aplikací\globalUpdate\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 08042015_185835

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\avast_ash2\Mozilla Firefox\download.ini moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_844.dat moved successfully.
File move failed. \Program Files\Alwil Software\Avast5\BCU133.tmp scheduled to be moved on reboot.
File move failed. \Program Files\Alwil Software\Avast5\Bro134.tmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač

Re: Nefungující přehrávač