PC se dokola restartuje

Sekce věnovaná virům a jiným škodlivým kódům, rovněž ale nástrojům, kterým se lze proti nim bránit…

Moderátoři: Mods_senior, Security team

Odpovědět
Pawkin
Level 1
Level 1
Příspěvky: 91
Registrován: květen 09
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod Pawkin » 21 zář 2009 21:16

jo zazím dík
Nahoru
Reklama
Top
Pawkin
Level 1
Level 1
Příspěvky: 91
Registrován: květen 09
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod Pawkin » 21 zář 2009 21:26

Log OLT.txt


OTL logfile created on: 21.9.2009 21:18:59 - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Administrator.HOME\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 302,42 Mb Available Physical Memory | 59,13% Memory free
865,48 Mb Paging File | 557,13 Mb Available in Paging File | 64,37% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,57 Gb Free Space | 41,02% Space Free | Partition Type: NTFS
Drive D: | 3,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Administrator.HOME\Plocha\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Stopped]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\System32\ati2sgag.exe ()
SRV - (Autodesk Licensing Service [Auto | Stopped]) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EhttpSrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (InCDsrv [Auto | Stopped]) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (JavaQuickStarterService [Auto | Stopped]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MDM [Auto | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (mi-raysat_3dsmax8 [Auto | Stopped]) -- C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe ()
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (TuneUp.Defrag [On_Demand | Stopped]) -- C:\WINDOWS\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.ProgramStatisticsSvc [Auto | Stopped]) -- C:\WINDOWS\System32\TUProgSt.exe (TuneUp Software)
SRV - (UxTuneUp [Auto | Stopped]) -- C:\WINDOWS\System32\uxtuneup.dll (TuneUp Software)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (agp440 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\agp440.sys ()
DRV - (ALCXWDM [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ati2mtag [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (atksgt [Auto | Stopped]) -- C:\WINDOWS\System32\DRIVERS\atksgt.sys ()
DRV - (ctlsb16 [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\ctlsb16.sys (Copyright (C) Creative Technology Ltd. 1994-2001)
DRV - (eamon [Auto | Stopped]) -- C:\WINDOWS\System32\DRIVERS\eamon.sys (ESET)
DRV - (Edspport [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\es56hpi.sys (ESS Technology, Inc.)
DRV - (ehdrv [System | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys (ESET)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys (ESET)
DRV - (gameenum [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (InCDfs [Disabled | Stopped]) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass [System | Running]) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys (Nero AG)
DRV - (incdrm [System | Running]) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (lirsgt [Auto | Stopped]) -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys ()
DRV - (Ntfs [Disabled | Running]) -- C:\WINDOWS\System32\drivers\ntfs.sys ()
DRV - (protect [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\protect.sys ()
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfdrv01a [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfdrv01a.sys (Protection Technology (StarForce))
DRV - (sfhlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfsync02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfvfs02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (zaqnxfqv7 [System | Running]) -- C:\WINDOWS\System32\drivers\zaqnxfqv7.sys ()

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.05.31 14:52:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.09.21 19:48:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.09.16 15:28:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009.08.04 11:03:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\mozilla\Extensions
[2009.08.04 11:03:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.04 11:03:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\mozilla\Firefox\Profiles\u9tc6as6.default\extensions
[2009.09.14 13:41:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.09.16 15:28:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.05.31 14:52:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.09.16 15:27:54 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.09.16 15:27:54 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009.05.01 23:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2009.05.31 14:52:31 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009.05.12 20:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009.05.19 00:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009.09.16 15:27:55 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009.06.05 17:10:12 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009.05.01 23:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009.06.03 17:32:27 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.06.03 17:32:27 | 00,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.06.03 17:32:27 | 00,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.06.03 17:32:27 | 00,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.06.03 17:32:27 | 00,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.06.03 17:32:27 | 00,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (329153 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 jL.chura.pl
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11299 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [27196] C:\WINDOWS\System32\49.tmp.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [sys64_nov] C:\WINDOWS\System32\sys64_nov.exe File not found
O4 - HKCU..\Run: [servises] C:\WINDOWS\System32\servises.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\WINDOWS\System32\grpconv.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 59 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe) - C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe) - C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243337231-886787329-783463108-1055\dsregs.exe) - C:\RECYCLER\S-1-5-21-0243337231-886787329-783463108-1055\dsregs.exe File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\System32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[7 C:\WINDOWS\*.tmp files]
[2009.09.21 21:18:04 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator.HOME\Plocha\OTL.exe
[2009.09.21 21:03:10 | 00,000,000 | ---D | C] -- C:\_OTM
[2009.09.21 21:01:43 | 00,040,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\zaqnxfqv7.sys
[2009.09.21 20:42:12 | 00,385,426 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\OTMoveIt.rar
[2009.09.21 19:53:21 | 04,073,058 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\tools.rar
[2009.09.21 19:29:17 | 04,608,000 | ---- | C] () -- C:\WINDOWS\System32\rmvirut.nt
[2009.09.21 19:29:17 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\rmvirut.lst
[2009.09.14 19:09:37 | 00,000,000 | ---D | C] -- C:\rsit
[2009.09.14 19:05:23 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009.09.14 14:55:01 | 00,000,006 | ---- | C] () -- C:\WINDOWS\System32\_id.dat
[2009.09.14 14:51:03 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Spybot - Search & Destroy.lnk
[2009.09.14 14:46:55 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Administrator.HOME\Plocha\setup-spybotsd162.exe
[2009.09.14 14:46:31 | 00,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2009.09.14 14:46:30 | 00,000,000 | ---D | C] -- C:\Program Files\SDHelper (Spybot - Search & Destroy)
[2009.09.14 14:46:30 | 00,000,000 | ---D | C] -- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[2009.09.14 14:46:28 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2009.09.14 13:31:32 | 00,094,432 | ---- | C] () -- C:\WINDOWS\System32\dllcache\agp440.sys
[2009.09.07 20:01:14 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Nový objekt - Rastrový obrázek.bmp
[2009.09.06 15:39:45 | 02,734,080 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\rmvirut.exe
[2009.09.06 14:20:11 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.09.06 14:05:04 | 00,018,944 | -H-- | C] () -- C:\WINDOWS\System32\drivers\protect.sys
[2009.09.05 22:14:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Local Settings\Data aplikací\G DATA
[2009.09.05 22:13:33 | 00,342,656 | ---- | C] (G DATA Software) -- C:\Documents and Settings\Administrator.HOME\Plocha\remover.exe
[2009.09.05 22:13:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Macromedia
[2009.09.05 22:13:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Adobe
[2009.09.05 22:08:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Sun
[2009.09.05 20:51:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Malwarebytes
[2009.08.02 13:53:47 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.08.01 19:18:59 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.07.28 11:32:48 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.07.28 11:32:47 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.07.20 14:23:11 | 00,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.07.13 12:32:05 | 00,000,169 | ---- | C] () -- C:\WINDOWS\MaterialsDlg.ini
[2009.07.13 12:32:04 | 00,000,169 | ---- | C] () -- C:\WINDOWS\LuminancesDlg.ini
[2009.06.30 14:54:06 | 00,000,248 | ---- | C] () -- C:\WINDOWS\RomeTW.ini
[2009.06.25 20:04:44 | 00,000,196 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2009.06.25 13:08:14 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.05.24 18:12:18 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.05.20 19:30:58 | 00,000,052 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007.03.23 14:53:37 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.07 17:41:51 | 00,000,112 | ---- | C] () -- C:\WINDOWS\OPLK.INI
[2007.03.07 17:26:58 | 00,000,359 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2007.02.23 23:27:47 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2007.02.23 22:17:56 | 00,094,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\agp440.sys
[2007.02.23 22:16:05 | 00,000,494 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.02.23 21:58:40 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.03.02 14:00:00 | 00,626,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntfs.sys
[2006.03.02 14:00:00 | 00,000,632 | ---- | C] () -- C:\WINDOWS\win.ini
[2006.03.02 14:00:00 | 00,000,435 | ---- | C] () -- C:\WINDOWS\system.ini
[2005.10.14 12:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.09 16:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Files - Modified Within 30 Days ==========

[7 C:\WINDOWS\*.tmp files]
[2009.09.21 21:18:08 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.HOME\Plocha\OTL.exe
[2009.09.21 21:06:22 | 00,040,192 | ---- | M] () -- C:\WINDOWS\System32\drivers\zaqnxfqv7.sys
[2009.09.21 21:05:58 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.09.21 21:05:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.09.21 20:42:16 | 00,385,426 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\OTMoveIt.rar
[2009.09.21 19:53:38 | 04,073,058 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\tools.rar
[2009.09.21 19:46:27 | 00,094,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\agp440.sys
[2009.09.21 19:46:27 | 00,094,432 | ---- | M] () -- C:\WINDOWS\System32\dllcache\agp440.sys
[2009.09.21 19:42:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.09.21 19:29:17 | 04,608,000 | ---- | M] () -- C:\WINDOWS\System32\rmvirut.nt
[2009.09.21 19:29:17 | 00,000,045 | ---- | M] () -- C:\WINDOWS\System32\rmvirut.lst
[2009.09.21 19:22:06 | 00,000,006 | ---- | M] () -- C:\WINDOWS\System32\_id.dat
[2009.09.21 19:12:09 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TCPIP.SYS
[2009.09.21 19:12:09 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\TCPIP.SYS
[2009.09.16 17:30:11 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009.09.16 17:29:44 | 00,018,944 | -H-- | M] () -- C:\WINDOWS\System32\drivers\protect.sys
[2009.09.14 19:06:03 | 00,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.09.14 14:51:03 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Spybot - Search & Destroy.lnk
[2009.09.14 14:49:18 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Administrator.HOME\Plocha\setup-spybotsd162.exe
[2009.09.07 20:01:14 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Nový objekt - Rastrový obrázek.bmp
[2009.09.07 19:53:00 | 00,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FD2844F6-6DA7-4CFC-A47D-F40495874E68}.job
[2009.09.07 19:53:00 | 00,000,480 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DB97E567-291E-4B34-8D35-AE6DDBCE7786}.job
[2009.09.06 19:33:18 | 00,000,500 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2009.09.06 15:46:07 | 02,734,080 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\rmvirut.exe
[2009.09.05 22:33:05 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
[2009.09.05 22:13:46 | 00,342,656 | ---- | M] (G DATA Software) -- C:\Documents and Settings\Administrator.HOME\Plocha\remover.exe
[2009.09.05 22:10:39 | 00,004,456 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.08.24 16:21:57 | 00,626,336 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntfs.sys
[2009.08.24 16:21:56 | 00,626,336 | ---- | M] () -- C:\WINDOWS\System32\drivers\ntfs.sys

========== LOP Check ==========

[2009.09.14 14:54:59 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací
[2009.08.01 17:37:21 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Data aplikací
[2009.05.29 19:17:19 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.05.29 21:51:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2007.03.07 17:28:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CyberLink
[2009.05.28 17:34:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.05.27 18:57:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.07.16 16:51:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.07.13 11:25:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2009.07.31 18:09:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2009.08.01 18:38:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.05.29 19:22:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.09.06 19:33:18 | 00,000,500 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2006.03.02 14:00:00 | 00,000,065 | -H-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.09.21 19:42:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.09.07 19:53:00 | 00,000,480 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DB97E567-291E-4B34-8D35-AE6DDBCE7786}.job
[2009.09.07 19:53:00 | 00,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FD2844F6-6DA7-4CFC-A47D-F40495874E68}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 52224 bytes -> C:\WINDOWS\System32\svchost.exe:ext.exe
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4ABFA08C
< End of report >
Nahoru
Pawkin
Level 1
Level 1
Příspěvky: 91
Registrován: květen 09
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod Pawkin » 21 zář 2009 21:26

a log extras.txt



OTL Extras logfile created on: 21.9.2009 21:18:59 - Run 1
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Administrator.HOME\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 302,42 Mb Available Physical Memory | 59,13% Memory free
865,48 Mb Paging File | 557,13 Mb Available in Paging File | 64,37% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,57 Gb Free Space | 41,02% Space Free | Partition Type: NTFS
Drive D: | 3,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48792:TCP" = 48792:TCP:*:Enabled:System44
"35213:TCP" = 35213:TCP:*:Enabled:System36
"50631:TCP" = 50631:TCP:*:Enabled:System13
"17338:TCP" = 17338:TCP:*:Enabled:System97
"54895:TCP" = 54895:TCP:*:Enabled:System51
"56503:TCP" = 56503:TCP:*:Enabled:System59
"9474:TCP" = 9474:TCP:*:Enabled:System72
"26232:TCP" = 26232:TCP:*:Enabled:System75
"42990:TCP" = 42990:TCP:*:Enabled:System83
"4447:TCP" = 4447:TCP:*:Enabled:System04
"44175:TCP" = 44175:TCP:*:Enabled:System96
"24614:TCP" = 24614:TCP:*:Enabled:System32
"34937:TCP" = 34937:TCP:*:Enabled:System24
"12959:TCP" = 12959:TCP:*:Enabled:System78
"45673:TCP" = 45673:TCP:*:Enabled:System70
"23865:TCP" = 23865:TCP:*:Enabled:System67
"27993:TCP" = 27993:TCP:*:Enabled:System92
"6185:TCP" = 6185:TCP:*:Enabled:System76
"37698:TCP" = 37698:TCP:*:Enabled:System97
"4405:TCP" = 4405:TCP:*:Enabled:System95
"4801:TCP" = 4801:TCP:*:Enabled:System89
"59094:TCP" = 59094:TCP:*:Enabled:System65
"23748:TCP" = 23748:TCP:*:Enabled:System91
"63476:TCP" = 63476:TCP:*:Enabled:System83
"8375:TCP" = 8375:TCP:*:Enabled:System06
"49781:TCP" = 49781:TCP:*:Enabled:System16
"38296:TCP" = 38296:TCP:*:Enabled:System27
"37919:TCP" = 37919:TCP:*:Enabled:System25
"26434:TCP" = 26434:TCP:*:Enabled:System28
"12614:TCP" = 12614:TCP:*:Enabled:System98
"63827:TCP" = 63827:TCP:*:Enabled:System90
"17359:TCP" = 17359:TCP:*:Enabled:System35
"11147:TCP" = 11147:TCP:*:Enabled:System46
"63475:TCP" = 63475:TCP:*:Enabled:System32
"5475:TCP" = 5475:TCP:*:Enabled:System07
"19906:TCP" = 19906:TCP:*:Enabled:System12
"20097:TCP" = 20097:TCP:*:Enabled:System41
"26532:TCP" = 26532:TCP:*:Enabled:System52
"15443:TCP" = 15443:TCP:*:Enabled:System46
"59738:TCP" = 59738:TCP:*:Enabled:System26
"26668:TCP" = 26668:TCP:*:Enabled:System37
"59808:TCP" = 59808:TCP:*:Enabled:System55
"42806:TCP" = 42806:TCP:*:Enabled:System47
"65081:TCP" = 65081:TCP:*:Enabled:System95
"48546:TCP" = 48546:TCP:*:Enabled:System00
"30294:TCP" = 30294:TCP:*:Enabled:System66
"8486:TCP" = 8486:TCP:*:Enabled:System61
"4551:TCP" = 4551:TCP:*:Enabled:System50
"61501:TCP" = 61501:TCP:*:Enabled:System44
"11673:TCP" = 11673:TCP:*:Enabled:System52
"33704:TCP" = 33704:TCP:*:Enabled:System41
"41085:TCP" = 41085:TCP:*:Enabled:System23
"19277:TCP" = 19277:TCP:*:Enabled:System17
"25712:TCP" = 25712:TCP:*:Enabled:System15
"5575:TCP" = 5575:TCP:*:Enabled:System66
"45303:TCP" = 45303:TCP:*:Enabled:System61
"62061:TCP" = 62061:TCP:*:Enabled:System69
"22637:TCP" = 22637:TCP:*:Enabled:System32
"62365:TCP" = 62365:TCP:*:Enabled:System37
"17587:TCP" = 17587:TCP:*:Enabled:System26
"31331:TCP" = 31331:TCP:*:Enabled:System90
"36604:TCP" = 36604:TCP:*:Enabled:System93
"43002:TCP" = 43002:TCP:*:Enabled:System87
"25545:TCP" = 25545:TCP:*:Enabled:System11
"35868:TCP" = 35868:TCP:*:Enabled:System03
"42303:TCP" = 42303:TCP:*:Enabled:System97
"43801:TCP" = 43801:TCP:*:Enabled:System79
"55509:TCP" = 55509:TCP:*:Enabled:System68
"60286:TCP" = 60286:TCP:*:Enabled:System71
"55905:TCP" = 55905:TCP:*:Enabled:System52
"23727:TCP" = 23727:TCP:*:Enabled:System60
"63337:TCP" = 63337:TCP:*:Enabled:System73
"58287:TCP" = 58287:TCP:*:Enabled:System84
"16232:TCP" = 16232:TCP:*:Enabled:System76
"56529:TCP" = 56529:TCP:*:Enabled:System93
"34721:TCP" = 34721:TCP:*:Enabled:System96
"6874:TCP" = 6874:TCP:*:Enabled:System04
"17197:TCP" = 17197:TCP:*:Enabled:System98
"7202:TCP" = 7202:TCP:*:Enabled:System81
"23960:TCP" = 23960:TCP:*:Enabled:System78
"63688:TCP" = 63688:TCP:*:Enabled:System70
"12014:TCP" = 12014:TCP:*:Enabled:System50
"51742:TCP" = 51742:TCP:*:Enabled:System58
"35207:TCP" = 35207:TCP:*:Enabled:System61
"40480:TCP" = 40480:TCP:*:Enabled:System55
"7414:TCP" = 7414:TCP:*:Enabled:System92
"47142:TCP" = 47142:TCP:*:Enabled:System97
"12687:TCP" = 12687:TCP:*:Enabled:System89
"52415:TCP" = 52415:TCP:*:Enabled:System08
"16184:TCP" = 16184:TCP:*:Enabled:System36
"55912:TCP" = 55912:TCP:*:Enabled:System33
"4699:TCP" = 4699:TCP:*:Enabled:System44
"46667:TCP" = 46667:TCP:*:Enabled:System96
"24859:TCP" = 24859:TCP:*:Enabled:System88
"19809:TCP" = 19809:TCP:*:Enabled:System07
"30132:TCP" = 30132:TCP:*:Enabled:System93
"10824:TCP" = 10824:TCP:*:Enabled:System99
"48529:TCP" = 48529:TCP:*:Enabled:System95
"26721:TCP" = 26721:TCP:*:Enabled:System03
"43479:TCP" = 43479:TCP:*:Enabled:System06
"25286:TCP" = 25286:TCP:*:Enabled:System00
"47359:TCP" = 47359:TCP:*:Enabled:System23
"26443:TCP" = 26443:TCP:*:Enabled:System42
"14958:TCP" = 14958:TCP:*:Enabled:System26
"7804:TCP" = 7804:TCP:*:Enabled:System28
"53028:TCP" = 53028:TCP:*:Enabled:System34
"52732:TCP" = 52732:TCP:*:Enabled:System86
"9116:TCP" = 9116:TCP:*:Enabled:System94
"17341:TCP" = 17341:TCP:*:Enabled:System62
"35261:TCP" = 35261:TCP:*:Enabled:System70
"14177:TCP" = 14177:TCP:*:Enabled:System59
"60037:TCP" = 60037:TCP:*:Enabled:System51
"12798:TCP" = 12798:TCP:*:Enabled:System51
"52526:TCP" = 52526:TCP:*:Enabled:System32
"62849:TCP" = 62849:TCP:*:Enabled:System48
"41041:TCP" = 41041:TCP:*:Enabled:System43
"51364:TCP" = 51364:TCP:*:Enabled:System37
"39924:TCP" = 39924:TCP:*:Enabled:System30
"16954:TCP" = 16954:TCP:*:Enabled:System35
"23389:TCP" = 23389:TCP:*:Enabled:System24
"41777:TCP" = 41777:TCP:*:Enabled:System88

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- ()
"C:\NeverwinterNights\NWN\nwmain.exe" = C:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights -- (BioWare)
"C:\NeverwinterNights\NWN\nwserver.exe" = C:\NeverwinterNights\NWN\nwserver.exe:*:Enabled:Neverwinter Nights Server -- (BioWare)
"C:\Program Files\TrackMania Sunrise\TmSunrise.exe" = C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise -- ()
"C:\Documents and Settings\Tomáš Pawera\Plocha\Files\1nsane\Game.exe" = C:\Documents and Settings\Tomáš Pawera\Plocha\Files\1nsane\Game.exe:*:Enabled:INSANE -- (INVICTUS Team)
"C:\Program Files\BitLord2\BitLord.exe" = C:\Program Files\BitLord2\BitLord.exe:*:Enabled:Bitlord2 -- ()
"\??\C:\WINDOWS\system32\winlogon.exe" = \??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{06792A12-AF16-42F4-BECD-BD913DE0FEC0}" = TurboCAD Deluxe 15
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB}" = Rome - Total War(TM)
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{91120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}" = Rome Total War - patch 1.3
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{AC76BA86-7AD7-1029-7B44-A70500000002}" = Adobe Reader 7.0.5 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BBC8862B-BFC8-475D-9BB8-93289703BD33}" = ESET NOD32 Antivirus
"{C1583439-B034-4881-819C-D52A0587662B}" = Neverwinter Nights Platinum Edition
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DBB313D6-4B13-4961-BD5F-673CDA1793CC}" = Autodesk 3ds Max 8
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"BitLord_is1" = BitLord v2.0
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Driver Magician_is1" = Driver Magician 3.45
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"FarmingSimulator2008_is1" = Landwirtschafts Simulator 2008
"FileZilla Client" = FileZilla Client 3.2.4.1
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81
"GameSpy Arcade" = GameSpy Arcade
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InCD!UninstallKey" = InCD
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"IP Changer Premium" = IP Changer Premium
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NWNCZ" = Neverwinter Nights(TM) - Čeština
"Scorpions WinCheater 2.07 (s databází 103)_is1" = Scorpions WinCheater
"Servant Salamander 2.0" = Servant Salamander 2.0
"Skype_is1" = Skype 2.5
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"The KMPlayer" = The KMPlayer (remove only)
"TmSunrise_is1" = TrackMania Sunrise Extreme 1.5.1
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29.6.2009 7:58:52 | Computer Name = HOME | Source = MsiInstaller | ID = 11500
Description = Product: Windows Installer Clean Up -- Error 1500. Another installation
is in progress. You must complete that installation before continuing this one.

Error - 29.6.2009 7:58:52 | Computer Name = HOME | Source = MsiInstaller | ID = 11500
Description = Product: Windows Installer Clean Up -- Error 1500. Another installation
is in progress. You must complete that installation before continuing this one.

Error - 1.7.2009 3:41:55 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nwmain.exe, verze 1.6.9.0, chybující modul ntdll.dll,
verze 5.1.2600.5755, adresa chyby 0x000101b3.

Error - 3.7.2009 4:46:19 | Computer Name = HOME | Source = Google Update | ID = 20
Description =

Error - 3.7.2009 5:46:13 | Computer Name = HOME | Source = Google Update | ID = 20
Description =

Error - 3.7.2009 6:46:10 | Computer Name = HOME | Source = Google Update | ID = 20
Description =

Error - 3.7.2009 9:50:06 | Computer Name = HOME | Source = | ID = 0
Description =

Error - 3.7.2009 9:50:06 | Computer Name = HOME | Source = | ID = 0
Description =

Error - 3.7.2009 12:42:14 | Computer Name = HOME | Source = | ID = 0
Description =

Error - 3.7.2009 12:42:14 | Computer Name = HOME | Source = | ID = 0
Description =

[ System Events ]
Error - 21.9.2009 15:03:23 | Computer Name = HOME | Source = Service Control Manager | ID = 7034
Description = Služba Terminálová služba byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 21.9.2009 15:05:12 | Computer Name = HOME | Source = sfsync02 | ID = 262156
Description =

Error - 21.9.2009 15:05:22 | Computer Name = HOME | Source = SRService | ID = 104
Description = Proces inicializace nástroje Obnovení systému se nezdařil.

Error - 21.9.2009 15:05:38 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 21.9.2009 15:06:36 | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = Služba Služba obnovení systému byla ukončena s následující chybou:
%%2

Error - 21.9.2009 15:06:36 | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ehdrv Fips intelppm

Error - 21.9.2009 15:07:08 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 21.9.2009 15:08:15 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 21.9.2009 15:09:46 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 21.9.2009 15:11:56 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

[ TuneUp Events ]
Error - 1.6.2009 13:22:15 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-06-01 19:22:15', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1464',0)

Error - 2.8.2009 7:34:07 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 13:34:07', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2508',0)

Error - 2.8.2009 7:34:23 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 13:34:23', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','3280',0)

Error - 2.8.2009 8:01:17 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 14:01:17', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1224',0)

Error - 2.8.2009 8:51:12 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 14:51:11', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2156',0)


< End of report >
Nahoru
Uživatelský avatar
cicero
Level 3.5
Level 3.5
Příspěvky: 939
Registrován: březen 08
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod cicero » 21 zář 2009 22:16

koukám že tě to ještě nepřestalo bavit
Nahoru
Uživatelský avatar
Damned
Tvůrce článků
Master Level 9
Master Level 9
Příspěvky: 8353
Registrován: prosinec 06
Bydliště: Rokycany
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Damned

Re: PC se dokola restartuje

Příspěvekod Damned » 21 zář 2009 22:40

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (protect [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\protect.sys
DRV - (zaqnxfqv7 [System | Running]) -- C:\WINDOWS\System32\drivers\zaqnxfqv7.sys
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
O1 - Hosts: 127.0.0.1 jL.chura.pl
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11299 more lines...
O4 - HKLM..\Run: [27196] C:\WINDOWS\System32\49.tmp.exe
O4 - HKLM..\Run: [KernelFaultCheck]
O4 - HKLM..\Run: [sys64_nov] C:\WINDOWS\System32\sys64_nov.exe
O4 - HKCU..\Run: [servises] C:\WINDOWS\System32\servises.exe
O4 - HKLM..\RunOnce: []
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
O18 - Protocol\Handler\ipp
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe) - C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe) - C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243337231-886787329-783463108-1055\dsregs.exe) - C:\RECYCLER\S-1-5-21-0243337231-886787329-783463108-1055\dsregs.exe
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\System32\drivers\protect.sys
C:\WINDOWS\System32\drivers\zaqnxfqv7.sys
C:\_OTM
C:\WINDOWS\System32\_id.dat
C:\WINDOWS\_delis43.ini
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\System32\d3d9caps.dat

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]



Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Nahoru
Pawkin
Level 1
Level 1
Příspěvky: 91
Registrován: květen 09
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod Pawkin » 22 zář 2009 16:58

nak to nejede sekne se to při protect.sys zaqnxfqv7.sys trva to nak dlouho skusil sem to tam nedal a jelo to a pak se to seklo zas u 49.tmp.exe tak nevim jestli je tí normalni že to jede tak dlouho???
Nahoru
Uživatelský avatar
Damned
Tvůrce článků
Master Level 9
Master Level 9
Příspěvky: 8353
Registrován: prosinec 06
Bydliště: Rokycany
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Damned

Re: PC se dokola restartuje

Příspěvekod Damned » 22 zář 2009 17:27

Podívej se do složky C:\_OTL, jestli tam není log.

Pak zkus ještě tedy před použitím toho skriptu pro OTL použít toto:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

sc config protect start= disabled
sc config zaqnxfqv7 start= disabled
sc stop protect
sc stop zaqnxfqv7
sc delete protect
sc delete zaqnxfqv7


ulož si ho na plochu jako-název remove.bat a ulož ho jako typ všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.
Otevře se Dosovské okno a zavře.

Pak zkus ten skript OTL, pokud to nepůjde normálně, zkus obojí v nouzovém režimu.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Nahoru
Pawkin
Level 1
Level 1
Příspěvky: 91
Registrován: květen 09
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod Pawkin » 22 zář 2009 18:19

dělám to všechno v nouzovém režimu normálni windows mi nenajede objevi se mi modra obrazovka - system windows byl ukonšen byl zahajen vypis fyzicke pameti .....atd.. zkusil sem odstranit protect.sys ten šel ale když chcu ten druhy objevi se zadanou cestu nelze nalézt. zkontrolujte zadaní cesty. takže nevim co s tím
Nahoru
Uživatelský avatar
Damned
Tvůrce článků
Master Level 9
Master Level 9
Příspěvky: 8353
Registrován: prosinec 06
Bydliště: Rokycany
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Damned

Re: PC se dokola restartuje

Příspěvekod Damned » 22 zář 2009 19:02

Spusť ještě jednou OTL a vlož mi sem zas oba logy.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Nahoru
Pawkin
Level 1
Level 1
Příspěvky: 91
Registrován: květen 09
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod Pawkin » 22 zář 2009 20:23

log otl.txt


OTL logfile created on: 22.9.2009 20:18:28 - Run 2
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Administrator.HOME\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 126,57 Mb Available Physical Memory | 24,74% Memory free
961,48 Mb Paging File | 182,70 Mb Available in Paging File | 19,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,43 Gb Free Space | 40,83% Space Free | Partition Type: NTFS
Drive D: | 3,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\reader_s.exe (Heaventools Software)
PRC - C:\WINDOWS\System32\94.tmp ()
PRC - C:\WINDOWS\System32\sys64_nov.exe ()
PRC - C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Temp\wpv761253645631.exe ()
PRC - C:\Documents and Settings\Administrator.HOME\Plocha\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Ati HotKey Poller [Auto | Stopped]) -- C:\WINDOWS\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart [Auto | Stopped]) -- C:\WINDOWS\System32\ati2sgag.exe ()
SRV - (Autodesk Licensing Service [Auto | Stopped]) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EhttpSrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn [Auto | Stopped]) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (InCDsrv [Auto | Stopped]) -- C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)
SRV - (JavaQuickStarterService [Auto | Stopped]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (MDM [Auto | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (mi-raysat_3dsmax8 [Auto | Stopped]) -- C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe ()
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (TuneUp.Defrag [On_Demand | Stopped]) -- C:\WINDOWS\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.ProgramStatisticsSvc [Auto | Stopped]) -- C:\WINDOWS\System32\TUProgSt.exe (TuneUp Software)
SRV - (UxTuneUp [Auto | Stopped]) -- C:\WINDOWS\System32\uxtuneup.dll (TuneUp Software)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (agp440 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\agp440.sys ()
DRV - (ALCXWDM [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ati2mtag [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (atksgt [Auto | Stopped]) -- C:\WINDOWS\System32\DRIVERS\atksgt.sys ()
DRV - (ctlsb16 [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\ctlsb16.sys (Copyright (C) Creative Technology Ltd. 1994-2001)
DRV - (eamon [Auto | Stopped]) -- C:\WINDOWS\System32\DRIVERS\eamon.sys (ESET)
DRV - (Edspport [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\es56hpi.sys (ESS Technology, Inc.)
DRV - (ehdrv [System | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys (ESET)
DRV - (epfwtdir [System | Running]) -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys (ESET)
DRV - (gameenum [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (InCDfs [Disabled | Stopped]) -- C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)
DRV - (InCDPass [System | Running]) -- C:\WINDOWS\System32\DRIVERS\InCDPass.sys (Nero AG)
DRV - (incdrm [System | Running]) -- C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)
DRV - (lirsgt [Auto | Stopped]) -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys ()
DRV - (Ntfs [Disabled | Running]) -- C:\WINDOWS\System32\drivers\ntfs.sys ()
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (RTL8023xp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (rtl8139 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS (Realtek Semiconductor Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sfdrv01a [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfdrv01a.sys (Protection Technology (StarForce))
DRV - (sfhlp02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfsync02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfvfs02 [Boot | Running]) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (zaqnxfqv7 [Disabled | Running]) -- C:\WINDOWS\System32\DRIVERS\zaqnxfqv7.sys ()
DRV - (zohxuamhqmln7 [System | Stopped]) -- C:\WINDOWS\System32\drivers\zohxuamhqmln7.sys ()
DRV - (zmhvqnqqcrf5 [System | Stopped]) -- C:\WINDOWS\System32\drivers\zmhvqnqqcrf5.sys ()

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.05.31 14:52:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.09.21 19:48:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.09.16 15:28:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009.08.04 11:03:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\mozilla\Extensions
[2009.08.04 11:03:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.04 11:03:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\mozilla\Firefox\Profiles\u9tc6as6.default\extensions
[2009.09.22 20:13:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.09.16 15:28:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.05.31 14:52:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.09.16 15:27:54 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.09.16 15:27:54 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009.05.01 23:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2009.05.31 14:52:31 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009.05.12 20:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009.05.19 00:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009.09.16 15:27:55 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009.06.05 17:10:12 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009.06.05 17:10:13 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009.05.01 23:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009.06.03 17:32:27 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.06.03 17:32:27 | 00,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.06.03 17:32:27 | 00,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.06.03 17:32:27 | 00,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.06.03 17:32:27 | 00,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.06.03 17:32:27 | 00,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (656546 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 127.0.0.1 123moviedownload.com
O1 - Hosts: 127.0.0.1 123simsen.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 125sms.co.uk
O1 - Hosts: 127.0.0.1 125sms.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 1337crew.info
O1 - Hosts: 127.0.0.1 1337-crew.to
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 150freesms.de
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 127.0.0.1 17-plus.com
O1 - Hosts: 127.0.0.1 1800searchonline.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1 181.365soft.info
O1 - Hosts: 127.0.0.1 1987324.com
O1 - Hosts: 127.0.0.1 1-domains-registrations.com
O1 - Hosts: 127.0.0.1 1sexparty.com
O1 - Hosts: 127.0.0.1 1sms.de
O1 - Hosts: 127.0.0.1 1spybot.com
O1 - Hosts: 127.0.0.1 1stantivirus.com
O1 - Hosts: 127.0.0.1 1stpagehere.com
O1 - Hosts: 11265 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [6875] C:\WINDOWS\System32\94.tmp.exe File not found
O4 - HKLM..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe (Heaventools Software)
O4 - HKLM..\Run: [Regedit32] C:\WINDOWS\System32\regedit.exe File not found
O4 - HKLM..\Run: [servises] C:\WINDOWS\System32\servises.exe ()
O4 - HKLM..\Run: [sys64_nov] C:\WINDOWS\System32\sys64_nov.exe ()
O4 - HKCU..\Run: [servises] C:\WINDOWS\System32\servises.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\WINDOWS\System32\grpconv.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 59 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe) - C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe File not found
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe) - C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243337231-886787329-783463108-1055\dsregs.exe) - C:\RECYCLER\S-1-5-21-0243337231-886787329-783463108-1055\dsregs.exe File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[7 C:\WINDOWS\*.tmp files]
[2009.09.22 19:44:07 | 00,040,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\zmhvqnqqcrf5.sys
[2009.09.22 19:07:33 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Ahoj.doc
[2009.09.22 19:05:58 | 00,010,752 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Nový objekt - Dokument aplikace Microsoft Word.doc
[2009.09.22 18:47:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Local Settings\Data aplikací\Identities
[2009.09.22 18:47:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Identities
[2009.09.22 18:17:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\TuneUp Software
[2009.09.22 18:08:05 | 00,000,146 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\remove.bat
[2009.09.22 17:00:57 | 00,066,560 | ---- | C] () -- C:\WINDOWS\System32\servises.exe
[2009.09.22 17:00:27 | 00,040,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\zohxuamhqmln7.sys
[2009.09.22 15:41:46 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.09.21 21:25:31 | 00,059,904 | ---- | C] (Heaventools Software) -- C:\WINDOWS\System32\reader_s.exe
[2009.09.21 21:25:25 | 00,047,872 | ---- | C] () -- C:\WINDOWS\System32\sys64_nov.exe
[2009.09.21 21:18:04 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator.HOME\Plocha\OTL.exe
[2009.09.21 21:03:10 | 00,000,000 | ---D | C] -- C:\_OTM
[2009.09.21 21:01:43 | 00,040,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\zaqnxfqv7.sys
[2009.09.21 20:42:12 | 00,385,426 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\OTMoveIt.rar
[2009.09.21 19:53:21 | 04,073,058 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\tools.rar
[2009.09.21 19:29:17 | 04,608,000 | ---- | C] () -- C:\WINDOWS\System32\rmvirut.nt
[2009.09.21 19:29:17 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\rmvirut.lst
[2009.09.14 19:09:37 | 00,000,000 | ---D | C] -- C:\rsit
[2009.09.14 19:05:23 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009.09.14 14:55:01 | 00,000,006 | ---- | C] () -- C:\WINDOWS\System32\_id.dat
[2009.09.14 14:51:03 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Spybot - Search & Destroy.lnk
[2009.09.14 14:46:55 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Administrator.HOME\Plocha\setup-spybotsd162.exe
[2009.09.14 14:46:31 | 00,000,000 | ---D | C] -- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[2009.09.14 14:46:30 | 00,000,000 | ---D | C] -- C:\Program Files\SDHelper (Spybot - Search & Destroy)
[2009.09.14 14:46:30 | 00,000,000 | ---D | C] -- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
[2009.09.14 14:46:28 | 00,000,000 | ---D | C] -- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
[2009.09.14 13:31:32 | 00,094,432 | ---- | C] () -- C:\WINDOWS\System32\dllcache\agp440.sys
[2009.09.07 20:01:14 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Nový objekt - Rastrový obrázek.bmp
[2009.09.06 15:39:45 | 02,734,080 | ---- | C] () -- C:\Documents and Settings\Administrator.HOME\Plocha\rmvirut.exe
[2009.09.06 14:20:11 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.09.05 22:14:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Local Settings\Data aplikací\G DATA
[2009.09.05 22:13:33 | 00,342,656 | ---- | C] (G DATA Software) -- C:\Documents and Settings\Administrator.HOME\Plocha\remover.exe
[2009.09.05 22:13:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Macromedia
[2009.09.05 22:13:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Adobe
[2009.09.05 22:08:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Sun
[2009.09.05 20:51:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\Malwarebytes
[2009.08.02 13:53:47 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.08.01 19:18:59 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.07.28 11:32:48 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.07.28 11:32:47 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.07.20 14:23:11 | 00,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.07.13 12:32:05 | 00,000,169 | ---- | C] () -- C:\WINDOWS\MaterialsDlg.ini
[2009.07.13 12:32:04 | 00,000,169 | ---- | C] () -- C:\WINDOWS\LuminancesDlg.ini
[2009.06.30 14:54:06 | 00,000,248 | ---- | C] () -- C:\WINDOWS\RomeTW.ini
[2009.06.25 20:04:44 | 00,000,196 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2009.06.25 13:08:14 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.05.24 18:12:18 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.05.20 19:30:58 | 00,000,052 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007.03.23 14:53:37 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.07 17:41:51 | 00,000,112 | ---- | C] () -- C:\WINDOWS\OPLK.INI
[2007.03.07 17:26:58 | 00,000,359 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2007.02.23 23:27:47 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2007.02.23 22:17:56 | 00,094,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\agp440.sys
[2007.02.23 22:16:05 | 00,000,494 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.02.23 21:58:40 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.03.02 14:00:00 | 00,626,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntfs.sys
[2006.03.02 14:00:00 | 00,000,632 | ---- | C] () -- C:\WINDOWS\win.ini
[2006.03.02 14:00:00 | 00,000,435 | ---- | C] () -- C:\WINDOWS\system.ini
[2005.10.14 12:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.09 16:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Files - Modified Within 30 Days ==========

[17 C:\WINDOWS\System32\*.tmp files]
[7 C:\WINDOWS\*.tmp files]
[2009.09.22 20:21:25 | 00,000,006 | ---- | M] () -- C:\WINDOWS\System32\_id.dat
[2009.09.22 19:46:06 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\svchost.exe
[2009.09.22 19:46:02 | 00,066,560 | ---- | M] () -- C:\WINDOWS\System32\servises.exe
[2009.09.22 19:44:13 | 00,094,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\agp440.sys
[2009.09.22 19:44:13 | 00,094,432 | ---- | M] () -- C:\WINDOWS\System32\dllcache\agp440.sys
[2009.09.22 19:44:08 | 00,047,872 | ---- | M] () -- C:\WINDOWS\System32\sys64_nov.exe
[2009.09.22 19:44:07 | 00,040,192 | ---- | M] () -- C:\WINDOWS\System32\drivers\zmhvqnqqcrf5.sys
[2009.09.22 19:44:06 | 00,059,904 | ---- | M] (Heaventools Software) -- C:\WINDOWS\System32\reader_s.exe
[2009.09.22 19:07:34 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Ahoj.doc
[2009.09.22 19:05:58 | 00,010,752 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Nový objekt - Dokument aplikace Microsoft Word.doc
[2009.09.22 18:08:05 | 00,000,146 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\remove.bat
[2009.09.22 17:00:27 | 00,040,192 | ---- | M] () -- C:\WINDOWS\System32\drivers\zohxuamhqmln7.sys
[2009.09.22 15:40:01 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.09.22 15:39:07 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.09.22 15:37:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.09.21 21:18:08 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.HOME\Plocha\OTL.exe
[2009.09.21 21:06:22 | 00,040,192 | ---- | M] () -- C:\WINDOWS\System32\drivers\zaqnxfqv7.sys
[2009.09.21 20:42:16 | 00,385,426 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\OTMoveIt.rar
[2009.09.21 19:53:38 | 04,073,058 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\tools.rar
[2009.09.21 19:29:17 | 04,608,000 | ---- | M] () -- C:\WINDOWS\System32\rmvirut.nt
[2009.09.21 19:29:17 | 00,000,045 | ---- | M] () -- C:\WINDOWS\System32\rmvirut.lst
[2009.09.21 19:12:09 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TCPIP.SYS
[2009.09.21 19:12:09 | 00,361,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\TCPIP.SYS
[2009.09.14 19:06:03 | 00,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.09.14 14:51:03 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Spybot - Search & Destroy.lnk
[2009.09.14 14:49:18 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Administrator.HOME\Plocha\setup-spybotsd162.exe
[2009.09.07 20:01:14 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\Nový objekt - Rastrový obrázek.bmp
[2009.09.07 19:53:00 | 00,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FD2844F6-6DA7-4CFC-A47D-F40495874E68}.job
[2009.09.07 19:53:00 | 00,000,480 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DB97E567-291E-4B34-8D35-AE6DDBCE7786}.job
[2009.09.06 19:33:18 | 00,000,500 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2009.09.06 15:46:07 | 02,734,080 | ---- | M] () -- C:\Documents and Settings\Administrator.HOME\Plocha\rmvirut.exe
[2009.09.05 22:33:05 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
[2009.09.05 22:13:46 | 00,342,656 | ---- | M] (G DATA Software) -- C:\Documents and Settings\Administrator.HOME\Plocha\remover.exe
[2009.09.05 22:10:39 | 00,004,456 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.08.24 16:21:57 | 00,626,336 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ntfs.sys
[2009.08.24 16:21:56 | 00,626,336 | ---- | M] () -- C:\WINDOWS\System32\drivers\ntfs.sys

========== LOP Check ==========

[2009.09.22 18:47:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací
[2009.09.22 18:17:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HOME\Data aplikací\TuneUp Software
[2009.08.01 17:37:21 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Data aplikací
[2009.05.29 19:17:19 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.05.29 21:51:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2007.03.07 17:28:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CyberLink
[2009.05.28 17:34:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.05.27 18:57:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.07.16 16:51:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.07.13 11:25:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2009.07.31 18:09:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2009.08.01 18:38:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.05.29 19:22:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.09.06 19:33:18 | 00,000,500 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2006.03.02 14:00:00 | 00,000,065 | -H-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.09.22 15:37:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.09.07 19:53:00 | 00,000,480 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DB97E567-291E-4B34-8D35-AE6DDBCE7786}.job
[2009.09.07 19:53:00 | 00,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FD2844F6-6DA7-4CFC-A47D-F40495874E68}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 52224 bytes -> C:\WINDOWS\System32\svchost.exe:ext.exe
@Alternate Data Stream - 52224 bytes -> C:\WINDOWS\System32\svchost.exe:exe.exe
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4ABFA08C
< End of report >
Nahoru
Pawkin
Level 1
Level 1
Příspěvky: 91
Registrován: květen 09
Pohlaví: Muž
Stav:
Offline

Re: PC se dokola restartuje

Příspěvekod Pawkin » 22 zář 2009 20:23

log extras.txt


OTL Extras logfile created on: 22.9.2009 20:18:28 - Run 2
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Administrator.HOME\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 126,57 Mb Available Physical Memory | 24,74% Memory free
961,48 Mb Paging File | 182,70 Mb Available in Paging File | 19,00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,43 Gb Free Space | 40,83% Space Free | Partition Type: NTFS
Drive D: | 3,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48792:TCP" = 48792:TCP:*:Enabled:System44
"35213:TCP" = 35213:TCP:*:Enabled:System36
"50631:TCP" = 50631:TCP:*:Enabled:System13
"17338:TCP" = 17338:TCP:*:Enabled:System97
"54895:TCP" = 54895:TCP:*:Enabled:System51
"56503:TCP" = 56503:TCP:*:Enabled:System59
"9474:TCP" = 9474:TCP:*:Enabled:System72
"26232:TCP" = 26232:TCP:*:Enabled:System75
"42990:TCP" = 42990:TCP:*:Enabled:System83
"4447:TCP" = 4447:TCP:*:Enabled:System04
"44175:TCP" = 44175:TCP:*:Enabled:System96
"24614:TCP" = 24614:TCP:*:Enabled:System32
"34937:TCP" = 34937:TCP:*:Enabled:System24
"12959:TCP" = 12959:TCP:*:Enabled:System78
"45673:TCP" = 45673:TCP:*:Enabled:System70
"23865:TCP" = 23865:TCP:*:Enabled:System67
"27993:TCP" = 27993:TCP:*:Enabled:System92
"6185:TCP" = 6185:TCP:*:Enabled:System76
"37698:TCP" = 37698:TCP:*:Enabled:System97
"4405:TCP" = 4405:TCP:*:Enabled:System95
"4801:TCP" = 4801:TCP:*:Enabled:System89
"59094:TCP" = 59094:TCP:*:Enabled:System65
"23748:TCP" = 23748:TCP:*:Enabled:System91
"63476:TCP" = 63476:TCP:*:Enabled:System83
"8375:TCP" = 8375:TCP:*:Enabled:System06
"49781:TCP" = 49781:TCP:*:Enabled:System16
"38296:TCP" = 38296:TCP:*:Enabled:System27
"37919:TCP" = 37919:TCP:*:Enabled:System25
"26434:TCP" = 26434:TCP:*:Enabled:System28
"12614:TCP" = 12614:TCP:*:Enabled:System98
"63827:TCP" = 63827:TCP:*:Enabled:System90
"17359:TCP" = 17359:TCP:*:Enabled:System35
"11147:TCP" = 11147:TCP:*:Enabled:System46
"63475:TCP" = 63475:TCP:*:Enabled:System32
"5475:TCP" = 5475:TCP:*:Enabled:System07
"19906:TCP" = 19906:TCP:*:Enabled:System12
"20097:TCP" = 20097:TCP:*:Enabled:System41
"26532:TCP" = 26532:TCP:*:Enabled:System52
"15443:TCP" = 15443:TCP:*:Enabled:System46
"59738:TCP" = 59738:TCP:*:Enabled:System26
"26668:TCP" = 26668:TCP:*:Enabled:System37
"59808:TCP" = 59808:TCP:*:Enabled:System55
"42806:TCP" = 42806:TCP:*:Enabled:System47
"65081:TCP" = 65081:TCP:*:Enabled:System95
"48546:TCP" = 48546:TCP:*:Enabled:System00
"30294:TCP" = 30294:TCP:*:Enabled:System66
"8486:TCP" = 8486:TCP:*:Enabled:System61
"4551:TCP" = 4551:TCP:*:Enabled:System50
"61501:TCP" = 61501:TCP:*:Enabled:System44
"11673:TCP" = 11673:TCP:*:Enabled:System52
"33704:TCP" = 33704:TCP:*:Enabled:System41
"41085:TCP" = 41085:TCP:*:Enabled:System23
"19277:TCP" = 19277:TCP:*:Enabled:System17
"25712:TCP" = 25712:TCP:*:Enabled:System15
"5575:TCP" = 5575:TCP:*:Enabled:System66
"45303:TCP" = 45303:TCP:*:Enabled:System61
"62061:TCP" = 62061:TCP:*:Enabled:System69
"22637:TCP" = 22637:TCP:*:Enabled:System32
"62365:TCP" = 62365:TCP:*:Enabled:System37
"17587:TCP" = 17587:TCP:*:Enabled:System26
"31331:TCP" = 31331:TCP:*:Enabled:System90
"36604:TCP" = 36604:TCP:*:Enabled:System93
"43002:TCP" = 43002:TCP:*:Enabled:System87
"25545:TCP" = 25545:TCP:*:Enabled:System11
"35868:TCP" = 35868:TCP:*:Enabled:System03
"42303:TCP" = 42303:TCP:*:Enabled:System97
"43801:TCP" = 43801:TCP:*:Enabled:System79
"55509:TCP" = 55509:TCP:*:Enabled:System68
"60286:TCP" = 60286:TCP:*:Enabled:System71
"55905:TCP" = 55905:TCP:*:Enabled:System52
"23727:TCP" = 23727:TCP:*:Enabled:System60
"63337:TCP" = 63337:TCP:*:Enabled:System73
"58287:TCP" = 58287:TCP:*:Enabled:System84
"16232:TCP" = 16232:TCP:*:Enabled:System76
"56529:TCP" = 56529:TCP:*:Enabled:System93
"34721:TCP" = 34721:TCP:*:Enabled:System96
"6874:TCP" = 6874:TCP:*:Enabled:System04
"17197:TCP" = 17197:TCP:*:Enabled:System98
"7202:TCP" = 7202:TCP:*:Enabled:System81
"23960:TCP" = 23960:TCP:*:Enabled:System78
"63688:TCP" = 63688:TCP:*:Enabled:System70
"12014:TCP" = 12014:TCP:*:Enabled:System50
"51742:TCP" = 51742:TCP:*:Enabled:System58
"35207:TCP" = 35207:TCP:*:Enabled:System61
"40480:TCP" = 40480:TCP:*:Enabled:System55
"7414:TCP" = 7414:TCP:*:Enabled:System92
"47142:TCP" = 47142:TCP:*:Enabled:System97
"12687:TCP" = 12687:TCP:*:Enabled:System89
"52415:TCP" = 52415:TCP:*:Enabled:System08
"16184:TCP" = 16184:TCP:*:Enabled:System36
"55912:TCP" = 55912:TCP:*:Enabled:System33
"4699:TCP" = 4699:TCP:*:Enabled:System44
"46667:TCP" = 46667:TCP:*:Enabled:System96
"24859:TCP" = 24859:TCP:*:Enabled:System88
"19809:TCP" = 19809:TCP:*:Enabled:System07
"30132:TCP" = 30132:TCP:*:Enabled:System93
"10824:TCP" = 10824:TCP:*:Enabled:System99
"48529:TCP" = 48529:TCP:*:Enabled:System95
"26721:TCP" = 26721:TCP:*:Enabled:System03
"43479:TCP" = 43479:TCP:*:Enabled:System06
"25286:TCP" = 25286:TCP:*:Enabled:System00
"47359:TCP" = 47359:TCP:*:Enabled:System23
"26443:TCP" = 26443:TCP:*:Enabled:System42
"14958:TCP" = 14958:TCP:*:Enabled:System26
"7804:TCP" = 7804:TCP:*:Enabled:System28
"53028:TCP" = 53028:TCP:*:Enabled:System34
"52732:TCP" = 52732:TCP:*:Enabled:System86
"9116:TCP" = 9116:TCP:*:Enabled:System94
"17341:TCP" = 17341:TCP:*:Enabled:System62
"35261:TCP" = 35261:TCP:*:Enabled:System70
"14177:TCP" = 14177:TCP:*:Enabled:System59
"60037:TCP" = 60037:TCP:*:Enabled:System51
"12798:TCP" = 12798:TCP:*:Enabled:System51
"52526:TCP" = 52526:TCP:*:Enabled:System32
"62849:TCP" = 62849:TCP:*:Enabled:System48
"41041:TCP" = 41041:TCP:*:Enabled:System43
"51364:TCP" = 51364:TCP:*:Enabled:System37
"39924:TCP" = 39924:TCP:*:Enabled:System30
"16954:TCP" = 16954:TCP:*:Enabled:System35
"23389:TCP" = 23389:TCP:*:Enabled:System24
"5950:TCP" = 5950:TCP:*:Enabled:System87
"19179:TCP" = 19179:TCP:*:Enabled:System84

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- ()
"C:\NeverwinterNights\NWN\nwmain.exe" = C:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights -- (BioWare)
"C:\NeverwinterNights\NWN\nwserver.exe" = C:\NeverwinterNights\NWN\nwserver.exe:*:Enabled:Neverwinter Nights Server -- (BioWare)
"C:\Program Files\TrackMania Sunrise\TmSunrise.exe" = C:\Program Files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise -- ()
"C:\Documents and Settings\Tomáš Pawera\Plocha\Files\1nsane\Game.exe" = C:\Documents and Settings\Tomáš Pawera\Plocha\Files\1nsane\Game.exe:*:Enabled:INSANE -- (INVICTUS Team)
"C:\Program Files\BitLord2\BitLord.exe" = C:\Program Files\BitLord2\BitLord.exe:*:Enabled:Bitlord2 -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{06792A12-AF16-42F4-BECD-BD913DE0FEC0}" = TurboCAD Deluxe 15
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB}" = Rome - Total War(TM)
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{91120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}" = Rome Total War - patch 1.3
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{AC76BA86-7AD7-1029-7B44-A70500000002}" = Adobe Reader 7.0.5 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BBC8862B-BFC8-475D-9BB8-93289703BD33}" = ESET NOD32 Antivirus
"{C1583439-B034-4881-819C-D52A0587662B}" = Neverwinter Nights Platinum Edition
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DBB313D6-4B13-4961-BD5F-673CDA1793CC}" = Autodesk 3ds Max 8
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"BitLord_is1" = BitLord v2.0
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Driver Magician_is1" = Driver Magician 3.45
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"FarmingSimulator2008_is1" = Landwirtschafts Simulator 2008
"FileZilla Client" = FileZilla Client 3.2.4.1
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81
"GameSpy Arcade" = GameSpy Arcade
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InCD!UninstallKey" = InCD
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"IP Changer Premium" = IP Changer Premium
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NWNCZ" = Neverwinter Nights(TM) - Čeština
"Scorpions WinCheater 2.07 (s databází 103)_is1" = Scorpions WinCheater
"Servant Salamander 2.0" = Servant Salamander 2.0
"Skype_is1" = Skype 2.5
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"The KMPlayer" = The KMPlayer (remove only)
"TmSunrise_is1" = TrackMania Sunrise Extreme 1.5.1
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29.6.2009 7:58:52 | Computer Name = HOME | Source = MsiInstaller | ID = 11500
Description = Product: Windows Installer Clean Up -- Error 1500. Another installation
is in progress. You must complete that installation before continuing this one.

Error - 29.6.2009 7:58:52 | Computer Name = HOME | Source = MsiInstaller | ID = 11500
Description = Product: Windows Installer Clean Up -- Error 1500. Another installation
is in progress. You must complete that installation before continuing this one.

Error - 1.7.2009 3:41:55 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nwmain.exe, verze 1.6.9.0, chybující modul ntdll.dll,
verze 5.1.2600.5755, adresa chyby 0x000101b3.

Error - 3.7.2009 4:46:19 | Computer Name = HOME | Source = Google Update | ID = 20
Description =

Error - 3.7.2009 5:46:13 | Computer Name = HOME | Source = Google Update | ID = 20
Description =

Error - 3.7.2009 6:46:10 | Computer Name = HOME | Source = Google Update | ID = 20
Description =

Error - 3.7.2009 9:50:06 | Computer Name = HOME | Source = | ID = 0
Description =

Error - 3.7.2009 9:50:06 | Computer Name = HOME | Source = | ID = 0
Description =

Error - 3.7.2009 12:42:14 | Computer Name = HOME | Source = | ID = 0
Description =

Error - 3.7.2009 12:42:14 | Computer Name = HOME | Source = | ID = 0
Description =

[ System Events ]
Error - 22.9.2009 13:04:56 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 22.9.2009 13:04:57 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 22.9.2009 13:06:02 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 22.9.2009 13:06:02 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 22.9.2009 13:06:04 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 22.9.2009 13:06:05 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 22.9.2009 13:07:29 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 22.9.2009 13:33:38 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 22.9.2009 13:33:38 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 22.9.2009 13:43:04 | Computer Name = HOME | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.217 pro síťovou kartu s adresou 000C76EFEAF2
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

[ TuneUp Events ]
Error - 1.6.2009 13:22:15 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-06-01 19:22:15', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1464',0)

Error - 2.8.2009 7:34:07 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 13:34:07', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2508',0)

Error - 2.8.2009 7:34:23 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 13:34:23', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','3280',0)

Error - 2.8.2009 8:01:17 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 14:01:17', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1224',0)

Error - 2.8.2009 8:51:12 | Computer Name = HOME | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 14:51:11', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2156',0)


< End of report >
Nahoru
Uživatelský avatar
Damned
Tvůrce článků
Master Level 9
Master Level 9
Příspěvky: 8353
Registrován: prosinec 06
Bydliště: Rokycany
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele Damned

Re: PC se dokola restartuje

Příspěvekod Damned » 22 zář 2009 21:11

Vypni Body obnovení.

Spusť OTM
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE

Kód: Vybrat vše

:Processes
explorer.exe
reader_s.exe
94.tmp
sys64_nov.exe
wpv761253645631.exe
94.tmp.exe

:Services
zaqnxfqv7
zohxuamhqmln7
zmhvqnqqcrf5

:Reg

:Files
C:\WINDOWS\System32\*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\System32\49.tmp.exe
C:\WINDOWS\System32\DRIVERS\zaqnxfqv7.sys
C:\WINDOWS\System32\drivers\zohxuamhqmln7.sys
C:\WINDOWS\System32\drivers\zmhvqnqqcrf5.sys
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\94.tmp
C:\WINDOWS\System32\sys64_nov.exe
C:\WINDOWS\Temp\wpv761253645631.exe
C:\WINDOWS\System32\servises.exe
C:\WINDOWS\System32\regedit.exe
C:\RECYCLER\S-1-5-21-0243337231-886787329-783463108-1055\dsregs.exe
C:\RECYCLER\S-1-5-21-0243992721-823278279-782329928-3321\bxswin.exe
C:\WINDOWS\System32\_id.dat
C:\WINDOWS\_delis43.ini
C:\WINDOWS\System32\d3d9caps.dat
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\System32\94.tmp.exe

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Nahoru
Odpovědět

Zpět na “Viry, antiviry, firewally…”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti