kontrola LOGu

Pepas87 · Příspěvekod **Pepas87** » 04 pro 2009 17:46

tak na ten T cleaner me avast hlasi trojana..

Reklama

Damned · Příspěvekod **Damned** » 04 pro 2009 18:19

Četl jsi pořádně co jsem psal?

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)

Klikni pravým na ikonu avastu a zvol "Zastavit rezidentní ochrany..." pak zase "Spustit....."

Pepas87 · Příspěvekod **Pepas87** » 05 pro 2009 00:27

zdravim..

sorry, delam spousta veci naraz a nejak jsem to prahlidl..
tady je novy combofix..

ComboFix 09-12-03.06 - pepas 05.12.2009 0:19.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1571 [GMT 1:00]
Spuštěný z: c:\documents and settings\pepas\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091204-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-11-04 do 2009-12-04 )))))))))))))))))))))))))))))))
.

2009-12-04 20:35 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-12-04 20:35 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-12-04 20:35 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-12-04 20:35 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-12-04 20:35 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-12-04 20:35 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-12-04 20:35 . 2009-12-04 20:35 -------- d-----w- c:\program files\Ahead
2009-12-04 18:30 . 2009-12-04 19:05 -------- d-----w- c:\program files\Share Rapid Uploader
2009-12-04 11:50 . 2009-12-04 11:50 -------- d-----w- c:\documents and settings\pepas\DoctorWeb
2009-12-04 11:30 . 2009-12-04 11:30 0 ----a-w- c:\windows\ativpsrm.bin
2009-11-30 19:47 . 2009-11-30 19:47 -------- d-----w- C:\ATI
2009-11-17 11:41 . 2009-11-17 11:41 -------- d-----w- c:\program files\MSECache
2009-11-12 16:12 . 2009-11-12 16:12 -------- d-----w- c:\program files\SystemRequirementsLab
2009-11-12 16:12 . 2009-11-12 16:12 -------- d-----w- c:\documents and settings\pepas\SystemRequirementsLab
2009-11-12 15:42 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-12 15:42 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-11-12 15:42 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-04 23:11 . 2009-08-19 19:45 -------- d-----w- c:\program files\SpeedFan
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\BRS
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-04 21:32 . 2009-12-04 21:32 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-04 21:32 . 2009-12-04 21:32 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\OpenAL
2009-12-04 21:19 . 2009-08-19 18:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 20:35 . 2009-09-26 13:18 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-04 19:40 . 2009-08-28 20:19 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-11-30 19:53 . 2009-08-19 18:05 -------- d-----w- c:\program files\ATI Technologies
2009-11-24 23:54 . 2009-08-19 18:53 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-08-19 18:53 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-08-19 18:53 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-08-19 18:53 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-08-19 18:53 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-08-19 18:53 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-08-19 18:53 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-08-19 18:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-08-19 18:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 07:35 . 2009-11-02 16:47 -------- d-----w- c:\program files\Java
2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-01 11:56 . 2009-10-07 20:37 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-01 11:56 . 2009-10-07 20:37 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-28 17:07 . 2009-08-28 19:57 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-25 20:32 . 2001-10-25 14:00 95694 ----a-w- c:\windows\system32\perfc005.dat
2009-10-25 20:32 . 2001-10-25 14:00 475458 ----a-w- c:\windows\system32\perfh005.dat
2009-10-17 12:31 . 2009-10-17 12:31 -------- d-----w- c:\program files\PDFCreator
2009-10-17 09:02 . 2009-10-17 09:02 -------- d-----w- c:\program files\MSXML 4.0
2009-10-16 15:12 . 2009-10-16 14:55 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-16 15:11 . 2009-09-25 14:46 -------- d-----w- c:\program files\Microsoft.NET
2009-10-16 15:07 . 2009-10-16 14:59 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2009-10-16 15:01 . 2009-10-16 15:00 -------- d-----w- c:\program files\AOEMView 2009
2009-10-16 15:00 . 2009-10-16 15:00 -------- d-----w- c:\program files\Microsoft WSE
2009-10-16 15:00 . 2009-10-16 14:59 -------- d-----w- c:\program files\DWG TrueView 2009
2009-10-16 10:19 . 2009-12-04 21:32 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-10-15 16:22 . 2009-10-15 16:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-15 11:44 . 2009-12-04 21:32 809560 ----a-r- c:\windows\system32\tmp16A.tmp
2009-10-15 11:44 . 2009-12-04 21:32 809560 ----a-r- c:\windows\system32\tmp169.tmp
2009-10-15 10:03 . 2009-10-15 10:03 -------- d-----w- c:\program files\Trend Micro
2009-10-12 22:36 . 2009-10-12 22:36 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-11 03:17 . 2009-11-02 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-07 20:37 . 2009-10-07 20:37 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-30 04:18 . 2007-03-15 01:57 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-30 02:20 . 2009-08-19 18:05 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:19 . 2007-03-15 01:57 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-30 02:10 . 2007-03-15 01:50 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10 . 2007-03-15 01:50 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10 . 2007-03-15 01:50 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10 . 2007-03-15 01:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10 . 2007-03-15 01:49 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08 . 2007-03-15 01:48 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08 . 2009-08-19 18:05 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07 . 2007-03-15 01:47 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07 . 2007-03-15 01:19 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 02:00 . 2007-03-15 01:40 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-30 01:47 . 2007-03-15 01:29 2670592 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-30 01:46 . 2009-09-30 01:46 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-30 01:46 . 2009-09-30 01:46 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-09-30 01:34 . 2009-09-30 01:34 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 01:30 . 2007-03-15 01:16 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-30 01:28 . 2009-09-30 01:28 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 01:28 . 2007-03-15 01:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-30 01:27 . 2007-03-15 01:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 01:26 . 2009-09-30 01:26 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-30 01:26 . 2009-09-30 01:26 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-30 01:22 . 2007-03-15 01:10 626688 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-29 20:15 . 2009-08-19 18:05 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-09-26 20:16 . 2009-09-26 20:16 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-09-26 20:16 . 2009-09-26 20:16 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-09-25 05:58 . 2004-08-17 13:49 663040 ------w- c:\windows\system32\wininet.dll
2009-09-25 05:58 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:35 . 2004-08-17 13:49 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-10-15 16:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-10-15 16:22 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\HRY\\anno 1701\\Anno1701.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\HRY\\CS source\\Counter-Strike Source\\hl2.exe"=
"d:\\HRY\\men of war\\Men of War\\mow.exe"=
"d:\\HRY\\DIRT 2\\dirt2_game.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19.8.2009 19:53 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.8.2009 19:53 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.8.2009 0:10 721904]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - d:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\pepas\Data aplikací\Mozilla\Firefox\Profiles\jfb8xjiq.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Ahead\nero\uninstall\UNNERO.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-05 00:22
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-05 00:23
ComboFix-quarantined-files.txt 2009-12-04 23:23

Před spuštěním: 2 619 756 544
Po spuštění: 2 988 040 192

- - End Of File - - 9D81E1BC02A4C99FFE0364836D017A8F

Damned · Příspěvekod **Damned** » 05 pro 2009 00:42

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\*.tmp
c:\windows\ativpsrm.bin
c:\windows\system32\tmp16A.tmp
c:\windows\system32\tmp169.tmp

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

Pepas87 · Příspěvekod **Pepas87** » 05 pro 2009 02:02

tak snad se to vymazalo, hlasilo to nejakou aktualizaci..

ComboFix 09-12-04.02 - pepas 05.12.2009 1:46.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1525 [GMT 1:00]
Spuštěný z: c:\documents and settings\pepas\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pepas\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 091204-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\windows\ativpsrm.bin"
"c:\windows\system32\tmp169.tmp"
"c:\windows\system32\tmp16A.tmp"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ativpsrm.bin
c:\windows\system32\tmp169.tmp
c:\windows\system32\tmp16A.tmp

ComboFix 09-12-04.02 - pepas 05.12.2009 1:46.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1525 [GMT 1:00]
Spuštěný z: c:\documents and settings\pepas\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pepas\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 091204-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\windows\ativpsrm.bin"
"c:\windows\system32\tmp169.tmp"
"c:\windows\system32\tmp16A.tmp"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ativpsrm.bin
c:\windows\system32\tmp169.tmp
c:\windows\system32\tmp16A.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-05 do 2009-12-05 )))))))))))))))))))))))))))))))
.

2009-12-04 20:35 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-12-04 20:35 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-12-04 20:35 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-12-04 20:35 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-12-04 20:35 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-12-04 20:35 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-12-04 20:35 . 2009-12-04 20:35 -------- d-----w- c:\program files\Ahead
2009-12-04 18:30 . 2009-12-04 19:05 -------- d-----w- c:\program files\Share Rapid Uploader
2009-12-04 11:50 . 2009-12-04 11:50 -------- d-----w- c:\documents and settings\pepas\DoctorWeb
2009-11-30 19:47 . 2009-11-30 19:47 -------- d-----w- C:\ATI
2009-11-17 11:41 . 2009-11-17 11:41 -------- d-----w- c:\program files\MSECache
2009-11-12 16:12 . 2009-11-12 16:12 -------- d-----w- c:\program files\SystemRequirementsLab
2009-11-12 16:12 . 2009-11-12 16:12 -------- d-----w- c:\documents and settings\pepas\SystemRequirementsLab
2009-11-12 15:42 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-12 15:42 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-11-12 15:42 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-04 23:11 . 2009-08-19 19:45 -------- d-----w- c:\program files\SpeedFan
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\BRS
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-04 21:32 . 2009-12-04 21:32 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-04 21:32 . 2009-12-04 21:32 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\OpenAL
2009-12-04 21:19 . 2009-08-19 18:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 20:35 . 2009-09-26 13:18 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-04 19:40 . 2009-08-28 20:19 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-11-30 19:53 . 2009-08-19 18:05 -------- d-----w- c:\program files\ATI Technologies
2009-11-24 23:54 . 2009-08-19 18:53 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-08-19 18:53 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-08-19 18:53 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-08-19 18:53 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-08-19 18:53 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-08-19 18:53 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-08-19 18:53 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-08-19 18:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-08-19 18:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 07:35 . 2009-11-02 16:47 -------- d-----w- c:\program files\Java
2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-01 11:56 . 2009-10-07 20:37 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-01 11:56 . 2009-10-07 20:37 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-28 17:07 . 2009-08-28 19:57 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-25 20:32 . 2001-10-25 14:00 95694 ----a-w- c:\windows\system32\perfc005.dat
2009-10-25 20:32 . 2001-10-25 14:00 475458 ----a-w- c:\windows\system32\perfh005.dat
2009-10-17 12:31 . 2009-10-17 12:31 -------- d-----w- c:\program files\PDFCreator
2009-10-17 09:02 . 2009-10-17 09:02 -------- d-----w- c:\program files\MSXML 4.0
2009-10-16 15:12 . 2009-10-16 14:55 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-16 15:11 . 2009-09-25 14:46 -------- d-----w- c:\program files\Microsoft.NET
2009-10-16 15:07 . 2009-10-16 14:59 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2009-10-16 15:01 . 2009-10-16 15:00 -------- d-----w- c:\program files\AOEMView 2009
2009-10-16 15:00 . 2009-10-16 15:00 -------- d-----w- c:\program files\Microsoft WSE
2009-10-16 15:00 . 2009-10-16 14:59 -------- d-----w- c:\program files\DWG TrueView 2009
2009-10-16 10:19 . 2009-12-04 21:32 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-10-15 16:22 . 2009-10-15 16:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-15 10:03 . 2009-10-15 10:03 -------- d-----w- c:\program files\Trend Micro
2009-10-12 22:36 . 2009-10-12 22:36 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-11 03:17 . 2009-11-02 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-07 20:37 . 2009-10-07 20:37 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-30 04:18 . 2007-03-15 01:57 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-30 02:20 . 2009-08-19 18:05 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:19 . 2007-03-15 01:57 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-30 02:10 . 2007-03-15 01:50 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10 . 2007-03-15 01:50 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10 . 2007-03-15 01:50 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10 . 2007-03-15 01:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10 . 2007-03-15 01:49 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08 . 2007-03-15 01:48 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08 . 2009-08-19 18:05 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07 . 2007-03-15 01:47 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07 . 2007-03-15 01:19 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 02:00 . 2007-03-15 01:40 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-30 01:47 . 2007-03-15 01:29 2670592 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-30 01:46 . 2009-09-30 01:46 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-30 01:46 . 2009-09-30 01:46 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-09-30 01:34 . 2009-09-30 01:34 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 01:30 . 2007-03-15 01:16 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-30 01:28 . 2009-09-30 01:28 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 01:28 . 2007-03-15 01:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-30 01:27 . 2007-03-15 01:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 01:26 . 2009-09-30 01:26 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-30 01:26 . 2009-09-30 01:26 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-30 01:22 . 2007-03-15 01:10 626688 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-29 20:15 . 2009-08-19 18:05 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-09-26 20:16 . 2009-09-26 20:16 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-09-26 20:16 . 2009-09-26 20:16 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-09-25 05:58 . 2004-08-17 13:49 663040 ------w- c:\windows\system32\wininet.dll
2009-09-25 05:58 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:35 . 2004-08-17 13:49 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-10-15 16:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-10-15 16:22 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\HRY\\anno 1701\\Anno1701.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\HRY\\CS source\\Counter-Strike Source\\hl2.exe"=
"d:\\HRY\\men of war\\Men of War\\mow.exe"=
"d:\\HRY\\DIRT 2\\dirt2_game.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19.8.2009 19:53 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.8.2009 19:53 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.8.2009 0:10 721904]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - d:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\pepas\Data aplikací\Mozilla\Firefox\Profiles\jfb8xjiq.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-05 01:51
ComboFix-quarantined-files.txt 2009-12-05 00:50
ComboFix2.txt 2009-12-04 23:23

Před spuštěním: 2 956 038 144
Po spuštění: 2 946 826 240

- - End Of File - - D727FA53125338A5A0CFE2A2CD1B0BF2

jinak nektere programy stale padaji (nero, windows movie maker)...
u nera nepomohl ani reinstal..

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-05 do 2009-12-05 )))))))))))))))))))))))))))))))
.

2009-12-04 20:35 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2009-12-04 20:35 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-12-04 20:35 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-12-04 20:35 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-12-04 20:35 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-12-04 20:35 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-12-04 20:35 . 2009-12-04 20:35 -------- d-----w- c:\program files\Ahead
2009-12-04 18:30 . 2009-12-04 19:05 -------- d-----w- c:\program files\Share Rapid Uploader
2009-12-04 11:50 . 2009-12-04 11:50 -------- d-----w- c:\documents and settings\pepas\DoctorWeb
2009-11-30 19:47 . 2009-11-30 19:47 -------- d-----w- C:\ATI
2009-11-17 11:41 . 2009-11-17 11:41 -------- d-----w- c:\program files\MSECache
2009-11-12 16:12 . 2009-11-12 16:12 -------- d-----w- c:\program files\SystemRequirementsLab
2009-11-12 16:12 . 2009-11-12 16:12 -------- d-----w- c:\documents and settings\pepas\SystemRequirementsLab
2009-11-12 15:42 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-12 15:42 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-11-12 15:42 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-11-12 15:42 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-04 23:11 . 2009-08-19 19:45 -------- d-----w- c:\program files\SpeedFan
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\BRS
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-04 21:32 . 2009-12-04 21:32 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-04 21:32 . 2009-12-04 21:32 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-04 21:32 . 2009-12-04 21:32 -------- d-----w- c:\program files\OpenAL
2009-12-04 21:19 . 2009-08-19 18:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 20:35 . 2009-09-26 13:18 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-04 19:40 . 2009-08-28 20:19 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-11-30 19:53 . 2009-08-19 18:05 -------- d-----w- c:\program files\ATI Technologies
2009-11-24 23:54 . 2009-08-19 18:53 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-08-19 18:53 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-08-19 18:53 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-08-19 18:53 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-08-19 18:53 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-08-19 18:53 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-08-19 18:53 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-08-19 18:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-08-19 18:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 07:35 . 2009-11-02 16:47 -------- d-----w- c:\program files\Java
2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-01 11:56 . 2009-10-07 20:37 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-01 11:56 . 2009-10-07 20:37 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-28 17:07 . 2009-08-28 19:57 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-25 20:32 . 2001-10-25 14:00 95694 ----a-w- c:\windows\system32\perfc005.dat
2009-10-25 20:32 . 2001-10-25 14:00 475458 ----a-w- c:\windows\system32\perfh005.dat
2009-10-17 12:31 . 2009-10-17 12:31 -------- d-----w- c:\program files\PDFCreator
2009-10-17 09:02 . 2009-10-17 09:02 -------- d-----w- c:\program files\MSXML 4.0
2009-10-16 15:12 . 2009-10-16 14:55 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-16 15:11 . 2009-09-25 14:46 -------- d-----w- c:\program files\Microsoft.NET
2009-10-16 15:07 . 2009-10-16 14:59 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2009-10-16 15:01 . 2009-10-16 15:00 -------- d-----w- c:\program files\AOEMView 2009
2009-10-16 15:00 . 2009-10-16 15:00 -------- d-----w- c:\program files\Microsoft WSE
2009-10-16 15:00 . 2009-10-16 14:59 -------- d-----w- c:\program files\DWG TrueView 2009
2009-10-16 10:19 . 2009-12-04 21:32 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-10-15 16:22 . 2009-10-15 16:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-15 10:03 . 2009-10-15 10:03 -------- d-----w- c:\program files\Trend Micro
2009-10-12 22:36 . 2009-10-12 22:36 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-10-11 03:17 . 2009-11-02 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-07 20:37 . 2009-10-07 20:37 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-30 04:18 . 2007-03-15 01:57 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-30 02:20 . 2009-08-19 18:05 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:19 . 2007-03-15 01:57 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-30 02:10 . 2007-03-15 01:50 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10 . 2007-03-15 01:50 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10 . 2007-03-15 01:50 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10 . 2007-03-15 01:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10 . 2007-03-15 01:49 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08 . 2007-03-15 01:48 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08 . 2009-08-19 18:05 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07 . 2007-03-15 01:47 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07 . 2007-03-15 01:19 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 02:00 . 2007-03-15 01:40 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-30 01:47 . 2007-03-15 01:29 2670592 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-30 01:46 . 2009-09-30 01:46 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-30 01:46 . 2009-09-30 01:46 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-09-30 01:34 . 2009-09-30 01:34 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 01:30 . 2007-03-15 01:16 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-30 01:28 . 2009-09-30 01:28 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 01:28 . 2007-03-15 01:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-30 01:27 . 2007-03-15 01:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 01:26 . 2009-09-30 01:26 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-30 01:26 . 2009-09-30 01:26 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-30 01:22 . 2007-03-15 01:10 626688 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-29 20:15 . 2009-08-19 18:05 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-09-26 20:16 . 2009-09-26 20:16 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-09-26 20:16 . 2009-09-26 20:16 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-09-25 05:58 . 2004-08-17 13:49 663040 ------w- c:\windows\system32\wininet.dll
2009-09-25 05:58 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:35 . 2004-08-17 13:49 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-10-15 16:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-10-15 16:22 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" [X]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\HRY\\anno 1701\\Anno1701.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\HRY\\CS source\\Counter-Strike Source\\hl2.exe"=
"d:\\HRY\\men of war\\Men of War\\mow.exe"=
"d:\\HRY\\DIRT 2\\dirt2_game.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19.8.2009 19:53 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.8.2009 19:53 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.8.2009 0:10 721904]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - d:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\pepas\Data aplikací\Mozilla\Firefox\Profiles\jfb8xjiq.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-05 01:51
ComboFix-quarantined-files.txt 2009-12-05 00:50
ComboFix2.txt 2009-12-04 23:23

Před spuštěním: 2 956 038 144
Po spuštění: 2 946 826 240

- - End Of File - - D727FA53125338A5A0CFE2A2CD1B0BF2

Damned · Příspěvekod **Damned** » 05 pro 2009 11:31

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Pepas87 · Příspěvekod **Pepas87** » 05 pro 2009 12:43

OTL logfile created on: 5.12.2009 12:34:55 - Run 1
OTL by OldTimer - Version 3.1.11.6 Folder = C:\Documents and Settings\pepas\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,52% Memory free
3,85 Gb Paging File | 3,12 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 12,00 Gb Total Space | 2,74 Gb Free Space | 22,81% Space Free | Partition Type: NTFS
Drive D: | 100,00 Gb Total Space | 17,00 Gb Free Space | 17,00% Space Free | Partition Type: NTFS
Drive E: | 120,87 Gb Total Space | 85,81 Gb Free Space | 71,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: X-8A8119338F804
Current User Name: pepas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\pepas\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - D:\PROGRAMY\inventor\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe (Autodesk)
PRC - D:\PROGRAMY\inventor\Server\Webserver\Connectivity.EDMWS.Server.exe (Autodesk)
PRC - D:\PROGRAMY\inventor\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\pepas\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (PnkBstrA) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (Autodesk Data Management Job Dispatch) -- D:\PROGRAMY\inventor\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe (Autodesk)
SRV - (Autodesk EDM Server) -- D:\PROGRAMY\inventor\Server\Webserver\Connectivity.EDMWS.Server.exe (Autodesk)
SRV - (MSSQL$AUTODESKVAULT) SQL Server (AUTODESKVAULT) -- D:\PROGRAMY\inventor\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (AEAudio) -- C:\WINDOWS\system32\drivers\aeaudio.sys (Andrea Electronics Corporation)
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: dwnlink@rapidzasms.cz:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.28 16:05:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.11.02 17:47:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.11.09 00:38:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.11.09 00:38:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009.08.28 21:19:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009.08.19 19:57:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Mozilla\Extensions
[2009.08.19 19:57:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.12.04 20:04:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Mozilla\Firefox\Profiles\jfb8xjiq.default\extensions
[2009.08.29 22:09:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Mozilla\Firefox\Profiles\jfb8xjiq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.09.15 15:17:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Mozilla\Firefox\Profiles\jfb8xjiq.default\extensions\dwnlink@rapidzasms.cz
[2009.12.04 20:04:05 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.11.09 00:38:23 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.11.02 17:47:41 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009.11.24 08:35:40 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009.11.09 00:38:23 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009.11.09 00:38:23 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.10.11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.11.09 00:38:25 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003.07.15 05:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009.02.27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009.07.31 00:38:59 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009.07.30 23:15:16 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.07.30 23:15:16 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.07.30 23:15:16 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.07.30 23:15:16 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.07.30 23:15:16 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
[2009.10.17 13:31:29 | 00,000,808 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - D:\PROGRAMY\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRAMY\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.32.88.5 147.32.88.3 147.32.1.20
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - ( msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.16 15:20:48 | 00,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009.12.05 12:32:31 | 00,536,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pepas\Plocha\OTL.exe
[2009.12.05 01:46:00 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009.12.05 00:17:18 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009.12.05 00:17:18 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009.12.05 00:17:18 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009.12.05 00:17:18 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009.12.05 00:17:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.12.05 00:14:52 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.12.04 22:35:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2009.12.04 22:35:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2009.12.04 22:32:50 | 00,839,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_vml_p4.dll
[2009.12.04 22:32:50 | 00,532,480 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_vml_p3.dll
[2009.12.04 22:32:50 | 00,512,000 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_vml_def.dll
[2009.12.04 22:32:49 | 03,485,696 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_p4.dll
[2009.12.04 22:32:49 | 02,793,472 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_p3.dll
[2009.12.04 22:32:49 | 02,174,976 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_lapack32.dll
[2009.12.04 22:32:49 | 02,125,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_lapack64.dll
[2009.12.04 22:32:48 | 02,441,216 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\mkl_def.dll
[2009.12.04 22:32:48 | 00,872,448 | ---- | C] (Blue Ripple Sound Limited) -- C:\WINDOWS\System32\rapture3d_oal.dll
[2009.12.04 22:32:48 | 00,184,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\libguide40.dll
[2009.12.04 22:32:47 | 00,000,000 | ---D | C] -- C:\Program Files\BRS
[2009.12.04 22:32:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2009.12.04 22:32:36 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009.12.04 22:32:22 | 00,445,016 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009.12.04 22:32:22 | 00,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009.12.04 22:32:22 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2009.12.04 21:35:46 | 00,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2009.12.04 21:35:41 | 00,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2009.12.04 21:35:40 | 01,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2009.12.04 21:35:40 | 00,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2009.12.04 21:35:40 | 00,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2009.12.04 21:35:37 | 00,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2009.12.04 21:35:33 | 00,000,000 | ---D | C] -- C:\Program Files\Ahead
[2009.12.04 19:30:54 | 00,109,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009.12.04 19:30:54 | 00,000,000 | ---D | C] -- C:\Program Files\Share Rapid Uploader
[2009.12.04 12:50:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\DoctorWeb
[2009.12.04 00:49:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Plocha\data
[2009.12.03 19:55:49 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\pepas\Recent
[2009.12.03 19:10:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Local Settings\Data aplikací\WMTools Downloaded Files
[2009.12.03 19:09:54 | 00,000,000 | R--D | C] -- C:\Documents and Settings\pepas\Dokumenty\Filmy
[2009.11.30 21:53:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009.11.30 20:55:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ATI
[2009.11.30 20:47:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009.11.30 20:47:15 | 00,000,000 | ---D | C] -- C:\ATI
[2009.11.21 20:47:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Dokumenty\NHL09
[2009.11.21 20:29:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Data aplikací\Leadertech
[2009.11.21 15:35:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Plocha\eoe referaty
[2009.11.20 01:52:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Plocha\Uspech
[2009.11.17 12:41:44 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009.11.17 12:19:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Plocha\tem
[2009.11.12 17:12:09 | 00,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2009.11.12 17:12:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\SystemRequirementsLab
[2009.11.12 16:42:38 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009.11.12 16:42:38 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009.11.12 16:42:38 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009.11.12 16:42:37 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009.11.12 16:42:37 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009.11.12 16:42:37 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009.11.12 16:42:36 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009.11.09 13:55:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\pepas\Plocha\UDP 2009 - Vol. 85
[2009.11.06 10:59:54 | 15,406,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xlive.dll
[2009.11.06 10:59:54 | 13,642,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xlivefnt.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009.12.05 12:32:32 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pepas\Plocha\OTL.exe
[2009.12.05 12:25:02 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.05 12:24:56 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.05 12:24:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2009.12.05 02:20:29 | 03,932,160 | -H-- | M] () -- C:\Documents and Settings\pepas\NTUSER.DAT
[2009.12.05 02:20:29 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\pepas\ntuser.ini
[2009.12.05 01:49:31 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.12.05 01:44:34 | 03,580,291 | R--- | M] () -- C:\Documents and Settings\pepas\Plocha\ComboFix.exe
[2009.12.04 22:34:27 | 00,001,861 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2009.12.04 22:32:55 | 00,000,543 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DiRT2.lnk
[2009.12.04 22:32:22 | 00,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009.12.04 22:32:22 | 00,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009.12.04 21:42:29 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.04 21:42:28 | 00,103,424 | ---- | M] () -- C:\Documents and Settings\pepas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.04 21:36:54 | 00,001,317 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart.lnk
[2009.12.04 21:36:34 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009.12.04 19:30:55 | 00,000,705 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Share Rapid Uploader.lnk
[2009.12.03 22:13:28 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009.12.03 19:27:34 | 04,812,104 | -H-- | M] () -- C:\Documents and Settings\pepas\Local Settings\Data aplikací\IconCache.db
[2009.12.03 11:00:49 | 00,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009.12.02 17:07:13 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.12.01 22:51:12 | 00,053,843 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\komplet2-1.pdf
[2009.12.01 19:15:28 | 00,113,664 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\zuzka laborka LL.doc
[2009.11.30 18:32:16 | 00,000,607 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty Modern Warfare 2 SP.lnk
[2009.11.30 18:32:16 | 00,000,607 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty Modern Warfare 2 MP.lnk
[2009.11.30 15:05:44 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\CCleaner.lnk
[2009.11.30 11:13:10 | 75,982,470 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\DeeJay ToLa Dence Parde 1-2004 NONSTOP MIX.mp3
[2009.11.25 00:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009.11.25 00:51:09 | 00,093,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009.11.25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009.11.25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009.11.25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009.11.25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009.11.25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009.11.25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009.11.25 00:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009.11.24 09:32:34 | 00,057,001 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\kompletni vykres.pdf
[2009.11.21 14:45:38 | 00,000,677 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\Zástupce - WINWORD.lnk
[2009.11.21 14:45:32 | 00,000,669 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\Zástupce - EXCEL.lnk
[2009.11.18 00:41:16 | 00,390,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.11.17 12:42:12 | 00,117,096 | ---- | M] () -- C:\Documents and Settings\pepas\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.11.14 01:47:57 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009.11.10 20:06:59 | 00,356,352 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\L4_Ztraty-v-potrubi2009.doc
[2009.11.10 20:01:00 | 00,047,616 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\vlakna-tabulky.doc
[2009.11.10 16:49:34 | 31,917,7039 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\ToLa & Leosz Live@vertigo.mp3
[2009.11.10 11:46:12 | 00,060,516 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\pepa ventil.pdf
[2009.11.09 18:29:00 | 00,063,329 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\kompletni.pdf
[2009.11.09 14:51:13 | 00,250,368 | ---- | M] () -- C:\Documents and Settings\pepas\Plocha\vážený průměr(2).xls
[2009.11.06 10:59:54 | 15,406,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xlive.dll
[2009.11.06 10:59:54 | 13,642,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xlivefnt.dll
[2009.11.06 10:58:04 | 00,178,975 | ---- | M] () -- C:\WINDOWS\System32\xlive.dll.cat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009.12.05 12:24:54 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.12.05 00:17:18 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.12.05 00:17:18 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.12.05 00:17:18 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.12.05 00:17:18 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.12.04 22:32:55 | 00,000,543 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DiRT2.lnk
[2009.12.04 21:36:54 | 00,001,317 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart.lnk
[2009.12.04 19:30:55 | 00,000,705 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Share Rapid Uploader.lnk
[2009.12.04 19:30:54 | 00,109,260 | ---- | C] () -- C:\WINDOWS\System32\MSWINSCN.OCX
[2009.12.04 18:27:42 | 03,580,291 | R--- | C] () -- C:\Documents and Settings\pepas\Plocha\ComboFix.exe
[2009.12.04 00:49:17 | 01,503,232 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\CZshare.exe
[2009.12.03 20:57:09 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009.12.01 22:51:11 | 00,053,843 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\komplet2-1.pdf
[2009.12.01 19:15:27 | 00,113,664 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\zuzka laborka LL.doc
[2009.12.01 14:19:51 | 00,084,183 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\2009-2010-zimni_semestr-platba_za_internet.pdf
[2009.11.30 18:32:16 | 00,000,607 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty Modern Warfare 2 SP.lnk
[2009.11.30 18:32:16 | 00,000,607 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty Modern Warfare 2 MP.lnk
[2009.11.30 11:12:52 | 75,982,470 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\DeeJay ToLa Dence Parde 1-2004 NONSTOP MIX.mp3
[2009.11.24 09:32:33 | 00,057,001 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\kompletni vykres.pdf
[2009.11.21 14:45:38 | 00,000,677 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\Zástupce - WINWORD.lnk
[2009.11.21 14:45:32 | 00,000,669 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\Zástupce - EXCEL.lnk
[2009.11.11 23:24:48 | 31,917,7039 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\ToLa & Leosz Live@vertigo.mp3
[2009.11.10 20:06:58 | 00,356,352 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\L4_Ztraty-v-potrubi2009.doc
[2009.11.10 20:00:59 | 00,047,616 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\vlakna-tabulky.doc
[2009.11.10 11:46:11 | 00,060,516 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\pepa ventil.pdf
[2009.11.09 18:26:59 | 00,063,329 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\kompletni.pdf
[2009.11.09 14:51:13 | 00,250,368 | ---- | C] () -- C:\Documents and Settings\pepas\Plocha\vážený průměr(2).xls
[2009.11.06 10:58:04 | 00,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.10.17 13:31:16 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.10.07 21:37:17 | 00,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.09.26 21:16:48 | 00,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.09.26 21:16:47 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.09.26 14:20:17 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.09.25 15:48:40 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.09.06 16:53:48 | 00,000,170 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.08.31 00:10:55 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.08.29 17:27:15 | 00,103,424 | ---- | C] () -- C:\Documents and Settings\pepas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.19 20:01:07 | 00,022,290 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.08.19 20:01:07 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.08.19 20:00:48 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.08.19 19:54:26 | 00,001,861 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.06.19 19:06:22 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2003.04.09 14:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1996.04.03 20:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009.10.22 15:46:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2009.10.16 16:02:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk, Inc
[2009.12.04 22:35:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2009.09.20 22:52:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.10.16 17:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Ansys
[2009.10.26 18:40:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Autodesk
[2009.09.20 22:54:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\DAEMON Tools Lite
[2009.11.21 20:29:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Leadertech
[2009.08.28 21:19:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\pepas\Data aplikací\Thunderbird

========== Purity Check ==========

< End of report >

Pepas87 · Příspěvekod **Pepas87** » 05 pro 2009 12:44

OTL Extras logfile created on: 5.12.2009 12:34:55 - Run 1
OTL by OldTimer - Version 3.1.11.6 Folder = C:\Documents and Settings\pepas\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,52% Memory free
3,85 Gb Paging File | 3,12 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 12,00 Gb Total Space | 2,74 Gb Free Space | 22,81% Space Free | Partition Type: NTFS
Drive D: | 100,00 Gb Total Space | 17,00 Gb Free Space | 17,00% Space Free | Partition Type: NTFS
Drive E: | 120,87 Gb Total Space | 85,81 Gb Free Space | 71,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: X-8A8119338F804
Current User Name: pepas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\PROGRAMY\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\HRY\anno 1701\Anno1701.exe" = D:\HRY\anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"D:\HRY\CS source\Counter-Strike Source\hl2.exe" = D:\HRY\CS source\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- ()
"D:\HRY\men of war\Men of War\mow.exe" = D:\HRY\men of war\Men of War\mow.exe:*:Enabled:Main executable -- ("Best Way" Corp)
"D:\HRY\DIRT 2\dirt2_game.exe" = D:\HRY\DIRT 2\dirt2_game.exe:*:Enabled:DiRT2 -- (Codemasters)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06053AB3-B607-B752-3252-4A2EA9E9761E}" = CCC Help Dutch
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0B4A8658-43F1-50CA-AF30-C67E3AE2C9ED}" = CCC Help Greek
"{0CC61470-D776-2353-D5CB-C7BC20204863}" = CCC Help Finnish
"{12655AB3-9285-A2F0-5BBC-C5C45E4D718C}" = CCC Help Czech
"{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1" = Men of War (Remove Only)
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{24700C01-3A72-29D4-001B-6EE6BF71EB5E}" = CCC Help Korean
"{26262388-95BF-58B0-CD46-A8F957BB67BF}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2A4F281E-2161-405B-B090-4487F505BDDE}" = AOEMView 2009
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{329376FB-FB6C-C587-F483-07E3418456F5}" = ccc-utility
"{33A38A8B-9E1E-BCBB-EA87-CE797EC75080}" = CCC Help Chinese Traditional
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369EEB32-64D1-F22A-1B2C-A3E81582E767}" = CCC Help Japanese
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3FCD8F30-057D-C96F-AEF4-B0D77DE9730C}" = CCC Help Portuguese
"{46605BDE-7F82-DB0F-7906-3279A7E639BE}" = Catalyst Control Center Localization All
"{480A8E00-D808-7D79-977B-CEBBB3BEB409}" = CCC Help French
"{48C7FD10-D6AD-8EE0-2E8E-0480C4EEB1BD}" = Catalyst Control Center HydraVision Full
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D6-7028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2009
"{5CA7ABC3-5F89-3A1D-A113-046EA4C7FCEB}" = ccc-core-static
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6F77AD48-BA04-F868-2D04-FC1BFF5E00BA}" = Catalyst Control Center Graphics Light
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{788907C5-C83B-9785-A1F0-67050017324E}" = CCC Help Spanish
"{7F4DD591-1300-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2009
"{7F5F1767-88C6-CBFC-5DD3-D853343FD5AE}" = CCC Help German
"{84DE3702-3262-BE38-27E8-5ED423D803C6}" = CCC Help Chinese Standard
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{95053B5A-42E0-830E-85BD-733FAFC28BA7}" = ccc-core-preinstall
"{9B40D533-4F38-893D-EE5A-17226104BBC2}" = Skins
"{A08CB73B-5DEA-185D-5D98-2230004D75ED}" = CCC Help Danish
"{A22D91C3-E7BD-CBEE-7CDC-DE4C42FA27B7}" = CCC Help Hungarian
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AD0DD974-ADC2-8C10-DFA6-C1203A6E5106}" = CCC Help Polish
"{B014F739-B305-5319-D996-6612BD60ED74}" = CCC Help Swedish
"{BB9FF67B-1A16-491B-81C5-272B145FEAB7}" = Autodesk Data Management Server 2009
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C570CAF4-D734-5412-C842-9AB150803074}" = Catalyst Control Center Core Implementation
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01F5B2C-2776-6C46-441C-E819C08DF4FF}" = CCC Help Turkish
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D2FCA53F-F568-D08A-458F-F7C9769A30ED}" = CCC Help Norwegian
"{D89B70AB-CF91-36A4-8658-FACA3AF6A654}" = Catalyst Control Center Graphics Previews Common
"{DF1274DC-02D4-B2D7-6197-5D24E1EF84B1}" = CCC Help Thai
"{E000D42E-5842-20A6-EEB1-6DED8C2746C5}" = CCC Help Italian
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7679B31-21F5-4AAE-1620-0DFACF702325}" = Catalyst Control Center Graphics Full New
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F83491F9-7CDF-46A7-9994-9E002CE5CE75}" = CCC Help Russian
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FDE409B1-1FF3-DC39-083E-C0F4ED496D5E}" = CCC Help English
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ANNO 1602 - Gold Edition" = ANNO 1602 - Gold Edition
"Anno 1701 CZ_is1" = Pro verzi 1.02
"AOEMView 2009" = AOEMView 2009
"ATI Display Driver" = ATI Display Driver
"Autodesk Data Management Server 2009" = Autodesk Data Management Server 2009
"Autodesk Inventor Professional 2009" = Autodesk Inventor Professional 2009
"avast!" = avast! Antivirus
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"DWG TrueView 2009" = DWG TrueView 2009
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"OpenAL" = OpenAL
"Share Rapid Uploader_is1" = Uploader 1.0
"SpeedFan" = SpeedFan (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.1
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 11.11.2009 14:13:37 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avworkInitialize
failed, 00000008.

Error - 11.11.2009 14:13:37 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: unhandled exception!,
642AADF5.

Error - 11.11.2009 14:13:39 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: ClientRqDispatchThread: avworkInitialize
failed, 00000008.

Error - 11.11.2009 14:13:40 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avworkInitialize
failed, 00000008.

Error - 11.11.2009 14:13:40 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: unhandled exception!,
642AADF5.

Error - 11.11.2009 14:13:42 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při startu: ClientRqDispatchThread: avworkInitialize
failed, 00000008.

Error - 11.11.2009 14:13:43 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avworkInitialize
failed, 00000008.

Error - 11.11.2009 14:13:43 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: unhandled exception!,
642AADF5.

Error - 11.11.2009 14:15:59 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: Aavm: FetchGlobalCounters cannot open
mapping - server DOWN???, 00000002.

Error - 17.11.2009 16:00:05 | Computer Name = X-8A8119338F804 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.realore.com/js/tiny_mce/plug ... 1245752997
failed, 0000A413.

[ Application Events ]
Error - 4.12.2009 19:19:09 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Nelze rozpoznat název nebo adresu serveru.

Error - 4.12.2009 19:19:09 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 4.12.2009 19:19:19 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 4.12.2009 19:19:19 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 4.12.2009 20:46:22 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Nelze rozpoznat název nebo adresu serveru.

Error - 4.12.2009 20:46:22 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 4.12.2009 20:46:23 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 4.12.2009 20:46:23 | Computer Name = X-8A8119338F804 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 4.12.2009 21:02:10 | Computer Name = X-8A8119338F804 | Source = Application Error | ID = 1000
Description = Chybující aplikace nero.exe, verze 6.6.0.5, chybující modul neaudio.ax,
verze 1.0.4.42, adresa chyby 0x0000fe5f.

Error - 5.12.2009 7:26:50 | Computer Name = X-8A8119338F804 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.GetAllJobs() failure Unable to connect to the remote server

[ System Events ]
Error - 3.12.2009 6:06:56 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 3.12.2009 14:31:08 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 3.12.2009 15:57:06 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 3.12.2009 17:15:10 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 4.12.2009 7:32:01 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 4.12.2009 9:11:32 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 4.12.2009 9:24:42 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 4.12.2009 17:41:05 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 4.12.2009 19:18:34 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

Error - 5.12.2009 7:26:46 | Computer Name = X-8A8119338F804 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk EDM Server přestala během spouštění reagovat.

< End of report >

Damned · Příspěvekod **Damned** » 05 pro 2009 13:04

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home

:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
*****************************************************************************************************************************************
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

C:\WINDOWS\MBR.exe

Pepas87 · Příspěvekod **Pepas87** » 05 pro 2009 13:11

http://www.virustotal.com/cs/analisis/4 ... 1260014744

Pepas87 · Příspěvekod **Pepas87** » 05 pro 2009 13:16

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\ deleted successfully.
File About:Home not found.
========== FILES ==========
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: pepas
->Temp folder emptied: 193484 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 103832623 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 99,35 mb

OTL by OldTimer - Version 3.1.11.6 log created on 12052009_131300

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_1a8.dat not found!
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_61c.dat moved successfully.

Registry entries deleted on Reboot...

Damned · Příspěvekod **Damned** » 05 pro 2009 13:59

Šmejdstvo by mělo být pryč. Vlož mi sem ještě log z HJT.

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/Uninstall

Pokud nepůjde a ComboFix je na Ploše, tak Start-->Spustit a do řádku zkopíruj:

Kód: Vybrat vše

"%userprofile%\Plocha\combofix" /uninstall

(Podle CF community bylo změněno /u na uninstall, pokud je na Ploše, tak daný řetězec)

Pokud ti nepůjde ani to tak najdi a smaž:
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
a Combofix.exe
Pak si stáhni OTCleanIt.
- Připoj se k internetu a dvojklikem spusť program
- Klikni na tlačítko CleanUp
- Po dokončení povol restart PC
- Po restartu tento nástroj smaž - není určen pro běžné používání

kontrola LOGu Vyřešeno

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Re: kontrola LOGu

Kdo je online