zpomalení PC po použití CCleaner

[pettr]

pro dnes musím končit, díky, dobrou noc

[Danstahr]

Spusťte znovu Avenger s následujícím skriptem :

Kód: Vybrat vše

Registry keys to delete:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv

Po restartu opět manuálně aplikujte opravu registru z tohoto postu : http://www.viry.cz/forum/viewtopic.php?p=996238#p996238

Poté poprosím o nový log z OTL.

[pettr]

dobrý večer
zde avenger, soubor opr.reg se přepsal, naleduje otl, spustil jsem to s nastavením oprava havěti

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

OTL logfile created on: 17.6.2011 20:37:40 - Run 3
OTL by OldTimer - Version 3.2.24.0 Folder = D:\_Downloaded files\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,49 Mb Total Physical Memory | 572,16 Mb Available Physical Memory | 55,90% Memory free
1,28 Gb Paging File | 0,97 Gb Available in Paging File | 75,57% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 2,94 Gb Free Space | 30,14% Space Free | Partition Type: NTFS
Drive D: | 46,12 Gb Total Space | 39,44 Gb Free Space | 85,51% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 197,50 Gb Free Space | 42,40% Space Free | Partition Type: NTFS

Computer Name: PETR-87F50839C2 | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
PRC - [2011.06.03 21:29:29 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe
PRC - [2003.12.03 07:01:00 | 000,753,700 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2001.10.27 07:32:54 | 000,270,336 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe


========== Modules (SafeList) ==========

MOD - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
MOD - [2011.05.10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) [Auto | Running] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)


========== Driver Services (SafeList) ==========

DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.04 00:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.10.27 07:47:14 | 000,349,184 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2001.10.27 05:50:02 | 000,032,752 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2001.10.27 05:49:46 | 000,020,960 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinttxx.sys -- (TTDec)
DRV - [2001.10.27 05:49:30 | 000,011,280 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2001.10.27 05:49:22 | 000,032,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2001.10.27 05:47:30 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2001.10.27 05:46:22 | 000,035,952 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2001.10.01 15:29:22 | 000,006,144 | ---- | M] (Ravisent Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001.08.17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001.08.17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001.08.17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001.08.17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001.08.17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001.08.17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001.08.17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001.08.17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001.08.17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001.08.17 22:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2011.06.16 18:08:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Executive Software\Diskeeper\DkIcon.exe (Executive Software International, Inc.)
O4 - HKLM..\Run: [HydarVisionDesktopManager] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-606747145-1202660629-854245398-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.214 83.240.0.215
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.03 22:34:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.06.16 18:41:26 | 000,286,720 | ---- | C] (SteelWerX) -- C:\swreg.exe
[2011.06.15 19:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.06.15 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.06.15 19:26:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.15 19:26:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:52 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.06.15 19:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.06.11 06:45:50 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.06.04 16:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[2011.06.03 21:29:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Opera
[2011.05.29 18:04:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Petr\PrivacIE
[2011.05.29 18:01:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Petr\IETldCache
[2011.05.29 17:59:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.05.29 17:57:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.05.29 17:57:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-CZ

========== Files - Modified Within 30 Days ==========

[2011.06.17 20:34:34 | 000,004,599 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.06.17 20:33:57 | 000,000,944 | ---- | M] () -- C:\opr.reg
[2011.06.17 20:27:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.06.17 20:27:39 | 1073,274,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.17 16:23:18 | 000,000,031 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011.06.17 14:31:17 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.06.16 22:20:07 | 000,000,175 | ---- | M] () -- C:\oprava_5.bat
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe
[2011.06.16 18:43:03 | 000,000,179 | ---- | M] () -- C:\oprava.bat
[2011.06.16 18:38:57 | 000,002,701 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2011.06.16 18:08:14 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.14 14:52:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.14 14:41:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.06.12 20:37:22 | 000,023,148 | -H-- | M] () -- C:\WINDOWS\System32\Atmcsyxx.GID
[2011.06.11 06:45:50 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.06.04 16:07:32 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.06.03 21:29:35 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2011.05.26 17:00:54 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk

========== Files Created - No Company Name ==========

[2011.06.17 20:33:57 | 000,000,944 | ---- | C] () -- C:\opr.reg
[2011.06.16 22:20:07 | 000,000,175 | ---- | C] () -- C:\oprava_5.bat
[2011.06.16 18:43:03 | 000,000,179 | ---- | C] () -- C:\oprava.bat
[2011.06.04 16:07:32 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.06.03 21:29:35 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
[2011.06.03 21:29:35 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.12.19 20:26:04 | 000,000,342 | ---- | C] () -- C:\WINDOWS\WTRDICT.INI
[2010.12.19 20:26:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\STXKBD.INI
[2009.03.11 21:22:21 | 000,000,178 | ---- | C] () -- C:\WINDOWS\arbasew.ini
[2009.01.05 21:57:18 | 000,004,251 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.11.23 20:08:05 | 000,003,487 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2008.05.04 17:57:39 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.04.02 21:12:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2008.04.02 21:07:30 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2008.02.21 20:26:44 | 000,002,383 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2007.06.25 18:42:20 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.31 20:26:47 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.25 21:52:37 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.05.08 14:27:37 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007.04.24 22:28:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.04.24 22:19:15 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2007.04.24 22:19:10 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2007.04.24 22:19:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.04.24 22:19:00 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2007.04.24 22:18:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HydraFra.dll
[2007.04.24 22:18:17 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\HydraEsp.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraPtb.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraNln.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraIta.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraSvs.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraNon.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraFif.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraDad.dll
[2007.04.24 22:18:17 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HydraJan.dll
[2007.04.24 22:18:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HydraKor.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZht.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZhs.dll
[2007.04.24 22:18:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ViewHook.dll
[2007.04.24 22:08:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.20 20:09:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Petr.ini
[2007.03.07 23:17:57 | 000,001,160 | ---- | C] () -- C:\WINDOWS\visualdirsize.ini
[2007.03.07 22:59:51 | 000,000,133 | ---- | C] () -- C:\WINDOWS\lsplugin.ini
[2007.03.04 18:15:36 | 000,002,701 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2007.03.03 23:53:45 | 000,000,031 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007.03.03 23:35:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.03 23:26:23 | 000,004,599 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.03.03 23:23:26 | 000,035,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2007.03.03 23:23:24 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2007.03.03 23:23:21 | 000,032,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2007.03.03 23:23:18 | 000,032,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2007.03.03 23:23:17 | 000,011,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2007.03.03 23:23:16 | 000,020,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2007.03.03 23:19:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.03 23:18:19 | 000,195,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.03.03 22:38:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.03 22:29:07 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.17 16:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.27 05:49:38 | 000,011,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2001.10.27 05:48:52 | 000,060,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.15 22:47:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010.04.17 22:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.10.28 18:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2008.10.28 18:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk(2)
[2009.06.10 19:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IM
[2009.06.10 19:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IncrediMail
[2009.09.28 16:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner

========== Purity Check ==========



< End of report >

[Danstahr]

Stáhněte SystemLook, do okna vložte následující skript a stiskněte tlačítko Look!

Kód: Vybrat vše

:dir
C:\

:reg
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS
HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauserv

Log ze SL poté vložte sem.

[pettr]

SystemLook 04.09.10 by jpshortstuff
Log created at 23:07 on 17/06/2011 by Petr
Administrator - Elevation successful

========== dir ==========

C: - Parameters: "(none)"

---Files---
AUTOEXEC.BAT --a---- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
avenger.txt --a---- 1086 bytes [18:27 17/06/2011] [18:27 17/06/2011]
boot.ini ---hs-- 211 bytes [21:17 03/03/2007] [19:09 22/05/2008]
Bootfont.bin -rahs-- 4952 bytes [12:00 25/10/2001] [12:00 25/10/2001]
CONFIG.SYS --a---- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
EasyShareInstall.log --a---- 235694 bytes [19:10 11/05/2007] [19:20 11/05/2007]
hiberfil.sys --ahs-- 1073274880 bytes [10:19 17/11/2008] [18:27 17/06/2011]
IO.SYS -rahs-- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
logfile --a---- 49469 bytes [19:48 11/05/2007] [16:46 04/05/2008]
MSDOS.SYS -rahs-- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
NTDETECT.COM -rahs-- 47564 bytes [21:38 03/08/2004] [21:38 03/08/2004]
ntldr -rahs-- 250048 bytes [21:59 03/08/2004] [21:59 03/08/2004]
opr.reg --a---- 944 bytes [18:33 17/06/2011] [18:33 17/06/2011]
oprava.bat --a---- 179 bytes [16:43 16/06/2011] [16:43 16/06/2011]
oprava_5.bat --a---- 175 bytes [20:20 16/06/2011] [20:20 16/06/2011]
pagefile.sys --ahs-- 402653184 bytes [21:11 03/03/2007] [18:27 17/06/2011]
PCcheck.LOG --a---- 3367 bytes [20:19 24/04/2007] [20:19 24/04/2007]
swreg.exe --a---- 286720 bytes [16:41 16/06/2011] [20:18 16/06/2011]

---Folders---
Avenger d------ [01:04 10/06/2009]
Documents and Settings d------ [21:18 03/03/2007]
Games d------ [22:28 03/03/2007]
Phenomedia AG d------ [14:07 24/08/2008]
Program Files d------ [21:19 03/03/2007]
RECYCLER d--hs-- [21:38 03/03/2007]
rsit d------ [20:01 09/06/2009]
System Volume Information d--hs-- [21:18 03/03/2007]
totalcmd d------ [21:26 03/03/2007]
WINDOWS d------ [21:11 03/03/2007]

========== reg ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"="%systemroot%\system32\svchost.exe -k netsvcs"
"Type"= 0x0000000020 (32)
"Start"= 0x0000000002 (2)
"ErrorControl"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Enum]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Services\wuauserv]
(Unable to open key - key not found)

-= EOF =-

[Danstahr]

A ještě OTL podle tohoto postupu : http://www.viry.cz/forum/viewtopic.php?p=995905#p995905

[pettr]

OTL logfile created on: 17.6.2011 23:18:01 - Run 4
OTL by OldTimer - Version 3.2.24.0 Folder = D:\_Downloaded files\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,49 Mb Total Physical Memory | 554,31 Mb Available Physical Memory | 54,16% Memory free
1,28 Gb Paging File | 0,86 Gb Available in Paging File | 67,27% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 2,94 Gb Free Space | 30,12% Space Free | Partition Type: NTFS
Drive D: | 46,12 Gb Total Space | 39,44 Gb Free Space | 85,51% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 197,50 Gb Free Space | 42,40% Space Free | Partition Type: NTFS

Computer Name: PETR-87F50839C2 | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.06.16 22:47:11 | 000,075,264 | ---- | M] () -- D:\_Downloaded files\Systemook\SystemLook.exe
PRC - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
PRC - [2011.06.03 21:29:29 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe
PRC - [2003.12.03 07:01:00 | 000,753,700 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2001.10.27 07:32:54 | 000,270,336 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe
PRC - [1999.03.21 03:54:54 | 007,151,661 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\EXCEL.EXE


========== Modules (SafeList) ==========

MOD - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
MOD - [2011.05.10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) [Auto | Running] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)


========== Driver Services (SafeList) ==========

DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.04 00:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.10.27 07:47:14 | 000,349,184 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2001.10.27 05:50:02 | 000,032,752 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2001.10.27 05:49:46 | 000,020,960 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinttxx.sys -- (TTDec)
DRV - [2001.10.27 05:49:30 | 000,011,280 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2001.10.27 05:49:22 | 000,032,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2001.10.27 05:47:30 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2001.10.27 05:46:22 | 000,035,952 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2001.10.01 15:29:22 | 000,006,144 | ---- | M] (Ravisent Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001.08.17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001.08.17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001.08.17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001.08.17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001.08.17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001.08.17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001.08.17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001.08.17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001.08.17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001.08.17 22:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2011.06.16 18:08:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Executive Software\Diskeeper\DkIcon.exe (Executive Software International, Inc.)
O4 - HKLM..\Run: [HydarVisionDesktopManager] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-606747145-1202660629-854245398-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.214 83.240.0.215
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.03 22:34:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DRAW - DVIDEO.DLL File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VCR1 - ATIVCR1.DLL File not found
Drivers32: VIDC.VCR2 - ATIVCR2.DLL File not found
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\atiyuv12.dll ()
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

========== Files/Folders - Created Within 7 Days ==========

[2011.06.16 18:41:26 | 000,286,720 | ---- | C] (SteelWerX) -- C:\swreg.exe
[2011.06.15 19:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.06.15 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.06.15 19:26:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.15 19:26:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:52 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.06.15 19:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.06.11 06:45:50 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

========== Files - Modified Within 7 Days ==========

[2011.06.17 20:34:34 | 000,004,599 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.06.17 20:33:57 | 000,000,944 | ---- | M] () -- C:\opr.reg
[2011.06.17 20:27:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.06.17 20:27:39 | 1073,274,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.17 16:23:18 | 000,000,031 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011.06.17 14:31:17 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.06.16 22:20:07 | 000,000,175 | ---- | M] () -- C:\oprava_5.bat
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe
[2011.06.16 18:43:03 | 000,000,179 | ---- | M] () -- C:\oprava.bat
[2011.06.16 18:38:57 | 000,002,701 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2011.06.16 18:08:14 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.14 14:52:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.14 14:41:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.06.12 20:37:22 | 000,023,148 | -H-- | M] () -- C:\WINDOWS\System32\Atmcsyxx.GID
[2011.06.11 06:45:50 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

========== Files Created - No Company Name ==========

[2011.06.17 20:33:57 | 000,000,944 | ---- | C] () -- C:\opr.reg
[2011.06.16 22:20:07 | 000,000,175 | ---- | C] () -- C:\oprava_5.bat
[2011.06.16 18:43:03 | 000,000,179 | ---- | C] () -- C:\oprava.bat
[2010.12.19 20:26:04 | 000,000,342 | ---- | C] () -- C:\WINDOWS\WTRDICT.INI
[2010.12.19 20:26:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\STXKBD.INI
[2009.03.11 21:22:21 | 000,000,178 | ---- | C] () -- C:\WINDOWS\arbasew.ini
[2009.01.05 21:57:18 | 000,004,251 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.11.23 20:08:05 | 000,003,487 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2008.05.04 17:57:39 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.04.02 21:12:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2008.04.02 21:07:30 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2008.02.21 20:26:44 | 000,002,383 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2007.06.25 18:42:20 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.31 20:26:47 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.25 21:52:37 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.05.08 14:27:37 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007.04.24 22:28:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.04.24 22:19:15 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2007.04.24 22:19:10 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2007.04.24 22:19:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.04.24 22:19:00 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2007.04.24 22:18:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HydraFra.dll
[2007.04.24 22:18:17 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\HydraEsp.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraPtb.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraNln.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraIta.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraSvs.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraNon.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraFif.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraDad.dll
[2007.04.24 22:18:17 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HydraJan.dll
[2007.04.24 22:18:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HydraKor.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZht.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZhs.dll
[2007.04.24 22:18:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ViewHook.dll
[2007.04.24 22:08:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.20 20:09:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Petr.ini
[2007.03.07 23:17:57 | 000,001,160 | ---- | C] () -- C:\WINDOWS\visualdirsize.ini
[2007.03.07 22:59:51 | 000,000,133 | ---- | C] () -- C:\WINDOWS\lsplugin.ini
[2007.03.04 18:15:36 | 000,002,701 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2007.03.03 23:53:45 | 000,000,031 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007.03.03 23:35:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.03 23:26:23 | 000,004,599 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.03.03 23:23:26 | 000,035,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2007.03.03 23:23:24 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2007.03.03 23:23:21 | 000,032,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2007.03.03 23:23:18 | 000,032,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2007.03.03 23:23:17 | 000,011,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2007.03.03 23:23:16 | 000,020,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2007.03.03 23:19:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.03 23:18:19 | 000,195,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.03.03 22:38:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.03 22:29:07 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.17 16:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.27 05:49:38 | 000,011,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2001.10.27 05:48:52 | 000,060,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.15 22:47:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010.04.17 22:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.10.28 18:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2008.10.28 18:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk(2)
[2009.06.10 19:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IM
[2009.06.10 19:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IncrediMail
[2009.09.28 16:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 16:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2008.12.16 22:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.10.17 19:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2007.05.25 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Apple Computer
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2007.04.24 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\CyberLink
[2011.06.08 20:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\dvdcss
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.10.01 20:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2007.05.16 18:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Help
[2007.03.03 22:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2007.03.05 19:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2011.06.03 21:29:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2007.03.03 23:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft Web Folders
[2009.09.06 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2011.06.17 16:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.06.17 16:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2011.06.15 19:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2008.06.13 21:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2009.09.01 21:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\WinRAR
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner

< %APPDATA%\*.exe /s >


< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007.03.03 23:17:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007.03.03 23:17:48 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.03.03 23:17:48 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\deployJava1.dll
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javacpl.cpl
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javaw.exe
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javaws.exe
[2011.06.15 23:21:44 | 000,934,374 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< End of report >

[Danstahr]

Uf, trochu jsme s tím bojovali, ale je to pryč. Ještě doopravíme a vyzkoušíme...

Na stránce http://tinyurl.com/653f7oz vložte do okna následující skript, pojmenování zvolte libovolné a stiskněte tlačítko OK. Stažený soubor spusťte a přidání informací do registru potvrďte.

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"DisplayName"="Služba inteligentního přenosu na pozadí"
"DependOnService"="RpcSs"
"DependOnGroup"=" "
"ObjectName"="LocalSystem"
"Description"="Přenáší na pozadí data mezi klienty a servery. Pokud je služba BITS zakázána, některé funkce systému (např. Windows Update) nebudou fungovat."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"DisplayName"="Automatické aktualizace"
"ObjectName"="LocalSystem"

Na stránce http://tinyurl.com/653f7oz vložte do okna následující skript, přepněte nahoře přepínač na .bat, pojmenování zvolte libovolné a stiskněte tlačítko OK. Stažený soubor spusťte, problikne černé okno a otevře se poznámkový blok s logem.

Kód: Vybrat vše

net stop wuauserv >> "%userprofile%\plocha\kontrola.txt"
net STOP BITS >> "%userprofile%\plocha\kontrola.txt"

net start wuauserv >> "%userprofile%\plocha\kontrola.txt"
net start BITS >> "%userprofile%\plocha\kontrola.txt"

start notepad "%userprofile%\plocha\kontrola.txt"

Otevřený log sem prosím vložte.

[pettr]

Dobrý den, vše proběhlo, zde:


SpouçtŘnˇ slu§by wuauserv.
SpouçtŘnˇ slu§by BITS.

[Danstahr]

Zkuste zapnout automatické aktualizace a ověřit jejich funkčnost.

Spusťte znovu OTL, nastavte ho podle předchozích instrukcí, do okna dole vložte následující skript (míst toho předchozího) a klikněte na tlačítko Prohledat.

Kód: Vybrat vše

reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /s /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /s /c

Log z OTL sem vložte.

[pettr]

Dobrý den, Windouzy mám neofi, aktualizace je vypnutá,, zatím jsem nic nezkoušel, když tak ještě napište, nevím co se může stát. OTL pouštím 4x, vždy se zastavil, přestal točit disk a po klepnutí myší na program vypíše dumprex.exe-chyb aplikace, správná iniciace aplikace (0xc000012d) se nezdařila. Dole v okně prohramu píše "manual File Scan -looking in folder:C\WINDOWS\Fonts\..." No už jsem si říkal že to bude OK, teď se vše zakouslo =totacomm, opera.

[Danstahr]

Od posledního skenu OTL jsme nic, co by mělo zapříčinit toto chování, neprováděli . Zkuste spustřit OTL v nouzovém režimu (restartujte počítač, při startu mačkejte F8 a z nabídky zvolte Nouzový režim s prací v síti).
A ten nelegální systém...

[pettr]

OTL logfile created on: 22.6.2011 18:44:13 - Run 5
OTL by OldTimer - Version 3.2.24.0 Folder = D:\_Downloaded files\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,49 Mb Total Physical Memory | 733,00 Mb Available Physical Memory | 71,62% Memory free
1,28 Gb Paging File | 1,13 Gb Available in Paging File | 88,67% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 3,74 Gb Free Space | 38,29% Space Free | Partition Type: NTFS
Drive D: | 46,12 Gb Total Space | 39,44 Gb Free Space | 85,51% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 197,50 Gb Free Space | 42,40% Space Free | Partition Type: NTFS

Computer Name: PETR-87F50839C2 | User Name: Petr | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
PRC - [2011.06.03 21:29:29 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003.12.03 07:01:00 | 000,753,700 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE


========== Modules (SafeList) ==========

MOD - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) [Auto | Stopped] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)


========== Driver Services (SafeList) ==========

DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.04 00:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.10.27 07:47:14 | 000,349,184 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2001.10.27 05:50:02 | 000,032,752 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2001.10.27 05:49:46 | 000,020,960 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atinttxx.sys -- (TTDec)
DRV - [2001.10.27 05:49:30 | 000,011,280 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2001.10.27 05:49:22 | 000,032,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2001.10.27 05:47:30 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2001.10.27 05:46:22 | 000,035,952 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2001.10.01 15:29:22 | 000,006,144 | ---- | M] (Ravisent Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001.08.17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001.08.17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001.08.17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001.08.17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001.08.17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001.08.17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001.08.17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001.08.17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001.08.17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001.08.17 22:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2011.06.16 18:08:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Executive Software\Diskeeper\DkIcon.exe (Executive Software International, Inc.)
O4 - HKLM..\Run: [HydarVisionDesktopManager] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-606747145-1202660629-854245398-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.214 83.240.0.215
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.03 22:34:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

[2011.06.22 18:39:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011.06.16 18:41:26 | 000,286,720 | ---- | C] (SteelWerX) -- C:\swreg.exe
[2011.06.15 19:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.06.15 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.06.15 19:26:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.15 19:26:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:52 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.06.15 19:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\Sun

========== Files - Modified Within 7 Days ==========

[2011.06.22 18:41:29 | 000,004,590 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.06.22 18:39:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.06.22 12:22:37 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.06.21 12:36:10 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011.06.21 12:36:10 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2011.06.20 17:57:31 | 000,000,281 | ---- | M] () -- C:\18zal.bat
[2011.06.20 17:56:02 | 000,000,529 | ---- | M] () -- C:\18cer.reg
[2011.06.19 20:04:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.06.17 20:33:57 | 000,000,944 | ---- | M] () -- C:\opr.reg
[2011.06.17 16:23:18 | 000,000,031 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011.06.16 22:20:07 | 000,000,175 | ---- | M] () -- C:\oprava_5.bat
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe
[2011.06.16 18:43:03 | 000,000,179 | ---- | M] () -- C:\oprava.bat
[2011.06.16 18:38:57 | 000,002,701 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2011.06.16 18:08:14 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

========== Files Created - No Company Name ==========

[2011.06.21 12:36:10 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011.06.21 12:36:10 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011.06.20 17:57:31 | 000,000,281 | ---- | C] () -- C:\18zal.bat
[2011.06.20 17:56:02 | 000,000,529 | ---- | C] () -- C:\18cer.reg
[2011.06.17 20:33:57 | 000,000,944 | ---- | C] () -- C:\opr.reg
[2011.06.16 22:20:07 | 000,000,175 | ---- | C] () -- C:\oprava_5.bat
[2011.06.16 18:43:03 | 000,000,179 | ---- | C] () -- C:\oprava.bat
[2010.12.19 20:26:04 | 000,000,342 | ---- | C] () -- C:\WINDOWS\WTRDICT.INI
[2010.12.19 20:26:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\STXKBD.INI
[2009.03.11 21:22:21 | 000,000,178 | ---- | C] () -- C:\WINDOWS\arbasew.ini
[2009.01.05 21:57:18 | 000,004,251 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.11.23 20:08:05 | 000,003,487 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2008.05.04 17:57:39 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.04.02 21:12:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2008.04.02 21:07:30 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2008.02.21 20:26:44 | 000,002,383 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2007.06.25 18:42:20 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.31 20:26:47 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.25 21:52:37 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.05.08 14:27:37 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007.04.24 22:28:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.04.24 22:19:15 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2007.04.24 22:19:10 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2007.04.24 22:19:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.04.24 22:19:00 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2007.04.24 22:18:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HydraFra.dll
[2007.04.24 22:18:17 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\HydraEsp.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraPtb.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraNln.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraIta.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraSvs.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraNon.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraFif.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraDad.dll
[2007.04.24 22:18:17 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HydraJan.dll
[2007.04.24 22:18:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HydraKor.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZht.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZhs.dll
[2007.04.24 22:18:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ViewHook.dll
[2007.04.24 22:08:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.20 20:09:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Petr.ini
[2007.03.07 23:17:57 | 000,001,160 | ---- | C] () -- C:\WINDOWS\visualdirsize.ini
[2007.03.07 22:59:51 | 000,000,133 | ---- | C] () -- C:\WINDOWS\lsplugin.ini
[2007.03.04 18:15:36 | 000,002,701 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2007.03.03 23:53:45 | 000,000,031 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007.03.03 23:35:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.03 23:26:23 | 000,004,590 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.03.03 23:23:26 | 000,035,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2007.03.03 23:23:24 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2007.03.03 23:23:21 | 000,032,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2007.03.03 23:23:18 | 000,032,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2007.03.03 23:23:17 | 000,011,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2007.03.03 23:23:16 | 000,020,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2007.03.03 23:19:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.03 23:18:19 | 000,195,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.03.03 22:38:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.03 22:29:07 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.17 16:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.27 05:49:38 | 000,011,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2001.10.27 05:48:52 | 000,060,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.15 22:47:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010.04.17 22:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.10.28 18:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2008.10.28 18:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk(2)
[2009.06.10 19:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IM
[2009.06.10 19:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IncrediMail
[2009.09.28 16:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========


< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /s /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
Type REG_DWORD 0x20
Start REG_DWORD 0x2
ErrorControl REG_DWORD 0x1
DisplayName REG_SZ Automatické aktualizace
ObjectName REG_SZ LocalSystem
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV\Enum
0 REG_SZ Root\LEGACY_WUAUSERV\0000
Count REG_DWORD 0x1
NextInstance REG_DWORD 0x1

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /s /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
Type REG_DWORD 0x20
Start REG_DWORD 0x2
ErrorControl REG_DWORD 0x1
DisplayName REG_SZ Služba inteligentního přenosu na pozadí
DependOnService REG_SZ RpcSs
DependOnGroup REG_SZ
ObjectName REG_SZ LocalSystem
Description REG_SZ Přenáší na pozadí data mezi klienty a servery. Pokud je služba BITS zakázána, některé funkce systému (např. Windows Update) nebudou fungovat.
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS\Enum
0 REG_SZ Root\LEGACY_BITS\0000
Count REG_DWORD 0x1
NextInstance REG_DWORD 0x1

< End of report >

[pettr]

Dobrý den, v nouzovém režimu proběhlo OK, log výše, dokonce to bylo velice rychlé - proti trvání předchozích skenů.

[Danstahr]

Spusťte znovu OTL, do okna dole vložte následující skript a klikněte na tlačítko Opravit!

Kód: Vybrat vše

:OTL
[2011.06.21 12:36:10 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2011.06.21 12:36:10 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2011.06.20 17:57:31 | 000,000,281 | ---- | C] () -- C:\18zal.bat
[2011.06.20 17:56:02 | 000,000,529 | ---- | C] () -- C:\18cer.reg
[2011.06.17 20:33:57 | 000,000,944 | ---- | C] () -- C:\opr.reg
[2011.06.16 22:20:07 | 000,000,175 | ---- | C] () -- C:\oprava_5.bat
[2011.06.16 18:43:03 | 000,000,179 | ---- | C] () -- C:\oprava.bat
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2010.12.19 20:26:04 | 000,000,342 | ---- | C] () -- C:\WINDOWS\WTRDICT.INI
[2010.12.19 20:26:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\STXKBD.INI
[2009.03.11 21:22:21 | 000,000,178 | ---- | C] () -- C:\WINDOWS\arbasew.ini
[2009.01.05 21:57:18 | 000,004,251 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.11.23 20:08:05 | 000,003,487 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2007.05.31 20:26:47 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.08 14:27:37 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007.04.24 22:28:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.04.24 22:19:15 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini

:Commands
[EmptyTemp]

Po restartu PC sem prosím vložte log z OTM, který se otevře.