zpomalený ntb eee

Zpráva

Písa · #1 Příspěvek od **Písa** » 12 lis 2014 17:05

Ahoj,
prosím o kontrolu logu RSIT, dnes jsem byl u přítelkyně na ntb a je hodně zpomalený, projel jsem to Ccleanerem, provedl defragmentaci disku, ale nepomohlo to. Asi před půl rokem jsem přehrál win, ale dneska jde pomalu všechno. Vím, je to už starší hračka, ale jí by postačilo aby na tom šlo brouzdat na internetu bez záseků. Předem dík, jestli se na to kouknete.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adéla at 2014-11-12 16:45:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive G: has 28 GB (51%) free of 55 GB
Total RAM: 895 MB (9% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:45, on 12.11.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\AVAST Software\Avast\AvastSvc.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
G:\Program Files\EeePC\ACPI\AsEPCMon.exe
G:\WINDOWS\RTHDCPL.EXE
G:\Program Files\Synaptics\SynTP\SynTPEnh.exe
G:\Program Files\AVAST Software\Avast\AvastUI.exe
G:\WINDOWS\system32\RunDLL32.exe
G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
G:\WINDOWS\system32\ctfmon.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
G:\WINDOWS\System32\alg.exe
G:\WINDOWS\system32\wbem\unsecapp.exe
G:\Program Files\Skype\Phone\Skype.exe
G:\WINDOWS\system32\wbem\wmiprvse.exe
G:\WINDOWS\system32\mmc.exe
G:\WINDOWS\system32\DfrgNtfs.exe
G:\Program Files\Google\Chrome\Application\chrome.exe
G:\Program Files\Google\Chrome\Application\chrome.exe
G:\Program Files\Google\Chrome\Application\chrome.exe
G:\Program Files\Google\Chrome\Application\chrome.exe
G:\Program Files\Google\Chrome\Application\chrome.exe
G:\Program Files\Google\Chrome\Application\chrome.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Documents and Settings\Adéla\Dokumenty\Downloads\RSIT.exe
G:\Program Files\trend micro\Adéla.exe
G:\WINDOWS\system32\msiexec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AsusACPIServer] G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] G:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] G:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "G:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "G:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] G:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [GrooveMonitor] "G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SynAsusAcpi] G:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1343024091-1592454029-299502267-1004\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1343024091-1592454029-299502267-1004\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://G:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - G:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - G:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

--
End of file - 8133 bytes

======Scheduled tasks folder======

G:\WINDOWS\tasks\AppleSoftwareUpdate.job - G:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
G:\WINDOWS\tasks\avast! Emergency Update.job - G:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - G:\Program Files\Google\Update\GoogleUpdate.exe /c
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - G:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
G:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - G:\WINDOWS\system32\xp_eos.exe
G:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - G:\WINDOWS\system32\xp_eos.exe -c
G:\WINDOWS\tasks\WGASetup.job - G:\WINDOWS\system32\KB905474\wgasetup.exe /autoauto

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-10 457712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsusACPIServer"=G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2010-04-30 1245608]
"AsusEPCMonitor"=G:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-05-08 98304]
"RTHDCPL"=G:\WINDOWS\RTHDCPL.EXE [2009-11-18 18789408]
"SynTPEnh"=G:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-04-09 1512744]
"AvastUI.exe"=G:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-10 4085896]
"Adobe ARM"=G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"seznam-listicka-distribuce"=G:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=G:\WINDOWS\system32\NvCpl.dll [2013-10-29 15678752]
"nwiz"=G:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-11-23 2602784]
"GrooveMonitor"=G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SynAsusAcpi"=G:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-04-09 79144]
"MSConfig"=G:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=G:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
G:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
G:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\G:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^SuperHybridEngine.lnk]
G:\PROGRA~1\ASUS\EeePC\SUPERH~1\SUPERH~1.EXE [2009-04-30 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2
"Bonjour Service"=2
"TeamViewer9"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - G:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\TeamViewer\Version9\TeamViewer.exe"="G:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"G:\Program Files\Bonjour\mDNSResponder.exe"="G:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\Dropbox.exe"="G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"G:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="G:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Program Files\Google\Chrome\Application\chrome.exe"="G:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"G:\Program Files\Skype\Phone\Skype.exe"="G:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=G:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=G:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-11-12 16:45:48 ----D---- G:\Program Files\trend micro
2014-11-12 16:45:43 ----D---- G:\rsit
2014-11-12 15:51:07 ----A---- G:\WINDOWS\system32\drivers\Dot4Prt.sys
2014-11-12 15:28:13 ----A---- G:\WINDOWS\system32\drivers\Dot4.sys
2014-11-12 15:28:12 ----A---- G:\WINDOWS\system32\drivers\Dot4usb.sys
2014-11-12 15:28:11 ----D---- G:\WINDOWS\LastGood

======List of files/folders modified in the last 1 month======

2014-11-12 17:00:33 ----A---- G:\WINDOWS\win.ini
2014-11-12 17:00:33 ----A---- G:\WINDOWS\system.ini
2014-11-12 16:53:31 ----SHD---- G:\WINDOWS\Installer
2014-11-12 16:53:30 ----D---- G:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-11-12 16:49:46 ----D---- G:\Documents and Settings\Adéla\Data aplikací\Skype
2014-11-12 16:46:08 ----D---- G:\WINDOWS\Prefetch
2014-11-12 16:45:48 ----D---- G:\Program Files
2014-11-12 16:44:19 ----D---- G:\WINDOWS\Temp
2014-11-12 16:37:02 ----D---- G:\WINDOWS
2014-11-12 16:17:37 ----D---- G:\WINDOWS\system32\MRT
2014-11-12 16:13:14 ----A---- G:\WINDOWS\system32\MRT.exe
2014-11-12 15:51:13 ----RSHDC---- G:\WINDOWS\system32\dllcache
2014-11-12 15:51:08 ----D---- G:\WINDOWS\system32\drivers
2014-11-12 15:51:05 ----HD---- G:\WINDOWS\inf
2014-11-12 15:28:07 ----D---- G:\WINDOWS\system32\CatRoot2
2014-11-09 11:30:23 ----D---- G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz
2014-11-09 07:06:39 ----N---- G:\WINDOWS\SchedLgU.Txt
2014-11-07 09:14:24 ----D---- G:\WINDOWS\system32
2014-11-07 09:14:24 ----A---- G:\WINDOWS\system32\PerfStringBackup.INI
2014-10-18 11:46:13 ----SD---- G:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; G:\WINDOWS\system32\drivers\aswRvrt.sys [2014-09-10 49944]
R0 aswVmm;avast! VM Monitor; G:\WINDOWS\system32\drivers\aswVmm.sys [2014-09-10 192352]
R1 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr.sys [2014-09-10 55112]
R1 aswSnx;aswSnx; G:\WINDOWS\system32\drivers\aswSnx.sys [2014-09-10 779536]
R1 aswSP;aswSP; G:\WINDOWS\system32\drivers\aswSP.sys [2014-09-10 414520]
R1 aswTdi;aswTdi; G:\WINDOWS\system32\drivers\aswTdi.sys [2014-09-10 57800]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; G:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-03-02 243128]
R1 intelppm;Řadič procesoru Intel; G:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; G:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswHwid;avast! HardwareID; G:\WINDOWS\system32\drivers\aswHwid.sys [2014-09-10 24184]
R2 aswMonFlt;aswMonFlt; G:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-09-10 67824]
R3 AsusACPI;ASUS ACPI Driver; G:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 Dot4;Ovladač MS IEEE-1284.4; G:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; G:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; G:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; G:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); G:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-11-18 5956608]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; G:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 nv;nv; G:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-11-23 11015392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; G:\WINDOWS\system32\drivers\nvhda32.sys [2009-08-12 56992]
R3 nvsmu;nvsmu; G:\WINDOWS\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RTL8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; G:\WINDOWS\system32\DRIVERS\rtl8192se.sys [2009-09-23 561024]
R3 SynTP;Synaptics TouchPad Driver; G:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-04-09 208816]
R3 usbsmi;USB2.0 UVC WebCam ; G:\WINDOWS\system32\DRIVERS\SMIksdrv.sys [2010-01-06 182144]
R3 Wdf01000;Kernel Mode Driver Frameworks service; G:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 Ambfilt;Ambfilt; G:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-06 1684736]
S3 CCDECODE;Dekodér Closed Caption; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Monfilt;Monfilt; G:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; G:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; G:\WINDOWS\System32\Drivers\usbaapl.sys [2013-03-18 45056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; G:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; G:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; G:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-10 50344]
R2 NVSvc;NVIDIA Driver Helper Service; G:\WINDOWS\system32\nvsvc32.exe [2013-10-29 156960]
R2 nvUpdatusService;NVIDIA Update Service Daemon; G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-23 1364256]
R4 Apple Mobile Device;Apple Mobile Device; G:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R4 Bonjour Service;Bonjour Service; G:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R4 TeamViewer9;TeamViewer 9; G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-01-29 4915040]
S2 gupdate;Služba Google Update (gupdate); G:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-02 116648]
S3 gupdatem;Služba Google Update (gupdatem); G:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-02 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; G:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; G:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; G:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; G:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 12 lis 2014 19:13

Zdravim

Pokud nepouzivate, odinstalujte Seznam Software

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Písa · #3 Příspěvek od **Písa** » 12 lis 2014 21:24

crystal disk

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2014/11/12 20:55:21

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- ST9160314AS
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) ST9160314AS : 160,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9160314AS
----------------------------------------------------------------------------
Model : ST9160314AS
Firmware : 0002SDM1
Serial Number : 6VC4EFYP
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 1252 hod.
Power On Count : 1485 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 116 _99 __6 00000657ADB6 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 0000000005D2 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _79 _60 _30 000005273BE2 Počet chybných hledání
09 _99 _97 __0 0000000004E4 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _38 _20 0000000005CD Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 00000000000F Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _65 _55 _45 000027130023 Teplota toku vzduchu
BF 100 100 __0 00000000002D Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000001F Počet vypnutí disku
C1 _50 _50 __0 000000018E1E Počet cyklů načítání/vymazání
C2 _35 _45 __0 000A00000023 Teplota
C3 _71 _64 __0 00000657ADB6 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3656 3656 4334 4546 5950
020: 0000 4000 0004 3030 3032 4D31 4D31 5354 3931 3630
030: 3331 3441 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 407F 001A
090: 001A 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5000 C500
110: 227C 2283 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 9EB0
130: 12A1 9EB0 12A1 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8BA5

adw:

# AdwCleaner v4.101 - Report created 12/11/2014 at 21:12:13
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Adéla - ADELA
# Running from : G:\Documents and Settings\Adéla\Plocha\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : G:\Program Files\maucampo

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\maucampo
Key Deleted : HKLM\SOFTWARE\maucampo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\maucampo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\maucampo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v38.0.2125.111

*************************

AdwCleaner[R0].txt - [1319 octets] - [12/11/2014 20:58:31]
AdwCleaner[S0].txt - [1256 octets] - [12/11/2014 21:12:13]

########## EOF - G:\AdwCleaner\AdwCleaner[S0].txt - [1316 octets] ##########

#4 Příspěvek od **Márty84** » 13 lis 2014 03:30

Disk hlasi dost chyb, i to muze byt pricina zpomaleni. Uvidime po procisteni.

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

Písa · #5 Příspěvek od **Písa** » 14 lis 2014 10:27

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.11.14.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Adéla :: ADELA [administrátor]

Ochrana: Povolena

14.11.2014 9:11:58
MBAM-log-2014-11-14 (10-25-04).txt

Typ: Kompletní kontrola (C:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 355051
Uplynulý čas: 1 hodin, 10 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 7
G:\AdwCleaner\Quarantine\G\Program Files\maucampo\maucampo.FirstRun.exe.vir (PUP.Optional.Sambreel.A) -> Nebyla provedena žádná instrukce.
G:\AdwCleaner\Quarantine\G\Program Files\maucampo\maucampoUninstall.exe.vir (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
G:\AdwCleaner\Quarantine\G\Program Files\maucampo\updatemaucampo.exe.vir (PUP.Optional.Maucampo.A) -> Nebyla provedena žádná instrukce.
G:\Documents and Settings\Adéla\Dokumenty\Downloads\FreeZipSetup-N61VDgUWd.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
G:\Documents and Settings\Adéla\Dokumenty\Downloads\FreeZipSetup-N6TGUCRY2.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\File System\001\t\00\00000000 (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\File System\001\t\00\00000001 (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.

(konec)

#6 Příspěvek od **Márty84** » 14 lis 2014 17:07

Nalezy nechte odstranit, pak MBAM odinstalujte.

Dejte novy log z RSIT.

Písa · #7 Příspěvek od **Písa** » 14 lis 2014 18:47

Logfile of random's system information tool 1.10 (written by random/random)
Run by Adéla at 2014-11-14 18:46:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive G: has 28 GB (51%) free of 55 GB
Total RAM: 895 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:46:30, on 14.11.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\AVAST Software\Avast\AvastSvc.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
G:\Program Files\EeePC\ACPI\AsEPCMon.exe
G:\WINDOWS\RTHDCPL.EXE
G:\Program Files\Synaptics\SynTP\SynTPEnh.exe
G:\Program Files\AVAST Software\Avast\AvastUI.exe
G:\WINDOWS\system32\RunDLL32.exe
G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
G:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\wuauclt.exe
G:\WINDOWS\System32\alg.exe
G:\WINDOWS\system32\wbem\wmiprvse.exe
G:\WINDOWS\system32\wbem\unsecapp.exe
G:\WINDOWS\system32\wbem\wmiprvse.exe
G:\Documents and Settings\Adéla\Dokumenty\Downloads\RSIT.exe
G:\Program Files\trend micro\Adéla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [AsusACPIServer] G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] G:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] G:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] "G:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "G:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] G:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [GrooveMonitor] "G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SynAsusAcpi] G:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [StatusClient] G:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] G:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1343024091-1592454029-299502267-1004\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1343024091-1592454029-299502267-1004\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://G:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - G:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - G:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Pml Driver HPZ12 - HP - G:\WINDOWS\system32\HPZipm12.exe

--
End of file - 7806 bytes

======Scheduled tasks folder======

G:\WINDOWS\tasks\AppleSoftwareUpdate.job - G:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
G:\WINDOWS\tasks\avast! Emergency Update.job - G:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - G:\Program Files\Google\Update\GoogleUpdate.exe /c
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - G:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
G:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - G:\WINDOWS\system32\xp_eos.exe
G:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - G:\WINDOWS\system32\xp_eos.exe -c
G:\WINDOWS\tasks\WGASetup.job - G:\WINDOWS\system32\KB905474\wgasetup.exe /autoauto

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsusACPIServer"=G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2010-04-30 1245608]
"AsusEPCMonitor"=G:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-05-08 98304]
"RTHDCPL"=G:\WINDOWS\RTHDCPL.EXE [2009-11-18 18789408]
"SynTPEnh"=G:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-04-09 1512744]
"AvastUI.exe"=G:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-10 4085896]
"Adobe ARM"=G:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"seznam-listicka-distribuce"=G:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=G:\WINDOWS\system32\NvCpl.dll [2013-10-29 15678752]
"nwiz"=G:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-11-23 2602784]
"GrooveMonitor"=G:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SynAsusAcpi"=G:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-04-09 79144]
""= []
"StatusClient"=G:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=G:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=G:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
G:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
G:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\G:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^SuperHybridEngine.lnk]
G:\PROGRA~1\ASUS\EeePC\SUPERH~1\SUPERH~1.EXE [2009-04-30 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2
"Bonjour Service"=2
"TeamViewer9"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - G:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=G:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\TeamViewer\Version9\TeamViewer.exe"="G:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"G:\Program Files\Bonjour\mDNSResponder.exe"="G:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\Dropbox.exe"="G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"G:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="G:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Program Files\Google\Chrome\Application\chrome.exe"="G:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"G:\Program Files\Skype\Phone\Skype.exe"="G:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"G:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="G:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=G:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=G:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-11-14 08:39:47 ----D---- G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes
2014-11-14 08:38:50 ----D---- G:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-11-12 20:58:24 ----D---- G:\AdwCleaner
2014-11-12 17:10:51 ----D---- G:\Program Files\Hewlett-Packard
2014-11-12 17:09:44 ----A---- G:\WINDOWS\hplj1010.ini
2014-11-12 17:09:35 ----A---- G:\WINDOWS\hpbvspst.ini
2014-11-12 16:45:48 ----D---- G:\Program Files\trend micro
2014-11-12 16:45:43 ----D---- G:\rsit
2014-11-12 15:51:07 ----A---- G:\WINDOWS\system32\drivers\Dot4Prt.sys
2014-11-12 15:28:13 ----A---- G:\WINDOWS\system32\drivers\Dot4.sys
2014-11-12 15:28:12 ----A---- G:\WINDOWS\system32\drivers\Dot4usb.sys

======List of files/folders modified in the last 1 month======

2014-11-14 18:46:20 ----D---- G:\WINDOWS\Prefetch
2014-11-14 18:45:37 ----D---- G:\WINDOWS\system32\drivers
2014-11-14 18:45:37 ----D---- G:\Program Files
2014-11-14 18:40:14 ----A---- G:\WINDOWS\SchedLgU.Txt
2014-11-14 18:38:47 ----D---- G:\WINDOWS\Offline Web Pages
2014-11-14 10:29:36 ----D---- G:\WINDOWS\system32\CatRoot2
2014-11-14 08:35:59 ----RSHDC---- G:\WINDOWS\system32\dllcache
2014-11-14 08:35:47 ----D---- G:\WINDOWS\system32
2014-11-14 08:35:36 ----D---- G:\Program Files\Messenger
2014-11-14 08:27:47 ----D---- G:\WINDOWS\Temp
2014-11-12 21:14:48 ----D---- G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz
2014-11-12 21:14:47 ----D---- G:\WINDOWS
2014-11-12 21:14:12 ----HD---- G:\WINDOWS\inf
2014-11-12 21:02:56 ----D---- G:\Documents and Settings\Adéla\Data aplikací\Skype
2014-11-12 17:13:22 ----SHD---- G:\WINDOWS\Installer
2014-11-12 17:12:53 ----D---- G:\WINDOWS\system32\CatRoot
2014-11-12 17:10:53 ----RSD---- G:\WINDOWS\Fonts
2014-11-12 17:00:33 ----A---- G:\WINDOWS\win.ini
2014-11-12 17:00:33 ----A---- G:\WINDOWS\system.ini
2014-11-12 16:53:30 ----D---- G:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-11-12 16:44:19 ----D---- G:\WINDOWS\system32\MRT
2014-11-12 16:13:14 ----A---- G:\WINDOWS\system32\MRT.exe
2014-11-07 09:14:24 ----A---- G:\WINDOWS\system32\PerfStringBackup.INI
2014-10-18 11:46:13 ----SD---- G:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; G:\WINDOWS\system32\drivers\aswRvrt.sys [2014-09-10 49944]
R0 aswVmm;avast! VM Monitor; G:\WINDOWS\system32\drivers\aswVmm.sys [2014-09-10 192352]
R1 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr.sys [2014-09-10 55112]
R1 aswSnx;aswSnx; G:\WINDOWS\system32\drivers\aswSnx.sys [2014-09-10 779536]
R1 aswSP;aswSP; G:\WINDOWS\system32\drivers\aswSP.sys [2014-09-10 414520]
R1 aswTdi;aswTdi; G:\WINDOWS\system32\drivers\aswTdi.sys [2014-09-10 57800]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; G:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-03-02 243128]
R1 intelppm;Řadič procesoru Intel; G:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; G:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswHwid;avast! HardwareID; G:\WINDOWS\system32\drivers\aswHwid.sys [2014-09-10 24184]
R2 aswMonFlt;aswMonFlt; G:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-09-10 67824]
R3 AsusACPI;ASUS ACPI Driver; G:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; G:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); G:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-11-18 5956608]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; G:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 nv;nv; G:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-11-23 11015392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; G:\WINDOWS\system32\drivers\nvhda32.sys [2009-08-12 56992]
R3 nvsmu;nvsmu; G:\WINDOWS\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RTL8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; G:\WINDOWS\system32\DRIVERS\rtl8192se.sys [2009-09-23 561024]
R3 SynTP;Synaptics TouchPad Driver; G:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-04-09 208816]
R3 usbsmi;USB2.0 UVC WebCam ; G:\WINDOWS\system32\DRIVERS\SMIksdrv.sys [2010-01-06 182144]
R3 Wdf01000;Kernel Mode Driver Frameworks service; G:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 Ambfilt;Ambfilt; G:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-06 1684736]
S3 CCDECODE;Dekodér Closed Caption; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; G:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; G:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; G:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 HidUsb;Ovladač třídy standardu HID; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Monfilt;Monfilt; G:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; G:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; G:\WINDOWS\System32\Drivers\usbaapl.sys [2013-03-18 45056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; G:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; G:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; G:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-10 50344]
R2 NVSvc;NVIDIA Driver Helper Service; G:\WINDOWS\system32\nvsvc32.exe [2013-10-29 156960]
R2 nvUpdatusService;NVIDIA Update Service Daemon; G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-23 1364256]
S2 gupdate;Služba Google Update (gupdate); G:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-02 116648]
S3 gupdatem;Služba Google Update (gupdatem); G:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-02 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; G:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; G:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; G:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; G:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; G:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; G:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Apple Mobile Device;Apple Mobile Device; G:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
S4 Bonjour Service;Bonjour Service; G:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 TeamViewer9;TeamViewer 9; G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-01-29 4915040]

-----------------EOF-----------------

#8 Příspěvek od **Márty84** » 15 lis 2014 00:37

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Písa · #9 Příspěvek od **Písa** » 15 lis 2014 10:16

extras:

OTL Extras logfile created on: 15.11.2014 9:29:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\Documents and Settings\Adéla\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

895,11 Mb Total Physical Memory | 198,63 Mb Available Physical Memory | 22,19% Memory free
2,12 Gb Paging File | 1,38 Gb Available in Paging File | 64,95% Paging File free
Paging file location(s): G:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive C: | 80,00 Gb Total Space | 78,89 Gb Free Space | 98,62% Space Free | Partition Type: NTFS
Drive G: | 54,03 Gb Total Space | 27,72 Gb Free Space | 51,30% Space Free | Partition Type: NTFS

Computer Name: ADELA | User Name: Adéla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- G:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1343024091-1592454029-299502267-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "G:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "G:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"G:\Program Files\TeamViewer\Version9\TeamViewer.exe" = G:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" = G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"G:\Program Files\Bonjour\mDNSResponder.exe" = G:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\Dropbox.exe" = G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = G:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"G:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = G:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = G:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"G:\Program Files\Google\Chrome\Application\chrome.exe" = G:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"G:\Program Files\Skype\Phone\Skype.exe" = G:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"G:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe" = G:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{292C47B2-8DB7-47BF-896C-C3C5EE8108C4}" = hp LaserJet 1010 Series
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 321.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 321.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 140.75
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = USB2.0 UVC WebCam
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 9" = TeamViewer 9
"VLC media player" = VLC media player 2.1.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WinRAR archiver" = WinRAR 5.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1343024091-1592454029-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.11.2014 9:18:15 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12.11.2014 9:18:15 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 58679015

Error - 12.11.2014 9:18:15 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 58679015

Error - 12.11.2014 9:18:17 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12.11.2014 9:18:17 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 58681265

Error - 12.11.2014 9:18:17 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 58681265

Error - 12.11.2014 9:18:19 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12.11.2014 9:18:19 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 58683250

Error - 12.11.2014 9:18:19 | Computer Name = ADELA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 58683250

Error - 14.11.2014 12:29:00 | Computer Name = ADELA | Source = Application Error | ID = 1000
Description = Chybující aplikace asacpisvr.exe, verze 6.1.1.40, chybující modul
nvapi.dll, verze 6.14.13.2101, adresa chyby 0x0000b3a2.

[ System Events ]
Error - 12.11.2014 16:12:13 | Computer Name = ADELA | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 12.11.2014 16:12:13 | Computer Name = ADELA | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Driver Helper Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 12.11.2014 16:12:13 | Computer Name = ADELA | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 14.11.2014 3:26:41 | Computer Name = ADELA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.6 pro síťovou kartu s adresou 1C4BD6ED9226
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 14.11.2014 12:26:01 | Computer Name = ADELA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.6 pro síťovou kartu s adresou 1C4BD6ED9226
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 14.11.2014 13:39:43 | Computer Name = ADELA | Source = DCOM | ID = 10010
Description = Server {5A5AA0AA-1DEB-4683-96B0-B43301E83971} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 14.11.2014 13:42:53 | Computer Name = ADELA | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby NVSvc.

Error - 14.11.2014 13:52:43 | Computer Name = ADELA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.2.7 pro síťovou kartu s adresou 1C4BD6ED9226
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 15.11.2014 4:16:04 | Computer Name = ADELA | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 1C4BD6ED9226. Došlo k následující chybě: %%121. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 15.11.2014 4:51:05 | Computer Name = ADELA | Source = Tcpip | ID = 4199
Description = Systém zjistil konflikt adresy IP 192.168.2.6 se systémem, jehož síťová
hardwarová adresa je 2C:D0:5A:34:13:CC. Síťové operace v systému mohou být přerušeny.

< End of report >

otl:

OTL logfile created on: 15.11.2014 9:29:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\Documents and Settings\Adéla\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

895,11 Mb Total Physical Memory | 198,63 Mb Available Physical Memory | 22,19% Memory free
2,12 Gb Paging File | 1,38 Gb Available in Paging File | 64,95% Paging File free
Paging file location(s): G:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive C: | 80,00 Gb Total Space | 78,89 Gb Free Space | 98,62% Space Free | Partition Type: NTFS
Drive G: | 54,03 Gb Total Space | 27,72 Gb Free Space | 51,30% Space Free | Partition Type: NTFS

Computer Name: ADELA | User Name: Adéla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.11.15 09:26:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Adéla\Plocha\OTL.exe
PRC - [2014.10.22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- G:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.09.10 18:09:34 | 004,085,896 | ---- | M] (AVAST Software) -- G:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.09.10 18:08:41 | 000,050,344 | ---- | M] (AVAST Software) -- G:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.11.23 00:32:22 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2010.04.30 14:22:24 | 001,245,608 | ---- | M] (ASUSTeK Computer Inc.) -- G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2009.05.08 16:54:20 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- G:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- G:\WINDOWS\explorer.exe
PRC - [2002.12.16 16:51:24 | 000,036,864 | ---- | M] (Hewlett-Packard) -- G:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe

========== Modules (No Company Name) ==========

MOD - [2014.11.15 09:23:17 | 002,903,040 | ---- | M] () -- G:\Program Files\AVAST Software\Avast\defs\14111400\algo.dll
MOD - [2014.10.22 05:04:57 | 008,910,664 | ---- | M] () -- G:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014.10.22 05:04:48 | 001,681,224 | ---- | M] () -- G:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014.09.10 18:08:45 | 019,329,904 | ---- | M] () -- G:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.09.10 18:08:43 | 000,301,152 | ---- | M] () -- G:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.12.04 21:23:49 | 000,348,160 | ---- | M] () -- G:\Program Files\WinRAR\rarlng.dll
MOD - [2013.11.23 00:32:40 | 000,468,768 | ---- | M] () -- G:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2009.12.25 02:13:00 | 000,274,432 | ---- | M] () -- G:\WINDOWS\system32\370prop.ax
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- G:\WINDOWS\system32\msdmo.dll
MOD - [2001.07.31 11:17:12 | 000,094,274 | ---- | M] () -- G:\WINDOWS\system32\HPBHEALR.DLL

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014.09.10 18:08:41 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- G:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.01.29 09:23:27 | 004,915,040 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- G:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.11.23 00:32:22 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- G:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2002.08.01 10:22:40 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- G:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014.09.10 18:09:27 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- G:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014.09.10 18:08:47 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- G:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.09.10 18:08:47 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- G:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.09.10 18:08:47 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- G:\WINDOWS\system32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014.09.10 18:08:47 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014.09.10 18:08:47 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014.09.10 18:08:47 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- G:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014.09.10 18:08:47 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- G:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014.03.02 17:14:39 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.01.06 17:37:36 | 000,182,144 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\SMIksdrv.sys -- (usbsmi)
DRV - [2009.11.18 03:51:38 | 005,956,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.09.23 10:08:48 | 000,561,024 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\rtl8192se.sys -- (RTL8192se)
DRV - [2009.08.12 14:19:20 | 000,056,992 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009.06.29 08:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.03.02 21:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2008.08.06 04:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.08 18:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2006.01.04 23:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1343024091-1592454029-299502267-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1343024091-1592454029-299502267-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1343024091-1592454029-299502267-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1343024091-1592454029-299502267-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: G:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: G:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: G:\Program Files\AVAST Software\Avast\WebRep\FF [2014.09.10 18:08:48 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.13.2_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.7.1_0\
CHR - Extension: No name found = G:\Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2001.10.25 13:00:00 | 000,000,737 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - G:\Program Files\AVAST Software\Avast\aswWebRepIE.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AsusACPIServer] G:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] G:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AvastUI.exe] G:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] G:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] G:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] G:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [StatusClient] G:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SynAsusAcpi] G:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-21-1343024091-1592454029-299502267-1004..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-1592454029-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-1592454029-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://G:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - G:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86A4421A-1B65-4997-8784-D3A4E8BFB243}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (G:\WINDOWS\system32\userinit.exe) - G:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: G:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: G:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.03.02 12:01:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - G:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - G:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - G:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - G:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - G:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - G:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - G:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - G:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - G:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - G:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to G:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.11.15 09:25:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- G:\Documents and Settings\Adéla\Plocha\OTL.exe
[2014.11.14 08:39:47 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes
[2014.11.14 08:38:50 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.11.12 20:58:24 | 000,000,000 | ---D | C] -- G:\AdwCleaner
[2014.11.12 17:11:54 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Nabídka Start\Programy\hp LaserJet 1010 series
[2014.11.12 17:10:51 | 000,000,000 | ---D | C] -- G:\Program Files\Hewlett-Packard
[2014.11.12 16:45:48 | 000,000,000 | ---D | C] -- G:\Program Files\trend micro
[2014.11.12 16:45:43 | 000,000,000 | ---D | C] -- G:\rsit
[2014.11.12 16:36:57 | 000,000,000 | RH-D | C] -- G:\Documents and Settings\Adéla\Recent
[2014.11.12 15:51:07 | 000,012,928 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\dllcache\dot4prt.sys
[2014.11.12 15:28:13 | 000,206,976 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\dllcache\dot4.sys
[2014.11.12 15:28:12 | 000,023,808 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\dllcache\dot4usb.sys
[2014.10.30 15:25:56 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Adéla\Plocha\Rehabilitacni lekarstvi
[2014.10.20 15:10:55 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Adéla\Plocha\Pár-vypracovaných-otázek-z-psychiatrie-(VG)
[1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.11.15 09:34:40 | 000,000,512 | ---- | M] () -- G:\PhysicalMBR.bin
[2014.11.15 09:26:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Adéla\Plocha\OTL.exe
[2014.11.15 09:21:01 | 000,000,364 | -H-- | M] () -- G:\WINDOWS\tasks\avast! Emergency Update.job
[2014.11.15 09:19:20 | 000,000,260 | ---- | M] () -- G:\WINDOWS\tasks\WGASetup.job
[2014.11.15 09:14:33 | 000,000,936 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.15 09:14:30 | 000,000,222 | ---- | M] () -- G:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.11.15 09:14:16 | 000,002,048 | --S- | M] () -- G:\WINDOWS\bootstat.dat
[2014.11.14 19:51:02 | 000,000,940 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.14 17:37:13 | 000,000,796 | ---- | M] () -- G:\WINDOWS\System32\nvAppTimestamps
[2014.11.14 08:26:36 | 000,002,206 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl
[2014.11.12 21:14:13 | 000,327,504 | ---- | M] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2014.11.12 20:56:59 | 002,140,160 | ---- | M] () -- G:\Documents and Settings\Adéla\Plocha\adwcleaner_4.101.exe
[2014.11.12 17:13:35 | 000,251,397 | ---- | M] () -- G:\WINDOWS\hplj1010.his
[2014.11.12 17:13:35 | 000,017,750 | ---- | M] () -- G:\WINDOWS\hplj1010.ini
[2014.11.12 17:09:35 | 000,000,157 | ---- | M] () -- G:\WINDOWS\hpbvspst.his
[2014.11.12 17:09:35 | 000,000,120 | ---- | M] () -- G:\WINDOWS\hpbvspst.ini
[2014.11.12 16:40:49 | 000,016,934 | ---- | M] () -- G:\Documents and Settings\Adéla\Dokumenty\cc_20141112_164025.reg
[2014.11.12 16:30:57 | 000,000,284 | ---- | M] () -- G:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.11.09 11:32:21 | 000,002,283 | ---- | M] () -- G:\Documents and Settings\All Users\Plocha\Skype.lnk
[2014.11.08 20:31:29 | 000,000,000 | ---- | M] () -- G:\Cookies
[2014.11.08 15:00:10 | 000,000,216 | ---- | M] () -- G:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.11.07 09:14:24 | 000,311,938 | ---- | M] () -- G:\WINDOWS\System32\perfh009.dat
[2014.11.07 09:14:24 | 000,310,228 | ---- | M] () -- G:\WINDOWS\System32\perfh005.dat
[2014.11.07 09:14:24 | 000,046,394 | ---- | M] () -- G:\WINDOWS\System32\perfc005.dat
[2014.11.07 09:14:24 | 000,040,326 | ---- | M] () -- G:\WINDOWS\System32\perfc009.dat
[2014.10.28 13:55:12 | 000,001,813 | ---- | M] () -- G:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.10.19 21:52:30 | 000,040,448 | ---- | M] () -- G:\Documents and Settings\Adéla\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.11.15 09:34:39 | 000,000,512 | ---- | C] () -- G:\PhysicalMBR.bin
[2014.11.12 20:56:53 | 002,140,160 | ---- | C] () -- G:\Documents and Settings\Adéla\Plocha\adwcleaner_4.101.exe
[2014.11.12 17:09:44 | 000,251,397 | ---- | C] () -- G:\WINDOWS\hplj1010.his
[2014.11.12 17:09:44 | 000,017,750 | ---- | C] () -- G:\WINDOWS\hplj1010.ini
[2014.11.12 17:09:35 | 000,000,157 | ---- | C] () -- G:\WINDOWS\hpbvspst.his
[2014.11.12 17:09:35 | 000,000,120 | ---- | C] () -- G:\WINDOWS\hpbvspst.ini
[2014.11.12 16:40:44 | 000,016,934 | ---- | C] () -- G:\Documents and Settings\Adéla\Dokumenty\cc_20141112_164025.reg
[2014.11.08 20:31:29 | 000,000,000 | ---- | C] () -- G:\Cookies
[2014.09.10 18:08:56 | 000,024,184 | ---- | C] () -- G:\WINDOWS\System32\drivers\aswHwid.sys
[2014.04.17 16:03:57 | 001,122,776 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb0.bin
[2014.04.17 16:03:56 | 001,122,776 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb1.bin
[2014.04.17 16:03:56 | 000,000,001 | ---- | C] () -- G:\WINDOWS\System32\nvdrssel.bin
[2014.04.10 19:02:56 | 000,000,754 | ---- | C] () -- G:\WINDOWS\WORDPAD.INI
[2014.03.31 20:17:54 | 000,000,664 | ---- | C] () -- G:\WINDOWS\System32\d3d9caps.dat
[2014.03.17 17:33:03 | 000,040,448 | ---- | C] () -- G:\Documents and Settings\Adéla\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.03.02 16:30:31 | 000,003,072 | ---- | C] () -- G:\WINDOWS\System32\iacenc.dll
[2014.03.02 16:26:06 | 000,001,769 | ---- | C] () -- G:\WINDOWS\Language_trs.ini
[2014.03.02 16:16:19 | 000,192,352 | ---- | C] () -- G:\WINDOWS\System32\drivers\aswVmm.sys
[2014.03.02 16:16:18 | 000,049,944 | ---- | C] () -- G:\WINDOWS\System32\drivers\aswRvrt.sys
[2014.03.02 14:00:18 | 000,013,650 | ---- | C] () -- G:\WINDOWS\System32\RaCoInst.dat
[2014.03.02 13:59:42 | 000,451,072 | ---- | C] () -- G:\WINDOWS\System32\ISSRemoveSP.exe
[2014.03.02 13:56:34 | 000,163,840 | ---- | C] () -- G:\WINDOWS\System32\SM37XCoInst.dll
[2014.03.02 13:55:30 | 000,004,692 | ---- | C] () -- G:\WINDOWS\System32\drivers\SamSfPa.dat
[2014.03.02 13:54:53 | 000,025,616 | ---- | C] () -- G:\WINDOWS\AsAcpiSvrLang.ini
[2014.03.02 13:08:30 | 000,004,249 | ---- | C] () -- G:\WINDOWS\ODBCINST.INI
[2014.03.02 13:06:28 | 000,327,504 | ---- | C] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2014.03.02 12:22:01 | 000,002,048 | --S- | C] () -- G:\WINDOWS\bootstat.dat
[2014.03.02 12:14:36 | 000,021,812 | ---- | C] () -- G:\WINDOWS\System32\emptyregdb.dat
[2014.03.02 10:48:21 | 000,032,072 | ---- | C] () -- G:\WINDOWS\System32\perfd005.dat
[2014.03.02 10:48:21 | 000,028,626 | ---- | C] () -- G:\WINDOWS\System32\perfd009.dat
[2014.03.02 10:48:20 | 000,311,938 | ---- | C] () -- G:\WINDOWS\System32\perfh009.dat
[2014.03.02 10:48:20 | 000,310,228 | ---- | C] () -- G:\WINDOWS\System32\perfh005.dat
[2014.03.02 10:48:20 | 000,272,128 | ---- | C] () -- G:\WINDOWS\System32\perfi009.dat
[2014.03.02 10:48:20 | 000,269,162 | ---- | C] () -- G:\WINDOWS\System32\perfi005.dat
[2014.03.02 10:48:20 | 000,046,394 | ---- | C] () -- G:\WINDOWS\System32\perfc005.dat
[2014.03.02 10:48:20 | 000,040,326 | ---- | C] () -- G:\WINDOWS\System32\perfc009.dat
[2014.03.02 10:45:03 | 000,004,463 | ---- | C] () -- G:\WINDOWS\System32\oembios.dat
[2014.03.02 10:44:56 | 013,107,200 | ---- | C] () -- G:\WINDOWS\System32\oembios.bin
[2014.03.02 10:43:41 | 000,004,569 | ---- | C] () -- G:\WINDOWS\System32\secupd.dat
[2014.03.02 10:43:13 | 000,001,804 | ---- | C] () -- G:\WINDOWS\System32\Dcache.bin
[2014.03.02 10:41:46 | 000,673,088 | ---- | C] () -- G:\WINDOWS\System32\mlang.dat
[2014.03.02 10:41:23 | 000,000,741 | ---- | C] () -- G:\WINDOWS\System32\noise.dat
[2014.03.02 10:41:18 | 000,218,003 | ---- | C] () -- G:\WINDOWS\System32\dssec.dat
[2014.03.02 10:40:30 | 000,046,258 | ---- | C] () -- G:\WINDOWS\System32\mib.bin
[2013.11.23 00:32:36 | 002,294,284 | ---- | C] () -- G:\WINDOWS\System32\nvdata.data

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = G:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = G:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.03.02 16:22:15 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\AVAST Software
[2014.04.17 16:55:31 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\DAEMON Tools Lite
[2014.04.15 18:15:57 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Dropbox
[2014.04.15 18:15:55 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\DropboxMaster
[2014.04.01 21:25:04 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\OpenOffice
[2014.11.12 21:14:48 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz
[2014.03.10 19:43:06 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\TeamViewer
[2014.09.22 18:22:00 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014.03.02 14:03:29 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.04.06 21:08:47 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2014.03.02 14:00:18 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Data aplikací\Ralink Driver

========== Purity Check ==========

========== Custom Scans ==========

< >
[2014.03.02 12:15:39 | 000,000,065 | RH-- | C] () -- G:\WINDOWS\Tasks\desktop.ini
[2014.03.02 12:23:34 | 000,000,006 | -H-- | C] () -- G:\WINDOWS\Tasks\SA.DAT
[2014.03.02 16:16:40 | 000,000,936 | ---- | C] () -- G:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.02 16:16:41 | 000,000,940 | ---- | C] () -- G:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.02 16:18:52 | 000,000,364 | -H-- | C] () -- G:\WINDOWS\Tasks\avast! Emergency Update.job
[2014.03.04 16:13:07 | 000,000,260 | ---- | C] () -- G:\WINDOWS\Tasks\WGASetup.job
[2014.03.10 20:12:55 | 000,000,284 | ---- | C] () -- G:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2014.03.30 21:05:29 | 000,000,216 | ---- | C] () -- G:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.30 21:05:30 | 000,000,222 | ---- | C] () -- G:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- G:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- G:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- G:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- G:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- G:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- G:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- G:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- G:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- G:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- G:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- G:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- G:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- G:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- G:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- G:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- G:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- G:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- G:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- G:\WINDOWS\system32\netlogon.dll

< MD5 for: NVGTS.SYS >
[2009.07.01 01:31:18 | 000,164,896 | ---- | M] (NVIDIA Corporation) MD5=17F915C35450783A446E70693AFA749B -- G:\Documents and Settings\Adéla\Dokumenty\Downloads\Chipset-NMCP79-V15_46XP\XP\IDE\WinXP\sataraid\nvgts.sys
[2009.07.01 01:31:00 | 000,164,896 | ---- | M] (NVIDIA Corporation) MD5=619D8943725402D1179941FD58574CC8 -- G:\Documents and Settings\Adéla\Dokumenty\Downloads\Chipset-NMCP79-V15_46XP\XP\IDE\WinXP\sata_ide\nvgts.sys

< MD5 for: NVRD32.SYS >
[2009.07.01 01:31:18 | 000,139,296 | ---- | M] (NVIDIA Corporation) MD5=C0B63B73BC79C48EAF53900E494F6DE9 -- G:\Documents and Settings\Adéla\Dokumenty\Downloads\Chipset-NMCP79-V15_46XP\XP\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- G:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- G:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- G:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- G:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- G:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- G:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- G:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- G:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- G:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- G:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- G:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- G:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- G:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- G:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- G:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- G:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 G:\WINDOWS\system32\*.tmp files -> G:\WINDOWS\system32\*.tmp -> ]
[1 G:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> G:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.03.18 15:27:05 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Adobe
[2014.03.10 20:22:10 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Apple Computer
[2014.03.02 16:22:15 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\AVAST Software
[2014.04.17 16:55:31 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\DAEMON Tools Lite
[2014.04.15 18:15:57 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Dropbox
[2014.04.15 18:15:55 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\DropboxMaster
[2014.03.02 12:27:51 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Identities
[2014.03.02 14:00:13 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\InstallShield
[2014.11.14 08:39:47 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes
[2014.09.22 20:46:38 | 000,000,000 | --SD | M] -- G:\Documents and Settings\Adéla\Data aplikací\Microsoft
[2014.04.01 21:25:04 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\OpenOffice
[2014.11.12 21:14:48 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Seznam.cz
[2014.11.12 21:02:56 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\Skype
[2014.03.10 19:43:06 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\TeamViewer
[2014.10.05 14:51:01 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\vlc
[2014.03.02 13:48:18 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Adéla\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2014.03.19 13:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\Dropbox.exe
[2014.03.19 13:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 13:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- G:\Documents and Settings\Adéla\Data aplikací\Dropbox\bin\DropboxUpdateHelper.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 G:\WINDOWS\system32\*.tmp files -> G:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2014.03.02 12:39:38 | 000,094,208 | ---- | M] () -- G:\WINDOWS\System32\config\default.sav
[2014.03.02 12:39:38 | 001,093,632 | ---- | M] () -- G:\WINDOWS\System32\config\software.sav
[2014.03.02 12:39:38 | 000,487,424 | ---- | M] () -- G:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 G:\WINDOWS\system32\*.tmp files -> G:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.11.12 21:14:13 | 000,327,504 | ---- | M] () -- G:\WINDOWS\system32\FNTCACHE.DAT
[2014.11.12 16:13:14 | 100,445,232 | ---- | M] (Microsoft Corporation) -- G:\WINDOWS\system32\MRT.exe
[2014.11.14 17:37:13 | 000,000,796 | ---- | M] () -- G:\WINDOWS\system32\nvAppTimestamps
[2014.11.14 08:26:36 | 000,002,206 | ---- | M] () -- G:\WINDOWS\system32\wpa.dbl
[1 G:\WINDOWS\system32\*.tmp files -> G:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = G:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.11.15 09:34:40 | 000,000,512 | ---- | M] () MD5=EC48DB5DC2BB381EE1F194E95A332098 -- G:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.08.13 13:14:30 | 000,009,418 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.13.2_0\img\gifloader.gif
[2014.07.24 14:53:16 | 000,072,638 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Data aplikací\Skype\Apps\login\images\loader.gif
[2014.07.24 14:53:16 | 000,003,032 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Data aplikací\Skype\Apps\login\images\loader.png
[2014.07.24 14:53:16 | 000,006,012 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.24 14:53:16 | 000,021,956 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.24 14:53:16 | 000,009,772 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2014.11.12 17:41:28 | 000,001,980 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Temporary Internet Files\Content.IE5\2GYPRG18\AdLoader[1].htm
[2014.11.12 17:41:30 | 000,019,075 | ---- | M] () -- \Documents and Settings\Adéla\Local Settings\Temporary Internet Files\Content.IE5\OWP5KS9X\AdLoader-1e2a66f59d6cdbb4b88978ac4dfd3746.min[1].js
[2014.09.10 18:08:40 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.02.12 20:58:20 | 000,007,281 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2001.10.25 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

#10 Příspěvek od **Márty84** » 15 lis 2014 10:26

Napiste mi velikost adresare plochy (G:\Documents and Settings\Adéla\Plocha)

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
gupdate
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
G:\WINDOWS\tasks\AppleSoftwareUpdate.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
G:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
G:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
G:\WINDOWS\tasks\WGASetup.job
G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes
G:\Documents and Settings\All Users\Data aplikací\Malwarebytes

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1343024091-1592454029-299502267-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
O4 - HKLM..\Run: [] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-21-1343024091-1592454029-299502267-1004..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://G:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe File not found
[1 G:\WINDOWS\System32\*.tmp files -> G:\WINDOWS\System32\*.tmp -> ]
[1 G:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> G:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"seznam-listicka-distribuce"=-
"NvMediaCenter"=-
"GrooveMonitor"=-
""=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Písa · #11 Příspěvek od **Písa** » 15 lis 2014 10:51

G:\Documents and Settings\Adéla
velikost: 184 MB (193 159 050 bajtů)
velikost na disku: 171 MB (180 257 139 bajtů)

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Adéla
->Temp folder emptied: 4123017 bytes
->Temporary Internet Files folder emptied: 1388999 bytes
->Google Chrome cache emptied: 278573255 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1120543 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 20541 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 272,00 mb

[EMPTYFLASH]

User: Adéla

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder G:\WINDOWS\system32\*.tmp.dll not found.
File/Folder G:\WINDOWS\system32\SET*.tmp not found.
File/Folder G:\WINDOWS\*.tmp not found.
G:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
G:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
G:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
G:\WINDOWS\tasks\WGASetup.job moved successfully.
G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
G:\Documents and Settings\Adéla\Data aplikací\Malwarebytes folder moved successfully.
G:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
G:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
G:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
G:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
G:\Documents and Settings\All Users\Data aplikací\Malwarebytes folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1343024091-1592454029-299502267-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1343024091-1592454029-299502267-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NvMediaCenter deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 11152014_103538

Files\Folders moved on Reboot...
File move failed. G:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder G:\WINDOWS\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#12 Příspěvek od **Márty84** » 15 lis 2014 10:56

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

Písa · #13 Příspěvek od **Písa** » 18 lis 2014 18:09

asi se to trochu vylepšilo, lepší už to asi nebude

, ale co víc chtít od tohohle staříka

unchained · #14 Příspěvek od **unchained** » 18 lis 2014 18:19

Omlouvám se, že se do toho cpu, ale z vlastní zkušenosti - majitelka dvou doposud funkčních Eee PC ( stáří 6 a 5 let) a dvou ASUS ROG notebooků - bych ráda poradila, co se stařečkem...
Pokud máte známého, který se vyzná, nebo si troufáte vy sám, doporučuji noťásek rozebrat, vyčistit větráky, chladič a přepastovat čipy. Rázem omládne o dva roky.

#15 Příspěvek od **Márty84** » 18 lis 2014 20:58

unchained píše:Omlouvám se, že se do toho cpu, ale z vlastní zkušenosti - majitelka dvou doposud funkčních Eee PC ( stáří 6 a 5 let) a dvou ASUS ROG notebooků - bych ráda poradila, co se stařečkem...
Pokud máte známého, který se vyzná, nebo si troufáte vy sám, doporučuji noťásek rozebrat, vyčistit větráky, chladič a přepastovat čipy. Rázem omládne o dva roky.

Tohle by samozrejme pocitaci taky prospelo

Zkusime jeste...

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

VIRY.CZ

zpomalený ntb eee

zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee

Re: zpomalený ntb eee