Hrozne spomalený počítač. Prosím o kontrolu

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[vratkokuk]

OTL Extras logfile created on: 24.7.2013 16:38:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Taťka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,23 Mb Total Physical Memory | 406,36 Mb Available Physical Memory | 39,71% Memory free
2,40 Gb Paging File | 1,60 Gb Available in Paging File | 66,42% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 8,29 Gb Free Space | 21,23% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 3,01 Gb Free Space | 2,05% Space Free | Partition Type: NTFS
Drive E: | 47,34 Gb Total Space | 3,30 Gb Free Space | 6,96% Space Free | Partition Type: NTFS

Computer Name: HOME-COMPIK | User Name: Taťka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1009\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 10.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\10.0\ACDSeeQV10.exe" "%1" (ACD Systems)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{235BBFC6-D863-4066-A01A-3BD504C31029}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{31187E06-E131-4709-9285-7D105D77AA89}" = Components Setup
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}" = Adobe Flash Player 9 ActiveX
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90260405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}" = Components Setup
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{F8B98EB6-FC06-45BF-87D4-9784E0408611}" = ACDSee 10 Photo Manager
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Altap Salamander 2.5" = Altap Salamander 2.5
"avast" = avast! Free Antivirus
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Registrace uživatele zařízení Canon MG5100 series" = Registrace uživatele zařízení Canon MG5100 series
"The KMPlayer" = The KMPlayer (remove only)
"Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009
"VLC media player" = VLC media player 2.0.6
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = KMPlayer Toolbar Updater
"QIP 2005" = QIP 2005 8097
"QIP 2010" = QIP 2010 3.1.4570
"QIP 2012" = QIP 2012 4.0.7058
"QipGuard" = QIP Internet Guardian

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 17.7.2013 5:27:25 | Computer Name = HOME-COMPIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.7.2013 12:16:27 | Computer Name = HOME-COMPIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 11.0.3.37, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.7.2013 12:16:27 | Computer Name = HOME-COMPIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 11.0.3.37, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.7.2013 12:16:27 | Computer Name = HOME-COMPIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 11.0.3.37, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.7.2013 12:16:27 | Computer Name = HOME-COMPIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 11.0.3.37, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 20.7.2013 10:45:49 | Computer Name = HOME-COMPIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 20.7.2013 10:45:59 | Computer Name = HOME-COMPIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 20.7.2013 10:46:54 | Computer Name = HOME-COMPIK | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 20.7.2013 10:46:54 | Computer Name = HOME-COMPIK | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 20.7.2013 10:46:54 | Computer Name = HOME-COMPIK | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 20.7.2013 10:46:54 | Computer Name = HOME-COMPIK | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 20.7.2013 10:46:54 | Computer Name = HOME-COMPIK | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm Fips intelppm IPSec MRxSmb NetBIOS
NetBT
RasAcd
Rdbss
SASDIFSV
SASKUTIL
Tcpip

Error - 20.7.2013 12:16:43 | Computer Name = HOME-COMPIK | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby NVSvc.


< End of report >

[vratkokuk]

Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,23 Mb Total Physical Memory | 406,36 Mb Available Physical Memory | 39,71% Memory free
2,40 Gb Paging File | 1,60 Gb Available in Paging File | 66,42% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 8,29 Gb Free Space | 21,23% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 3,01 Gb Free Space | 2,05% Space Free | Partition Type: NTFS
Drive E: | 47,34 Gb Total Space | 3,30 Gb Free Space | 6,96% Space Free | Partition Type: NTFS

Computer Name: HOME-COMPIK | User Name: Taťka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.24 16:35:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Taťka\Plocha\OTL.exe
PRC - [2013.07.12 20:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.07.12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.07.02 22:31:58 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.06.23 09:10:12 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.01.31 13:22:47 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2010.12.13 16:06:30 | 000,187,776 | ---- | M] (QIP.ru) -- C:\Program Files\QipGuard\QipGuard.exe
PRC - [2010.12.13 16:06:30 | 000,187,776 | ---- | M] (QIP.ru) -- C:\Documents and Settings\pc\Data aplikací\QipGuard\QipGuard.exe
PRC - [2010.10.29 17:12:32 | 003,330,560 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2010.03.25 04:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.16 19:04:20 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.11.16 18:58:32 | 000,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006.11.10 16:19:32 | 001,051,648 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2006.11.10 16:18:42 | 000,859,136 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe


========== Modules (No Company Name) ==========

MOD - [2013.07.24 01:31:24 | 002,093,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13072301\algo.dll
MOD - [2013.07.02 22:31:52 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.06.15 09:21:22 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll


========== Services (SafeList) ==========

SRV - [2013.07.12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.06.23 09:10:12 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.06.15 09:21:23 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.01.31 13:22:47 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010.12.13 16:06:30 | 000,187,776 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2006.11.10 16:18:42 | 000,859,136 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.07.14 05:53:38 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2013.07.14 05:53:38 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2013.07.14 05:53:38 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2013.06.27 21:20:06 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.06.27 21:20:06 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.06.27 21:20:06 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.06.23 15:35:42 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.04.14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006.11.10 16:17:50 | 000,033,792 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2006.11.10 16:16:34 | 000,031,360 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2006.11.10 16:15:56 | 000,010,624 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2006.11.10 16:15:44 | 000,102,912 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004.11.17 13:05:38 | 002,297,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1004\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\InprocServer32 File not found
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[vratkokuk]

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.15 09:35:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components

[2013.06.15 16:49:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Extensions
[2013.07.02 22:31:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.07.23 10:03:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.07.02 22:31:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.07.23 10:03:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.07.02 22:32:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========


O1 HOSTS File: ([2013.07.23 15:42:49 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\pc\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003..\Run: [QIP Internet Guardian] C:\Documents and Settings\pc\Data aplikací\QipGuard\QipGuard.exe (QIP.ru)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-21-1078081533-1993962763-1644491937-1004..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1993962763-1644491937-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A7E5DD4-918E-4582-AFA0-817A3B1098AA}: NameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.06.15 08:17:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: VIDC.ACDV - C:\WINDOWS\System32\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[vratkokuk]

========== Files/Folders - Created Within 30 Days ==========

[2013.07.24 16:35:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Taťka\Plocha\OTL.exe
[2013.07.23 16:34:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Plocha\Nakupní košík_soubory
[2013.07.22 21:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Plocha\RK_Quarantine
[2013.07.21 17:27:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Taťka\Recent
[2013.07.21 17:21:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2013.07.21 17:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Registrace uživatele zařízení Canon MG5100 series
[2013.07.21 17:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon MG5100 series
[2013.07.21 16:54:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2013.07.21 16:53:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2013.07.21 16:53:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2013.07.21 16:44:35 | 000,307,200 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100L.dll
[2013.07.21 16:44:35 | 000,114,688 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100I.dll
[2013.07.21 16:44:34 | 001,335,296 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100C.dll
[2013.07.21 16:44:34 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100U.dll
[2013.07.21 16:44:34 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2013.07.21 16:44:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2013.07.21 16:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013.07.21 16:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2013.07.21 16:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities
[2013.07.21 16:38:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon MG5100 series Manual
[2013.07.21 16:37:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013.07.21 16:37:06 | 000,290,816 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAD.DLL
[2013.07.21 16:36:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2013.07.21 16:36:35 | 000,094,208 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC5100O.dll
[2013.07.21 16:36:31 | 000,180,224 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUAD.DLL
[2013.07.21 16:36:08 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013.07.21 16:33:19 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013.07.21 15:37:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Plocha\CrystalDiskInfo5_0_0
[2013.07.20 22:33:28 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Taťka\IETldCache
[2013.07.20 20:58:31 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.07.20 20:56:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013.07.20 20:55:30 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.07.20 20:53:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013.07.20 20:34:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2013.07.20 19:21:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie7updates
[2013.07.20 19:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013.07.20 18:08:04 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.07.20 18:05:30 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2013.07.20 18:00:46 | 002,195,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013.07.20 18:00:46 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013.07.20 18:00:43 | 002,072,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013.07.20 18:00:43 | 002,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013.07.20 17:57:22 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013.07.20 13:47:18 | 000,000,000 | ---D | C] -- C:\dc49792b817a3683ca13256f27
[2013.07.20 00:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.20 00:50:17 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.19 23:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Google
[2013.07.19 22:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013.07.19 22:34:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013.07.19 17:52:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013.07.15 21:34:24 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2013.07.14 00:25:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2013.07.14 00:24:59 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2013.07.14 00:24:58 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013.07.13 07:56:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Taťka\Dokumenty\Filmy
[2013.07.10 17:42:23 | 001,235,950 | ---- | C] (Medieval Software) -- C:\Documents and Settings\Taťka\Plocha\cuesplitter_setup.exe
[2013.07.02 22:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.06.26 18:35:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ACD Systems
[2013.06.26 18:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2013.06.26 17:50:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Downloaded Installations
[2013.06.24 21:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Ahead
[2013.06.24 21:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Nero 7 Ultra Edition
[2013.06.24 21:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Data aplikací\Ahead
[2013.06.24 21:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2013.06.24 21:34:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013.06.24 20:09:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013.06.24 19:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
[2013.06.24 19:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DVD Shrink
[2013.06.24 19:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Shrink
[2013.06.24 19:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Data aplikací\DVD Shrink
[2013.06.24 18:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Nero_AG
[2013.06.24 18:56:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Nero
[2013.06.24 18:54:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Dokumenty\NeroVision
[2013.06.24 18:51:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\Data aplikací\Nero
[2013.06.24 18:41:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Nero
[2013.06.24 18:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Taťka\jh
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.07.24 16:42:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.24 16:40:18 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.24 16:35:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Taťka\Plocha\OTL.exe
[2013.07.24 16:26:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.24 09:36:06 | 000,000,356 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.07.24 09:31:44 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2013.07.24 09:31:23 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.24 04:43:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.24 04:41:56 | 000,436,110 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.07.24 04:41:56 | 000,432,848 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.07.24 04:41:56 | 000,079,890 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.07.24 04:41:56 | 000,069,006 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.07.23 16:46:49 | 000,000,247 | ---- | M] () -- C:\Documents and Settings\Taťka\intlname.ols
[2013.07.23 16:34:52 | 000,038,687 | ---- | M] () -- C:\Documents and Settings\Taťka\Plocha\Nakupní košík.htm
[2013.07.23 13:24:25 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.07.22 21:28:45 | 000,915,968 | ---- | M] () -- C:\Documents and Settings\Taťka\Plocha\RogueKiller.exe
[2013.07.21 17:03:01 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Canon MG5100 series Příručka online.lnk
[2013.07.21 15:46:48 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Taťka\Plocha\adwcleaner.exe
[2013.07.21 15:36:54 | 001,496,172 | ---- | M] () -- C:\Documents and Settings\Taťka\Plocha\CrystalDiskInfo5_0_0.zip
[2013.07.20 22:32:43 | 000,192,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.07.20 00:28:59 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Taťka\Plocha\RSIT.exe
[2013.07.20 00:11:52 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013.07.17 10:36:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.14 00:38:04 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Taťka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.13 08:21:22 | 000,001,134 | ---- | M] () -- C:\Documents and Settings\Taťka\Plocha\cc_20130713_082118.reg
[2013.07.13 07:56:15 | 000,000,116 | ---- | M] () -- C:\Documents and Settings\Taťka\default.pls
[2013.07.10 17:42:24 | 001,235,950 | ---- | M] (Medieval Software) -- C:\Documents and Settings\Taťka\Plocha\cuesplitter_setup.exe
[2013.07.04 23:17:27 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013.06.27 21:20:06 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.06.27 21:20:06 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.06.27 21:20:06 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.06.27 21:20:06 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.27 21:20:06 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.27 21:20:06 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.26 17:38:58 | 000,003,237 | ---- | M] () -- C:\Documents and Settings\Taťka\Dokumenty\ISO1.nri
[2013.06.24 21:17:47 | 330,431,131 | ---- | M] () -- C:\Documents and Settings\Taťka\Plocha\nero-7-plna-verze-cz.rar
[2013.06.24 19:02:55 | 000,000,102 | ---- | M] () -- C:\Documents and Settings\Taťka\Data aplikací\mbam.context.scan
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[vratkokuk]

========== Files Created - No Company Name ==========

[2013.07.24 16:42:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.23 16:34:49 | 000,038,687 | ---- | C] () -- C:\Documents and Settings\Taťka\Plocha\Nakupní košík.htm
[2013.07.22 21:28:43 | 000,915,968 | ---- | C] () -- C:\Documents and Settings\Taťka\Plocha\RogueKiller.exe
[2013.07.21 16:44:35 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\CNC1748D.TBL
[2013.07.21 16:39:07 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Canon MG5100 series Příručka online.lnk
[2013.07.21 15:46:45 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Taťka\Plocha\adwcleaner.exe
[2013.07.21 15:36:50 | 001,496,172 | ---- | C] () -- C:\Documents and Settings\Taťka\Plocha\CrystalDiskInfo5_0_0.zip
[2013.07.20 20:34:51 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2013.07.20 18:00:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.07.20 18:00:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.07.20 00:28:54 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Taťka\Plocha\RSIT.exe
[2013.07.20 00:11:52 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013.07.13 08:21:19 | 000,001,134 | ---- | C] () -- C:\Documents and Settings\Taťka\Plocha\cc_20130713_082118.reg
[2013.07.01 20:42:14 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\Taťka\default.pls
[2013.06.28 18:59:55 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2013.06.27 21:20:06 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.26 22:28:10 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.26 22:28:10 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.26 17:38:58 | 000,003,237 | ---- | C] () -- C:\Documents and Settings\Taťka\Dokumenty\ISO1.nri
[2013.06.25 17:47:12 | 000,000,247 | ---- | C] () -- C:\Documents and Settings\Taťka\intlname.ols
[2013.06.24 19:14:29 | 330,431,131 | ---- | C] () -- C:\Documents and Settings\Taťka\Plocha\nero-7-plna-verze-cz.rar
[2013.06.24 19:02:35 | 000,000,102 | ---- | C] () -- C:\Documents and Settings\Taťka\Data aplikací\mbam.context.scan
[2013.06.21 17:54:42 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.06.15 22:28:58 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Taťka\winscp.RND
[2013.06.15 17:54:15 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Taťka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.15 11:53:29 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2013.06.15 11:53:23 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013.06.15 11:53:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.06.15 11:52:47 | 000,003,281 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013.06.15 11:52:44 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2013.06.15 10:10:22 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.15 10:09:15 | 000,192,184 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.15 09:36:01 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.06.15 09:36:01 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.06.15 09:11:18 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.15 09:11:18 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.15 09:11:18 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.15 09:11:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.06.15 08:20:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.06.15 08:14:42 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2013.06.23 22:38:13 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.06.26 18:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2013.06.15 09:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.07.21 16:37:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013.07.21 16:53:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2013.07.21 16:53:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2013.07.21 16:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2013.07.21 17:21:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2013.07.21 16:54:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2013.07.21 16:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2013.06.23 07:05:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
[2013.06.22 21:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2013.06.16 16:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Data aplikací\ACD Systems
[2013.06.16 00:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Data aplikací\QIP
[2013.06.16 00:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Data aplikací\QipGuard
[2013.06.15 11:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Data aplikací\Vimisoft Studio
[2013.06.16 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\ACD Systems
[2013.06.22 21:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Uniblue
[2013.06.15 16:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Vimisoft Studio

========== Purity Check ==========



========== Custom Scans ==========

< >
[2013.06.15 08:16:00 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.06.15 08:21:03 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.06.15 09:14:16 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.06.15 09:36:01 | 000,000,356 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.06.15 14:25:33 | 000,000,928 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 14:25:33 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.07.20 20:34:51 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Tasks\WGASetup.job

[vratkokuk]

< >

< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3gdr\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2008.08.08 18:08:39 | 000,117,248 | ---- | M] (VIA Technologies inc,.ltd) MD5=3A82A61E312ADDB3BE8F1FE3481842B1 -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

[vratkokuk]

< >

< %systemroot%*.* /U /s >
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.06.16 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\ACD Systems
[2013.06.22 16:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Adobe
[2013.07.01 20:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Ahead
[2013.06.24 19:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\DVD Shrink
[2013.06.15 16:15:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Identities
[2013.06.15 18:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Macromedia
[2013.06.16 09:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Malwarebytes
[2013.07.20 16:28:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Taťka\Data aplikací\Microsoft
[2013.06.15 16:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Mozilla
[2013.06.24 18:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Nero
[2013.07.20 19:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Skype
[2013.06.16 13:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Sun
[2013.06.22 13:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\SUPERAntiSpyware.com
[2013.06.22 21:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Uniblue
[2013.06.15 16:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\Vimisoft Studio
[2013.06.23 22:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\vlc
[2013.06.16 14:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2013.06.15 10:08:44 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.06.15 10:08:44 | 001,097,728 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.06.15 10:08:44 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.24 04:41:56 | 000,079,890 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.07.24 04:41:56 | 000,069,006 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.07.24 04:41:56 | 000,432,848 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.07.24 04:41:56 | 000,436,110 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.07.24 04:41:56 | 000,988,310 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.24 16:42:39 | 000,000,512 | ---- | M] () MD5=2AE43832B348D676F39068AFBEC3D4B8 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2006.11.09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\MS OFFICE 2003\MS Office 2003 pro - inštalačka\coloader_dll_2_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\MS OFFICE 2003\MS Office 2003 pro - inštalačka\coloader_tlb_2________.3643236F_FC70_11D3_A536_0090278A1BB8
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.07.17 12:53:12 | 000,003,072 | ---- | M] () -- \Documents and Settings\pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2013.07.17 12:53:12 | 000,003,608 | ---- | M] () -- \Documents and Settings\pc\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2011.10.31 17:53:36 | 000,025,992 | ---- | M] () -- \Documents and Settings\Taťka\Local Settings\Temp\mia3A9.tmp\data\OFFLINE\82398D35\E9EAEC01\rb_move_serial.exe
[2012.09.27 02:18:38 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.08.19 08:47:51 | 000,000,217 | ---- | M] () -- \Program Files\Registry Booster 2009\Uniblue RegistryBooster 2009 2.1.0.0 CZ-serial\SERIAL\SERIAL.txt
[2011.11.15 14:35:50 | 000,000,038 | ---- | M] () -- \Program Files\Registry booster\Registry Booster 2012 v6.0.10.6\Serial Key.txt
[2013.07.24 04:41:19 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.20 20:40:04 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.06.24 04:48:18 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\01dc643b54310ebc5ab7e4696df426bc\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.20 20:53:20 | 002,347,008 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c63c030603d94909b680a476cbf4d898\System.Runtime.Serialization.ni.dll
[2010.04.07 23:57:06 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_133675_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.07.20 19:19:41 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_133676_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.04.07 23:57:06 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_147207_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 02:18:38 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
JavaQuickStarterService
QipGuard
Skype C2C Service
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
NBService

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WGASetup.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\InprocServer32 File not found
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1078081533-1993962763-1644491937-1009\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-21-1078081533-1993962763-1644491937-1004..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"InCD"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{95289393-33EA-4F8D-B952-483415B9C955}"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[vratkokuk]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: pc
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 1050399 bytes
->Flash cache emptied: 0 bytes

User: Taťka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 34391 bytes
->FireFox cache emptied: 16512399 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 709 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34876688 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 50,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: pc
->Flash cache emptied: 0 bytes

User: Taťka
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Error: No service named JavaQuickStarterService was found to stop!
Service\Driver key JavaQuickStarterService not found.
Error: No service named QipGuard was found to stop!
Service\Driver key QipGuard not found.
Error: No service named Skype C2C Service was found to stop!
Service\Driver key Skype C2C Service not found.
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named SkypeUpdate was found to stop!
Service\Driver key SkypeUpdate not found.
Error: No service named AdobeFlashPlayerUpdateSvc was found to stop!
Service\Driver key AdobeFlashPlayerUpdateSvc not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named NBService was found to stop!
Service\Driver key NBService not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\tasks\Adobe Flash Player Updater.job not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder C:\WINDOWS\tasks\WGASetup.job not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1078081533-1993962763-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry value HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1009\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1009\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1009\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1009\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-21-1078081533-1993962763-1644491937-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
File/Folder C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp not found.
File/Folder C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InCD not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07252013_192837

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\pc\Local Settings\Temp\etilqs_0P8HKIZeG96Dnf5 not found!
File\Folder C:\Documents and Settings\pc\Local Settings\Temp\etilqs_4GPwsul9vQVrmtW not found!
File\Folder C:\Documents and Settings\pc\Local Settings\Temp\etilqs_KhDFGZsgUk12aAy not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vy jste to spoustel vicekrat, ze?

Co pc, nastala nejaka zmena?

[vratkokuk]

Ano, spustil som to 2x, lebo som si nebol istý, či sa ten prvý dokončil. V medzičase sa mi tam nasáčkovali decká, reštartovali PC a ja som nevedel, či to prebehlo v poriadku.
Teraz sa to zdá byť omnoho lepšie.

[Márty84]

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[vratkokuk]

PC je na tom podstatne lepšie ako na počiatku problému. Ale stále sa často stane, že sa pri zapnutí, či reštarte nezobrazí desk top (monitor bez ikon). Tak sa to musí znova reštartovať.
Inak, prezradíte mi, čo tam bolo za hnusobu?
PC je asi mesiac a pol po reinstale. Odvtedy to už nie je ON, starý (viac ako 7rokov) dobrý comp. Každý deň sa mi ponúkajú nové a nové aktualizácie. Ďalej pri vypnutí WINAMPu mi to ohlási akúsi chybu:
viz príloha

A ešte čosi:
Mockrát ďakujem.

[Márty84]

Aktualizace ceho? Windowsu?

Zkuste winamp preinstalovat



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku