Prosim o kontrolu logu. Predem dekuji Vyřešeno

[feryking]

Ani to nejde. Pise to to same akorat ntam je napsano unistall. ?????

[Reklama]

[Damned]

Dobrá.

Naplánuj tedy tu kontrolu disku a po restartu proveď ten script ComboFixu.

[feryking]

ComboFix 10-01-13.0C - feryking 14.01.2010 17:04:57.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1562 [GMT 1:00]
Spuštěný z: c:\documents and settings\feryking\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\feryking\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100114-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\windows\ativpsrm.bin"
"c:\windows\im32st.dat"
"c:\windows\mozregistry.dat"
"c:\windows\system32\ezsidmv.dat"
.
Error: Cfiles.dat

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\feryking\Recent(2)
c:\documents and settings\feryking\Recent(2)\navod.lnk
c:\documents and settings\feryking\Recent(2)\S6_DVD_CS.lnk
c:\documents and settings\feryking\Recent(2)\THE SETTLERS - Vzestup rise.lnk
c:\documents and settings\feryking\Recent(2)\The Settlers 6 Gold CZ (2).lnk
c:\documents and settings\feryking\Recent(2)\The Settlers 6 Gold CZ.lnk
C:\found.000
C:\found.001
c:\found.001\file0000.chk
c:\found.001\file0001.chk
C:\found.002
c:\found.002\file0000.chk
C:\found.003
c:\found.003\dir0000.chk\Internet Explorer\brndlog.bak
c:\found.003\dir0000.chk\Internet Explorer\brndlog.txt
c:\found.003\file0000.chk
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\windows\ativpsrm.bin
c:\windows\im32st.dat
c:\windows\mozregistry.dat
c:\windows\system32\ezsidmv.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-14 do 2010-01-14 )))))))))))))))))))))))))))))))
.

2010-01-14 13:23 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-14 13:22 . 2010-01-14 13:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-14 13:22 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-14 03:34 . 2010-01-14 03:34 -------- d-----w- c:\windows\system32\oodag
2010-01-14 03:17 . 2010-01-14 03:17 -------- d-----w- c:\program files\OO Software
2010-01-13 17:15 . 2010-01-14 14:20 -------- d-----w- c:\program files\ICQ6.5
2010-01-13 17:10 . 2010-01-13 17:10 -------- d-----w- c:\program files\ICQ6.518_12_11
2010-01-13 17:08 . 2010-01-13 17:08 -------- d-----w- c:\program files\ICQ6.518_10_19
2010-01-13 17:08 . 2010-01-13 17:08 -------- d-----w- c:\program files\ICQ6.518_08_29
2010-01-13 16:04 . 2010-01-13 16:03 390144 ----a-w- c:\windows\system32\CF7806.exe
2010-01-13 06:33 . 2010-01-13 06:33 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-01-13 06:33 . 2010-01-13 06:33 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-01-13 06:30 . 2010-01-13 16:26 -------- d-----w- c:\program files\Ubisoft
2010-01-13 05:43 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-13 05:40 . 2010-01-13 05:40 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-11 16:50 . 2010-01-11 16:50 -------- d-----w- C:\ProgramData
2010-01-11 16:17 . 2010-01-11 16:17 -------- d-----w- c:\program files\TrendMicro
2010-01-10 10:37 . 2010-01-10 10:37 -------- dc----w- c:\windows\system32\DRVSTORE
2010-01-10 10:37 . 2010-01-14 03:13 -------- d-----w- c:\program files\ATI
2010-01-10 07:11 . 2010-01-10 07:11 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-01-10 05:55 . 2010-01-10 05:55 -------- d-----w- c:\program files\SEGA
2010-01-09 11:59 . 2010-01-13 05:39 -------- d-----w- c:\program files\Seznam DVD5
2010-01-09 10:16 . 2010-01-09 10:16 -------- d-----w- c:\windows\SHELLNEW
2010-01-09 10:15 . 2010-01-09 10:15 -------- d-----w- C:\MSOCache
2009-12-31 13:33 . 2008-04-14 03:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-31 13:33 . 2009-12-31 13:33 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-31 13:33 . 2009-12-31 13:33 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-12-31 13:33 . 2009-12-31 13:33 -------- d-----w- c:\windows\system32\LogFiles
2009-12-31 09:35 . 2009-12-31 09:35 -------- d-----w- c:\program files\OpenAL
2009-12-31 09:35 . 2010-01-07 15:45 -------- d-----w- c:\program files\Puzzle Quest
2009-12-31 09:35 . 2009-12-31 09:35 -------- d-----w- c:\windows\Puzzle Quest
2009-12-29 16:44 . 2009-12-29 16:44 -------- d-----w- c:\windows\Downloaded Installations
2009-12-29 16:43 . 2006-03-28 12:00 118832 ----a-w- c:\windows\system32\SHW32.DLL
2009-12-29 16:43 . 2004-08-30 13:25 438272 ----a-w- c:\windows\system32\vp6vfw.dll
2009-12-27 09:16 . 2009-12-27 09:20 -------- d-----w- c:\program files\SpeedFan
2009-12-27 08:24 . 2010-01-09 10:11 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-27 08:24 . 2009-12-31 09:35 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-27 08:23 . 2004-06-22 14:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2009-12-27 08:11 . 2009-12-27 08:11 -------- d-----w- c:\windows\system32\Futuremark
2009-12-27 08:11 . 2004-10-25 19:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2009-12-27 08:11 . 2001-11-19 18:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2009-12-23 23:09 . 2009-12-23 23:09 -------- d-----w- c:\program files\Common Files\Skype
2009-12-23 23:08 . 2009-12-23 23:09 -------- d-----r- c:\program files\Skype
2009-12-23 21:27 . 2009-12-23 21:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-23 21:27 . 2009-12-23 21:27 -------- d-----w- c:\program files\Java
2009-12-23 17:45 . 2009-12-23 17:45 -------- d-----w- c:\program files\Sierra
2009-12-19 15:36 . 2009-12-19 21:23 -------- d-----w- C:\Fraps
2009-12-19 10:31 . 2009-12-19 10:31 -------- d-----w- c:\program files\PJsoft
2009-12-19 10:30 . 2009-12-19 10:31 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-16 21:46 . 2009-12-16 21:46 -------- d-----w- c:\windows\Governor of Poker
2009-12-16 21:46 . 2009-12-16 21:46 -------- d-----w- c:\program files\Governor of Poker
2009-12-15 22:39 . 2009-12-15 22:39 -------- d-----w- c:\program files\Electronic Arts
2009-12-15 21:47 . 2009-12-15 21:47 -------- d-----w- c:\program files\Common Files\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-13 16:26 . 2009-12-11 15:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 05:38 . 2009-12-11 15:59 -------- d-----w- c:\program files\ATI Technologies
2009-12-27 08:48 . 2009-12-11 15:40 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-16 10:19 . 2001-10-25 14:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2009-12-16 10:19 . 2001-10-25 14:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2009-12-15 11:22 . 2009-12-15 11:21 -------- d-----w- c:\program files\Sierra On-Line
2009-12-15 09:36 . 2009-12-15 09:36 -------- d-----w- c:\program files\MSBuild
2009-12-15 09:36 . 2009-12-15 09:36 -------- d-----w- c:\program files\Reference Assemblies
2009-12-13 15:59 . 2009-12-11 15:05 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-13 15:59 . 2009-12-11 15:05 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-13 15:58 . 2009-12-11 15:05 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-12 22:48 . 2009-12-12 22:48 -------- d-----w- c:\program files\MSXML 4.0
2009-12-11 18:41 . 2009-12-11 18:41 -------- d-----w- c:\program files\Activision
2009-12-11 18:34 . 2009-12-11 18:33 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-11 18:33 . 2009-12-11 18:33 -------- d-----w- c:\program files\Nero
2009-12-11 18:23 . 2009-12-11 18:20 -------- d-----w- c:\program files\hp deskjet 656c series
2009-12-11 18:21 . 2009-12-11 18:20 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-11 18:06 . 2009-12-11 17:58 -------- d-----w- c:\program files\Common Files\snpstd
2009-12-11 18:01 . 2009-12-11 18:01 -------- d-----w- c:\program files\KYE
2009-12-11 17:26 . 2009-12-11 17:26 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-11 17:23 . 2009-12-11 17:23 -------- d-----w- c:\program files\SCi Games
2009-12-11 17:19 . 2009-12-11 16:37 -------- d-----w- c:\program files\DVDFab 6
2009-12-11 16:51 . 2009-12-11 16:51 717296 ----a-w- c:\windows\system32\drivers\sptd.sys.13348500
2009-12-11 16:38 . 2009-12-11 16:38 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-11 16:17 . 2009-12-11 16:17 -------- d-----w- c:\program files\Common Files\Logitech
2009-12-11 16:17 . 2009-12-11 16:17 -------- d-----w- c:\program files\Logitech
2009-11-25 02:42 . 2009-07-02 16:44 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-11-25 02:42 . 2009-07-02 16:44 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-11-24 23:54 . 2009-12-11 15:13 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-12-11 15:13 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-12-11 15:13 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-12-11 15:13 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-12-11 15:13 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-12-11 15:13 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-12-11 15:13 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-12-11 15:13 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-12-11 15:13 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 16:40 . 2009-12-11 15:40 838176 ----a-w- c:\windows\RtlExUpd.dll
2009-11-21 16:03 . 2004-08-17 13:49 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-18 06:17 . 2009-12-11 15:40 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2009-11-18 06:16 . 2009-12-11 15:40 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2009-10-29 07:43 . 2004-08-17 13:49 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-17 13:49 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-17 13:49 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-01-14_14.33.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 1601-01-01 00:00 . 1601-01-01 00:00 0 c:\windows\system32\drivers\atinxbxx.sys
+ 2010-01-14 16:01 . 2010-01-14 16:01 16384 c:\windows\Temp\Perflib_Perfdata_904.dat
+ 2010-01-14 14:47 . 2010-01-14 14:47 16384 c:\windows\Temp\Perflib_Perfdata_5c8.dat
+ 2001-10-25 14:00 . 2001-10-25 14:00 82432 c:\windows\system32\ufat.dll
+ 2009-12-11 15:48 . 2008-04-14 03:21 32285 c:\windows\system32\hsfcisp2.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= "c:\windows\system32\ieframe.dll" [2009-10-29 11069952]

[HKEY_CLASSES_ROOT\clsid\{cfbfae00-17a6-11d0-99cb-00c04fd64497}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
2009-12-23 21:27 41760 ----a-w- c:\program files\Java\jre6\bin\jp2ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
2009-12-23 21:27 73728 ----a-w- c:\program files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-03 18789408]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-10-12 196608]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2009-08-21 2553088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"= "c:\windows\system32\browseui.dll" [2008-04-14 1025024]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= "shell32.dll" [2008-06-17 8465408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"= {7849596a-48ea-486e-8937-a2a3009f31a9} - c:\windows\system32\SHELL32.dll [2008-06-17 8465408]
"CDBurn"= {fbeb8a05-beee-4442-804e-409d6c4515e9} - c:\windows\system32\SHELL32.dll [2008-06-17 8465408]
"WebCheck"= {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - c:\windows\system32\webcheck.dll [2009-03-08 236544]
"WPDShServiceObj"= {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\feryking\\Data aplikací\\uTorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\base\\bin\\Settlers6.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\extra1\\bin\\Settlers6.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.12.2009 16:13 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.12.2009 16:13 20560]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11.12.2009 16:40 1691480]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: {{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {{E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\ICQ6.5\ICQ.exe
IE: {{FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\Messenger\msmsgs.exe
IE: {{77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
TCP: {944F9386-89AA-4E05-9C69-F7D6255D135B} = 213.180.32.2
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\msdaipp.dll
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\msdaipp.dll
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\msdaipp.dll
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\msdaipp.dll
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\msdaipp.dll
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\msdaipp.dll
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\progra~1\COMMON~1\System\OLEDB~1\msdaipp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\COMMON~1\Skype\SKYPE4~1.DLL
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} -
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - c:\windows\system32\msvidctl.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-14 17:08
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="68DE34A1824E34AE597C96AEA8DCD4F18754FCDFD255E79BD42EDDEE07938DB0091F177206D494B5BF636076F4B5F9B6508457709A83F81659559275255F25B6C937CA4909AA9FEC8CB30C3A6A4ACEC6366685D01534301A46B254458B53396FFD4FF4D49D393FB43D9BB1551217FB3F7DCBAE2968961BA2C95DFB769AF5D4555AE3403979F92123B09CEA961F2DF2F3CD5C7F965D7109607542E61351E0CA13F9C5D98CF9FCFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D9DB7CE019D40AA5CA9C6AECB7A5D1407833CED6B8E969E066F2A54D2015477D7AA25343CB5C261DDA0ACC84CBB421DB27037B57BF1D05E2949975B24EBDA620C5A31B5D16CD49B90D27ED473E9A96AB06C60D64D2274ECC40DC884C14690D2FA752AE96FABF2CB117C3F11921958036A61203D4295C2246A2721C476D4C2FB2C068F6D63A918A0FC69ADE11C1198AA307A90B493C37202BFC2B971DD6036B539DB17BD4D9FB3E783A7BC90569CA44C69A6816F4DA92D2801D160C4E9B7A1F8D3862ABF25CD2B97E88B11C75D0D30F18D9D76024EC710DCF98892DCDE2D2FE6BDDCE739B4F556C486AC871A1EB3DF4EAB5428E54A24AD890F6108BCD315FDBFCE7BA057975F01AC48642E795B6ACA37638701F849450DBD341827CAB849A16CF1BC59A7C1D3EB2F2E524540AD8C8024E8B8A17CA8B827A8F62F8DD0CBA721F7A6464D9FF8A2C851CB5B46A97F780131092BDB95948FE9A1F26A0BFDA212769001FA6815551FC1B84A24D9D68D1240211E6638CE94DDB8A35B54A4E3A5ED928826084CC3C51E73B3669A604CECC1A8581BB77114FE3DE7CA76B913FA92A4D658D259CECB0CFA6BAF6F6B6AF18373175E842E78B67EC842D99E2BC29A79251B9956227AAFBD95AF43CA8A3F148C175CE1731FEF6E14228636C27E54833F5F2A8B14598BD744CF38A3EEAFD963159DBD3394A12F51936EE5EAE2CB9A569C49C39182B6F48EDE906FAE6AD5677402027347AB9243DFA45585A49771A01B1F5E99B12E3ADA041DC0B6E35B3BCC3F0A3EAAB60B9269F8438402368A8FA1BAA6195397352617CA6651E1E677639D20B651853E9D0496E3BD2BE594798C8E85E77E8B91CA01B65C7434397F861727D766419740E0107249B97FB65AB7118BACEB12D292B7137C11D4DE781A64DEE50CCD13EBBFE52356B6AD38E7452A8971468FDD2A33D5EADC2AE7CD4FC5818C8D42F1D4FCE5516DD59CE61465B6CC28CC4C04EF8AAB945C02CB65FE61B6E3B184E8AF93BD005CE3B0D104D28BB52C61DD1FCDD9DCDBF67CC9FA56744845A1A4E450B3651380D43B600FF8B82EEA6B6E1900C431024896A4C4A598B50FECE602FCAB81E055791CF310710D1090A4BF4CA6"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-14 17:09:09
ComboFix-quarantined-files.txt 2010-01-14 16:09
ComboFix2.txt 2010-01-14 14:34

Před spuštěním: Volných bajtů: 52 407 324 672
Po spuštění: Volných bajtů: 52 414 791 680

- - End Of File - - 51C37D1737FC29E6C0EC311B31F10A9D
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:12, on 14.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\feryking\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{944F9386-89AA-4E05-9C69-F7D6255D135B}: NameServer = 213.180.32.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

--
End of file - 6602 bytes

[feryking]

OTL logfile created on: 14.1.2010 17:14:19 - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Documents and Settings\feryking\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 48,83 Gb Free Space | 50,01% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 46,72 Gb Free Space | 23,31% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FERYKING-3CA06C
Current User Name: feryking
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\feryking\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\feryking\Plocha\HijackThis.exe (Trend Micro Inc.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\feryking\Plocha\OTL.exe (OldTimer Tools)


========== Win32 Services (SafeList) ==========

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (NetTcpPortSharing) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NBService) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (catchme) -- File not found
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys.13348500 (Duplex Secure Ltd.)
DRV - (pcouffin) -- C:\WINDOWS\system32\drivers\pcouffin.sys (VSO Software)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\WINDOWS\system32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (ENTECH) -- C:\WINDOWS\system32\drivers\Entech.sys (EnTech Taiwan)
DRV - (snpstd) -- C:\WINDOWS\system32\drivers\snpstd.sys ()
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.12.16 11:16:37 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.12.23 22:27:37 | 00,000,000 | ---D | M]


O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.180.32.2 172.27.12.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Fraps\RichardBurnsRally_SSE 2009-11-04 12-23-55-70.bmp
O24 - Desktop BackupWallPaper: D:\Fraps\RichardBurnsRally_SSE 2009-11-04 12-23-55-70.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.11 16:06:10 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.01.14 17:13:03 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\feryking\Plocha\OTL.exe
[2010.01.14 17:04:07 | 00,000,000 | ---D | C] -- C:\ComboFix
[2010.01.14 14:23:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Data aplikací\Malwarebytes
[2010.01.14 14:23:10 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.01.14 14:23:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.01.14 14:22:28 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.01.14 14:22:28 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.01.14 14:22:07 | 05,115,832 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\feryking\Plocha\mbam-setup.exe
[2010.01.14 04:34:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oodag
[2010.01.14 04:18:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Local Settings\Data aplikací\O&O
[2010.01.14 04:17:45 | 00,000,000 | ---D | C] -- C:\Program Files\OO Software
[2010.01.13 18:15:49 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.5
[2010.01.13 18:10:22 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.518_12_11
[2010.01.13 18:08:31 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.518_10_19
[2010.01.13 18:08:01 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.518_08_29
[2010.01.13 18:07:16 | 17,001,848 | ---- | C] (Macrovision Corporation) -- C:\Documents and Settings\feryking\Plocha\install_icq65.exe
[2010.01.13 17:38:26 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\feryking\Plocha\HijackThis.exe
[2010.01.13 17:26:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Tages
[2010.01.13 17:09:36 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.01.13 17:09:36 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.01.13 17:09:36 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.01.13 17:09:36 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.01.13 17:04:02 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF7806.exe
[2010.01.13 17:04:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.01.13 17:03:58 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010.01.13 16:46:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Dokumenty\THE SETTLERS - Rise of an Empire
[2010.01.13 07:30:36 | 00,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010.01.13 06:43:48 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.01.13 06:38:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ATI
[2010.01.13 06:37:12 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\feryking\Recent
[2010.01.13 06:36:44 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2010.01.11 19:34:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.01.11 17:50:14 | 00,000,000 | ---D | C] -- C:\ProgramData
[2010.01.11 17:47:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Data aplikací\TuneUp Software
[2010.01.11 17:47:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.01.11 17:17:58 | 00,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.01.10 11:40:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ATI(2)
[2010.01.10 11:37:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010.01.10 11:37:12 | 00,000,000 | ---D | C] -- C:\Program Files\ATI
[2010.01.10 08:11:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Local Settings\Data aplikací\SEGA
[2010.01.10 08:11:06 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010.01.10 06:55:34 | 00,000,000 | ---D | C] -- C:\Program Files\SEGA
[2010.01.09 19:22:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\feryking\Dokumenty\Filmy
[2010.01.09 12:59:56 | 00,000,000 | ---D | C] -- C:\Program Files\Seznam DVD5
[2010.01.09 11:16:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010.01.09 11:16:08 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.01.09 11:16:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
[2010.01.09 11:15:50 | 00,000,000 | ---D | C] -- C:\MSOCache
[2010.01.05 17:05:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Plocha\Fana skola v praze 2009
[2010.01.05 16:58:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Plocha\Fana strasidelna skola 2009
[2009.12.31 14:34:06 | 00,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009.12.31 14:33:55 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009.12.31 14:33:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009.12.31 14:33:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009.12.31 10:35:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Dokumenty\Puzzle Quest
[2009.12.31 10:35:49 | 00,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2009.12.31 10:35:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\Puzzle Quest
[2009.12.31 10:35:34 | 00,000,000 | ---D | C] -- C:\Program Files\Puzzle Quest
[2009.12.29 17:44:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009.12.29 17:43:58 | 01,077,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCTL.OCX
[2009.12.29 17:43:58 | 00,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2009.12.29 17:43:58 | 00,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2009.12.29 17:43:58 | 00,327,680 | ---- | C] (On2.com Inc.) -- C:\WINDOWS\System32\vp6dec.ax
[2009.12.29 17:43:58 | 00,168,960 | ---- | C] (Xceed Software Inc. 1-450-442-2626 zip@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XCDZIP35.OCX
[2009.12.29 17:43:58 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2009.12.29 17:43:58 | 00,118,832 | ---- | C] (MicroQuill Software Publishing, Inc.) -- C:\WINDOWS\System32\SHW32.DLL
[2009.12.29 17:33:59 | 01,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2009.12.29 17:33:59 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2009.12.29 17:33:59 | 00,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2009.12.29 17:33:59 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2009.12.29 17:33:58 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2009.12.29 17:33:58 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2009.12.29 17:33:58 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2009.12.29 17:33:58 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2009.12.29 17:33:58 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2009.12.29 17:33:58 | 00,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2009.12.29 17:33:57 | 01,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll
[2009.12.29 17:33:57 | 00,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2009.12.29 17:33:57 | 00,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2009.12.29 17:33:57 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2009.12.29 17:33:57 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2009.12.29 17:33:57 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2009.12.29 17:33:56 | 01,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2009.12.29 17:33:56 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2009.12.29 17:33:56 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2009.12.29 17:33:56 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2009.12.29 17:33:56 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2009.12.29 17:33:56 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2009.12.29 17:33:56 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2009.12.29 17:33:56 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2009.12.29 17:33:56 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2009.12.29 17:33:56 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2009.12.29 17:33:56 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2009.12.29 17:33:56 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2009.12.29 17:33:55 | 00,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2009.12.29 17:33:55 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2009.12.29 17:33:55 | 00,063,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2009.12.29 17:33:54 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2009.12.29 17:33:54 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2009.12.29 17:33:54 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2009.12.29 17:33:54 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2009.12.29 17:33:54 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2009.12.29 17:33:54 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2009.12.29 17:33:54 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2009.12.29 17:33:54 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2009.12.29 17:33:54 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2009.12.29 17:33:53 | 01,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2009.12.29 17:33:53 | 01,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2009.12.29 17:33:53 | 00,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2009.12.29 17:33:53 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2009.12.29 17:33:53 | 00,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2009.12.29 17:33:53 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2009.12.29 17:33:53 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2009.12.29 17:33:53 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2009.12.29 17:33:53 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2009.12.29 17:33:53 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2009.12.29 17:33:53 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2009.12.29 17:33:53 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2009.12.29 17:33:53 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2009.12.29 17:33:53 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2009.12.29 17:33:53 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2009.12.29 17:33:52 | 00,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2009.12.29 15:45:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Data aplikací\Mozilla
[2009.12.27 10:16:35 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2009.12.27 09:24:32 | 00,409,600 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009.12.27 09:24:32 | 00,086,016 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2009.12.27 09:23:16 | 00,005,632 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\Entech64.sys
[2009.12.27 09:11:31 | 00,021,664 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\Entech.sys
[2009.12.27 09:11:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2009.12.24 00:10:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Data aplikací\skypePM
[2009.12.24 00:09:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Data aplikací\Skype
[2009.12.24 00:09:00 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009.12.24 00:08:59 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009.12.24 00:08:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2009.12.23 22:27:44 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009.12.23 22:27:44 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009.12.23 22:27:44 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009.12.23 22:27:44 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009.12.23 22:27:44 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009.12.23 22:27:33 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009.12.23 22:27:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Data aplikací\Sun
[2009.12.23 18:45:11 | 00,000,000 | ---D | C] -- C:\Program Files\Sierra
[2009.12.19 16:36:44 | 00,000,000 | ---D | C] -- C:\Fraps
[2009.12.19 11:31:40 | 00,000,000 | ---D | C] -- C:\Program Files\PJsoft
[2009.12.19 11:30:12 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009.12.19 00:10:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Data aplikací\USBSafelyRemove
[2009.12.19 00:10:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\USBSRService
[2009.12.16 22:46:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.16 22:46:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Governor of Poker
[2009.12.16 22:46:41 | 00,000,000 | ---D | C] -- C:\Program Files\Governor of Poker
[2009.12.16 11:05:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009.12.15 23:46:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Dokumenty\My Games
[2009.12.15 23:39:30 | 00,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2009.12.15 22:48:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\feryking\Local Settings\Data aplikací\Adobe
[2009.12.15 22:47:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Adobe
[2009.12.15 22:47:46 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009.12.15 22:47:46 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009.12.13 17:28:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.12.11 18:58:44 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2009.12.11 18:58:44 | 00,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2009.12.11 18:58:44 | 00,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2009.12.11 17:38:15 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\feryking\Data aplikací\pcouffin.sys
[2009.12.11 16:08:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.12.11 16:06:08 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.12.11 16:06:08 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.01.14 17:13:03 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\feryking\Plocha\OTL.exe
[2010.01.14 17:09:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.14 17:08:23 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.01.14 17:01:42 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.14 17:01:20 | 00,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.01.14 17:01:20 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.14 17:01:17 | 00,011,493 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.01.14 16:44:41 | 03,076,096 | ---- | M] () -- C:\Documents and Settings\feryking\NTUSER.DAT
[2010.01.14 16:44:34 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\feryking\ntuser.ini
[2010.01.14 16:44:28 | 04,810,374 | -H-- | M] () -- C:\Documents and Settings\feryking\Local Settings\Data aplikací\IconCache.db
[2010.01.14 16:35:25 | 00,182,581 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Bez názvu.JPG
[2010.01.14 15:32:59 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.01.14 15:18:13 | 00,000,000 | ---- | M] () -- C:\cmldr
[2010.01.14 15:14:48 | 03,824,871 | R--- | M] () -- C:\Documents and Settings\feryking\Plocha\ComboFix.exe
[2010.01.14 14:23:12 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.01.14 14:22:56 | 05,115,832 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\feryking\Plocha\mbam-setup.exe
[2010.01.14 14:18:57 | 00,021,959 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Nezvratny osud.4.2009.torrent
[2010.01.14 04:17:49 | 00,001,762 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[2010.01.13 18:16:39 | 00,001,487 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ6.5.lnk
[2010.01.13 18:11:48 | 17,001,848 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\feryking\Plocha\install_icq65.exe
[2010.01.13 17:49:16 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\RSIT.exe
[2010.01.13 17:38:27 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\feryking\Plocha\HijackThis.exe
[2010.01.13 17:03:56 | 00,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF7806.exe
[2010.01.13 16:42:42 | 00,005,164 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\O&amp
[2010.01.13 13:30:44 | 00,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.01.13 07:35:23 | 00,001,899 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\THE SETTLERS - Vzestup říše - Východní království.lnk
[2010.01.13 07:33:15 | 00,001,884 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\THE SETTLERS - Vzestup říše.lnk
[2010.01.13 07:33:11 | 00,278,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.01.13 07:33:10 | 00,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.01.13 06:50:28 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.01.13 06:42:16 | 00,013,104 | ---- | M] () -- C:\Documents and Settings\feryking\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.01.13 06:41:25 | 00,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.01.12 18:13:03 | 00,002,667 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\WinRAR.3.90.CZ-SK.x32-x64.Incl.Keygen-FFF.torrent
[2010.01.12 16:21:02 | 00,032,683 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\The Settlers 6 Gold CZ.torrent
[2010.01.11 19:55:06 | 00,003,702 | ---- | M] () -- C:\Documents and Settings\feryking\Dokumenty\pinfect.zip
[2010.01.11 19:39:56 | 00,000,054 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.01.11 16:58:27 | 00,845,463 | ---- | M] () -- C:\Documents and Settings\feryking\Dokumenty\CrashMiniDump3624.dmp
[2010.01.10 06:34:00 | 00,020,958 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Vancouver_2010-Razor1911.torrent
[2010.01.09 20:10:23 | 00,024,555 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Hanebny.pancharti.2009.DVDR.CZ-DeBpuTa.torrent
[2010.01.09 20:10:02 | 00,028,162 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Unos.vlaku.123.DVDR.CZ.DVD5.torrent
[2010.01.09 11:16:42 | 00,000,582 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.09 11:11:40 | 00,086,016 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.01.08 22:24:14 | 00,009,216 | ---- | M] () -- C:\Documents and Settings\feryking\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.08 13:09:39 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.01.07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.01.07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.12.31 14:35:42 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009.12.31 14:35:42 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009.12.31 14:33:32 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009.12.31 14:33:08 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009.12.31 10:35:50 | 00,001,630 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Puzzle Quest.lnk
[2009.12.31 10:35:49 | 00,409,600 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009.12.27 10:16:35 | 00,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2009.12.27 08:07:21 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\feryking\default.pls
[2009.12.23 22:27:36 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009.12.23 22:27:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009.12.23 22:27:36 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009.12.23 22:27:36 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009.12.23 22:27:36 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009.12.23 18:48:56 | 00,004,420 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009.12.23 18:45:13 | 00,001,469 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spustit hru Caesar IV!.lnk
[2009.12.19 21:02:43 | 00,316,113 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\img_0289.jpg
[2009.12.19 16:36:45 | 00,000,478 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Fraps.lnk
[2009.12.19 16:27:27 | 00,002,473 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\PJsoft InfoMapa - Home Edition - mapa Prahy a ČR 2010 Special.lnk
[2009.12.19 11:41:51 | 00,025,574 | ---- | M] () -- C:\WINDOWS\IM17HE.CFG
[2009.12.16 22:46:45 | 00,001,678 | ---- | M] () -- C:\Documents and Settings\feryking\Plocha\Governor of Poker.lnk
[2009.12.16 11:19:02 | 00,978,014 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.12.16 11:19:02 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.12.16 11:19:02 | 00,428,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2009.12.16 11:19:02 | 00,077,872 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2009.12.16 11:19:02 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.12.15 23:45:16 | 00,001,844 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\The Saboteur™.lnk
[2009.12.15 22:47:55 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 8.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.01.14 16:35:25 | 00,182,581 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Bez názvu.JPG
[2010.01.14 16:25:08 | 03,824,871 | R--- | C] () -- C:\Documents and Settings\feryking\Plocha\ComboFix.exe
[2010.01.14 15:18:16 | 00,000,000 | ---- | C] () -- C:\cmldr
[2010.01.14 14:23:12 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.01.14 14:18:56 | 00,021,959 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Nezvratny osud.4.2009.torrent
[2010.01.14 07:06:34 | 00,011,493 | ---- | C] () -- C:\WINDOWS\System32\oodbs.lor
[2010.01.14 04:17:49 | 00,001,762 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[2010.01.13 18:16:39 | 00,001,487 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ6.5.lnk
[2010.01.13 17:49:16 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\RSIT.exe
[2010.01.13 17:09:36 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.01.13 17:09:36 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.01.13 17:09:36 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.01.13 17:09:36 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.01.13 17:09:36 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.01.13 16:42:42 | 00,005,164 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\O&amp
[2010.01.13 07:35:23 | 00,001,899 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\THE SETTLERS - Vzestup říše - Východní království.lnk
[2010.01.13 07:33:15 | 00,001,884 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\THE SETTLERS - Vzestup říše.lnk
[2010.01.13 07:33:11 | 00,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.01.13 07:33:10 | 00,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.01.13 06:50:27 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.01.12 16:21:02 | 00,032,683 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\The Settlers 6 Gold CZ.torrent
[2010.01.11 19:55:06 | 00,003,702 | ---- | C] () -- C:\Documents and Settings\feryking\Dokumenty\pinfect.zip
[2010.01.11 19:34:42 | 00,000,054 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.01.11 16:58:26 | 00,845,463 | ---- | C] () -- C:\Documents and Settings\feryking\Dokumenty\CrashMiniDump3624.dmp
[2010.01.10 06:51:55 | 00,002,667 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\WinRAR.3.90.CZ-SK.x32-x64.Incl.Keygen-FFF.torrent
[2010.01.10 06:34:00 | 00,020,958 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Vancouver_2010-Razor1911.torrent
[2010.01.09 20:10:23 | 00,024,555 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Hanebny.pancharti.2009.DVDR.CZ-DeBpuTa.torrent
[2010.01.09 20:10:01 | 00,028,162 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Unos.vlaku.123.DVDR.CZ.DVD5.torrent
[2009.12.31 14:33:08 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009.12.31 10:35:50 | 00,001,630 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Puzzle Quest.lnk
[2009.12.29 17:33:59 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.12.29 17:33:59 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2009.12.29 17:33:59 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2009.12.29 17:33:59 | 00,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2009.12.29 17:33:59 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2009.12.29 17:33:59 | 00,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2009.12.29 17:33:57 | 00,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2009.12.29 17:33:57 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2009.12.29 17:33:57 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2009.12.29 17:33:57 | 00,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2009.12.29 17:33:57 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2009.12.27 10:16:34 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2009.12.27 09:23:16 | 00,006,173 | ---- | C] () -- C:\WINDOWS\System32\drivers\Entech.vxd
[2009.12.27 09:11:31 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2009.12.24 00:09:01 | 00,002,283 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2009.12.23 22:44:17 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\feryking\default.pls
[2009.12.23 18:45:13 | 00,001,469 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spustit hru Caesar IV!.lnk
[2009.12.19 21:02:43 | 00,316,113 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\img_0289.jpg
[2009.12.19 16:36:45 | 00,000,478 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Fraps.lnk
[2009.12.19 11:41:51 | 00,025,574 | ---- | C] () -- C:\WINDOWS\IM17HE.CFG
[2009.12.19 11:33:33 | 00,002,473 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\PJsoft InfoMapa - Home Edition - mapa Prahy a ČR 2010 Special.lnk
[2009.12.18 23:51:24 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.16 22:46:45 | 00,001,678 | ---- | C] () -- C:\Documents and Settings\feryking\Plocha\Governor of Poker.lnk
[2009.12.15 23:45:16 | 00,001,844 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\The Saboteur™.lnk
[2009.12.15 22:47:55 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 8.lnk
[2009.12.15 12:23:58 | 00,000,073 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.12.15 12:21:20 | 00,000,326 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.12.11 18:58:46 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2009.12.11 18:58:46 | 00,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2009.12.11 18:58:45 | 00,331,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2009.12.11 18:22:04 | 00,009,216 | ---- | C] () -- C:\Documents and Settings\feryking\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 17:38:31 | 00,000,034 | ---- | C] () -- C:\Documents and Settings\feryking\Data aplikací\pcouffin.log
[2009.12.11 17:38:15 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\feryking\Data aplikací\inst.exe
[2009.12.11 17:38:15 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\feryking\Data aplikací\pcouffin.cat
[2009.12.11 17:38:14 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\feryking\Data aplikací\pcouffin.inf
[1996.04.03 20:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010.01.13 06:36:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.01.13 17:26:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tages
[2010.01.09 11:07:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.01.11 17:47:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.12.19 00:10:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\USBSRService
[2009.12.11 18:14:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.12.11 17:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\feryking\Data aplikací\DAEMON Tools
[2010.01.13 18:16:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\feryking\Data aplikací\ICQ
[2010.01.11 17:47:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\feryking\Data aplikací\TuneUp Software
[2009.12.19 00:10:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\feryking\Data aplikací\USBSafelyRemove
[2010.01.14 14:51:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\feryking\Data aplikací\uTorrent
[2009.12.11 17:38:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\feryking\Data aplikací\Vso

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:7E0EFF7B
< End of report >

[feryking]

OTL Extras logfile created on: 14.1.2010 17:14:19 - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Documents and Settings\feryking\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 48,83 Gb Free Space | 50,01% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 46,72 Gb Free Space | 23,31% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FERYKING-3CA06C
Current User Name: feryking
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\feryking\Data aplikací\uTorrent\utorrent.exe" = C:\Documents and Settings\feryking\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe" = C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Vzestup říše -- (Blue Byte GmbH)
"C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\extra1\bin\Settlers6.exe" = C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\extra1\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Vzestup říše - Východní království -- (Blue Byte GmbH)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- (ICQ, LLC.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{090765EE-74A0-4ABB-9B15-4C1F80AB3E10}" = Catalyst Control Center Graphics Full Existing
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{2344785A-7020-4EB9-B8B8-7AAF52FB166C}" = PJsoft InfoMapa - Home Edition - mapa Prahy a ČR 2010 Special
"{2576C501-677F-3206-C73C-E4F90F9433C4}" = ccc-core-preinstall
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390B21DF-7C00-8CE2-B205-B199BADCC4B7}" = Catalyst Control Center Graphics Previews Common
"{4C35A5B5-940E-B44D-1ADA-52F1FE501FC7}" = Catalyst Control Center Graphics Full New
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Ultra Edition
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66B4E395-38E3-D233-FB72-EB81DF545985}" = Catalyst Control Center Graphics Light
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{768F22DC-2D20-4F52-A9A1-5E231FB7F752}" = Logitech Gaming Software 5.04
"{862546CA-19C6-4D42-A6EB-352820682FA3}" = VideoCAM Messenger
"{8913BD67-274C-0581-203B-9DA14CE43175}" = ccc-core-static
"{92C7D009-A464-4948-A980-7A3E28CB2F49}" = Richard Burns Rally
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A79E6F7D-002A-9B6C-7CB9-60CED94201DA}" = CCC Help English
"{AC76BA86-7AD7-1029-7B44-A81000000003}" = Adobe Reader 8.1.0 - Czech
"{B7666229-351B-47D9-AA6F-DF777CF04BBF}" = Caesar IV
"{C05B1D21-D5B2-4126-87FE-E458616965E6}" = O&O Defrag Professional
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = THE SETTLERS - Vzestup říše (všechny produkty)
"{DB5443C9-A1C7-302A-1C1D-E24191B0E63D}" = Catalyst Control Center HydraVision Full
"{E17E6A29-9FC8-30D8-8A33-0614F616A552}" = Catalyst Control Center Core Implementation
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE6D6D42-6AE2-A259-F8C2-193CCE10C569}" = ccc-utility
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"Caesar 3" = Caesar 3
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"DVDFab 6_is1" = DVDFab 6.2.0.5 (11/11/2009)
"Fraps" = Fraps (remove only)
"Governor of Poker1.5.0.0" = Governor of Poker
"HijackThis" = HijackThis 2.0.2
"hp deskjet 656c series" = hp deskjet 656c series (Pouze odstranit)
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OpenAL" = OpenAL
"Puzzle Quest1.01" = Puzzle Quest
"RBRHradek" = RBR Hradek (remove only)
"RBRPribram1" = RBR Pribram (remove only)
"RBRPribram2" = RBR Pribram 2 (remove only)
"RBRProspectRidge2A" = RBR Prospect Ridge 2A (remove only)
"RBRPTDRallySprint11" = RBR PTD RallySprint 1.1 (remove only)
"RBRReversedTracks" = RBR Reversed Tracks (remove only)
"RBRSchool2" = RBR School stage 2 (remove only)
"RBRSosnova" = RBR Sosnova (remove only)
"RBRTM" = RBR Tournament plugin (remove only)
"Sierra Utilities" = Sierra Utilities
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 27.12.2009 18:26:37 | Computer Name = FERYKING-3CA06C | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\e99f3bd0f200acbb7025\mrtstub.exe failed, 00000005.

Error - 11.1.2010 14:07:53 | Computer Name = FERYKING-3CA06C | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\feryking\Local Settings\Temporary Internet Files\Content.IE5\09Y70X23\monster36[1].jpg
failed, 0000A420.

Error - 12.1.2010 15:25:38 | Computer Name = FERYKING-3CA06C | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu aswar scan function failed!, funkce
C0000005.

Error - 13.1.2010 12:01:43 | Computer Name = FERYKING-3CA06C | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: Aavm: FetchGlobalCounters cannot open
mapping - server DOWN???, 00000002.

[ Application Events ]
Error - 14.1.2010 9:17:52 | Computer Name = FERYKING-3CA06C | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.3603 - Fatal Execution Engine Error
(7A09795E) (80131506)

Error - 14.1.2010 9:17:55 | Computer Name = FERYKING-3CA06C | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application ccc.exe, version 2.0.0.0, stamp 49ef8e09, faulting
module mscorwks.dll, version 2.0.50727.3603, stamp 4a7cd88e, debug? 0, fault address
0x001078aa.

Error - 14.1.2010 10:12:19 | Computer Name = FERYKING-3CA06C | Source = ESENT | ID = 474
Description = wuauclt (2472) Ověření načtení stránky databáze ze souboru C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
na posunu 3649536 (0x000000000037b000) o velikosti 4096 (0x00001000) bajtů se nezdařilo.
Došlo k neshodě kontrolního součtu stránky. Byl očekáván kontrolní součet 1202471002
(0x47ac405a), ale skutečný kontrolní součet byl 1202471006 (0x47ac405e). Operace
čtení se nezdaří a dojde k chybě -1018 (0xfffffc06). Pokud potíže potrvají, obnovte
databázi ze záložní kopie.

Error - 14.1.2010 10:18:13 | Computer Name = FERYKING-3CA06C | Source = Application Error | ID = 1000
Description = Chybující aplikace extract.cfxxe, verze 0.0.0.0, chybující modul crtdll.dll,
verze 4.0.1183.1, adresa chyby 0x000115ce.

Error - 14.1.2010 10:48:10 | Computer Name = FERYKING-3CA06C | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.3603 - Fatal Execution Engine Error
(7A09795E) (80131506)

Error - 14.1.2010 10:48:10 | Computer Name = FERYKING-3CA06C | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.3603 - Fatal Execution Engine Error
(7A09795E) (80131506)

Error - 14.1.2010 10:48:11 | Computer Name = FERYKING-3CA06C | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.3603 - Fatal Execution Engine Error
(7A09795E) (80131506)

Error - 14.1.2010 10:48:15 | Computer Name = FERYKING-3CA06C | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application ccc.exe, version 2.0.0.0, stamp 49ef8e09, faulting
module mscorwks.dll, version 2.0.50727.3603, stamp 4a7cd88e, debug? 0, fault address
0x000f4631.

Error - 14.1.2010 10:48:16 | Computer Name = FERYKING-3CA06C | Source = .NET Runtime | ID = 1023
Description = .NET Runtime version 2.0.50727.3603 - Fatal Execution Engine Error
(7A09795E) (80131506)

Error - 14.1.2010 11:18:07 | Computer Name = FERYKING-3CA06C | Source = Application Error | ID = 1000
Description = Chybující aplikace pev.cfxxe, verze 0.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.5755, adresa chyby 0x00001278.

[ System Events ]
Error - 11.1.2010 14:38:13 | Computer Name = FERYKING-3CA06C | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 11.1.2010 14:53:27 | Computer Name = FERYKING-3CA06C | Source = i8042prt | ID = 327714
Description = Při pokusu o zjištění počtu tlačítek myši došlo k chybě.

Error - 11.1.2010 14:59:33 | Computer Name = FERYKING-3CA06C | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd

Error - 11.1.2010 15:54:00 | Computer Name = FERYKING-3CA06C | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek C: spustit nástroj chkdsk.

Error - 12.1.2010 9:29:29 | Computer Name = FERYKING-3CA06C | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd

Error - 12.1.2010 9:39:05 | Computer Name = FERYKING-3CA06C | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek C: spustit nástroj chkdsk.

Error - 12.1.2010 11:19:36 | Computer Name = FERYKING-3CA06C | Source = i8042prt | ID = 327721
Description = Při zapnutí přenosu informací myší došlo k chybě. Zařízení bylo resetováno,
aby se zajistila jeho funkčnost.

Error - 13.1.2010 8:39:12 | Computer Name = FERYKING-3CA06C | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.

Error - 14.1.2010 2:06:53 | Computer Name = FERYKING-3CA06C | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd

Error - 14.1.2010 9:17:23 | Computer Name = FERYKING-3CA06C | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd


< End of report >

[Damned]

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Pokud ti nepůjde tak najdi a smaž:
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
a Combofix.exe
Pak si stáhni OTCleanIt.
- Připoj se k internetu a dvojklikem spusť program
- Klikni na tlačítko CleanUp
- Po dokončení povol restart PC
- Po restartu tento nástroj smaž - není určen pro běžné používání
*****************************************************************************************************************************************
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
DRV - (catchme) -- File not found
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Fraps\RichardBurnsRally_SSE 2009-11-04 12-23-55-70.bmp
O24 - Desktop BackupWallPaper: D:\Fraps\RichardBurnsRally_SSE 2009-11-04 12-23-55-70.bmp
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:7E0EFF7B

:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\tasks\SA.DAT
C:\Documents and Settings\feryking\Plocha\WinRAR.3.90.CZ-SK.x32-x64.Incl.Keygen-FFF.torrent
C:\Documents and Settings\feryking\Dokumenty\pinfect.zip
C:\Documents and Settings\feryking\Dokumenty\CrashMiniDump3624.dmp
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:7E0EFF7B

:Reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah

[feryking]

Dobry den. Tak jsem to musel vcera ukoncit. Uz nenabehl system. Furt se obevovala modra smrt. Tak jsem preinstaloval windows, ale furt to pise ze naky soubor je necitelny nebo púoskozeny a at spustim pomucku chkds. Cim by to mohlo bejt? Disk nemam zas tak stary!

[Damned]

Vyfoť tu hlášku a přilož sem jako přílohu. Pokud jsi provedl formát-> Nový instal, může být na vině pouze nesprávná instalace.

[feryking]

Dobry den. Je to divne ale zatim to neresetovalo pc. Az to resetne tak vyfotim modrou obrazovku. Ale furt to kontroluje disk a kdyz neco stahnu tak to nejde nainstalovat a pise to at to stahnu znova

[Damned]

Pokud si provedl formát-->instal (t.j. nová instalace Windows na čistý disk), tak se systém mohl jen nesprávně nainstalovat.

Vyfoť, nějak to pořešíme

[feryking]

tak tady to je

[Damned]

Určitě si provedl formát disku a nový instal OS? Ta chyba se vyskytuje doopravdy (co jsem tedy našel) jen s vypalováním cd a ty si tam měl virtual vypalování.