Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Po restartu, vše jak před dvěma dny... pls. Help

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#16 Příspěvek od Spo.On »

šeTak zas nic, log je čistej.... ccleaner sice něco našel a vymazal, ale po restartu v zas jak před tím.
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 3970

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

9.4.2010 14:49:29
mbam-log-2010-04-09 (14-49-29).txt

Typ skenu: Rychlý sken
Skenované objekty: 99660
Uplynulý čas: 4 minuta(y), 22 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Po restartu, vše jak před dvěma dny... pls. Help

#17 Příspěvek od motji »

A jinak počítač funguje normálně? Nebo zlobí? Pouze jen co uložíte, tak po restartu je beze změn?


:arrow: Stáhněte OTL PE
http://oldtimer.geekstogo.com/OTLPE.iso resp. http://ottools.noahdfear.net/OTLPE.iso
(rychlejsi download http://naughty.7u.cz/liveCD/OTLPE.iso , není tak často aktualizován)

-vypalte Image obrazu v Neru nebo jiném vypalovacím programu.
- Vložte vypálené cd do počítače, restartujte počítač a nabootujte z Cd (předtím musíte v Biose nastavit bootování z cd romky)

-po naběhnutí bude na ploše ikona OTL, spusťte ji
-log z OTL vložte zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#18 Příspěvek od Spo.On »

Tak jsem stáhnul ten rychlej a když ho rozbalím tam tam žádné iso není.... zkouším stáhnout ten druhý...
PC jede celkem v pořádku jen je trochu zpomalený a nejde změnit čas a datum...
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Po restartu, vše jak před dvěma dny... pls. Help

#19 Příspěvek od motji »

Možná to bude souviset s tím časem :o .
Zkuste ten druhý odkaz a uvidíme.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#20 Příspěvek od Spo.On »

Promiňte, včera se to nějak zadrhlo a já sem se k tomu dostal až teď..

OTL logfile created on: 4/10/2010 10:49:25 AM - Run
OTLPE by OldTimer - Version 3.1.37.1 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 179.54 Gb Free Space | 38.55% Space Free | Partition Type: NTFS
Drive D: | 1.90 Gb Total Space | 1.43 Gb Free Space | 75.37% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2009/08/05 12:38:58 | 001,056,256 | ---- | M] (Faronics Corporation) [Auto] -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe -- (DFServ)
SRV - [2009/02/10 12:01:49 | 000,116,104 | ---- | M] () [Auto] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/07/11 14:00:06 | 000,080,392 | ---- | M] () [Auto] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2007/12/31 19:17:50 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2007/12/31 19:17:35 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (cpuz130)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/04/04 03:37:13 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010/04/02 03:20:43 | 000,024,944 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2010/03/20 15:00:55 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\etdrv.sys -- (etdrv)
DRV - [2010/01/25 13:51:18 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/01/25 13:51:18 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/12/19 09:42:37 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/08/05 12:48:02 | 000,152,472 | ---- | M] (Faronics Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DeepFrz.sys -- (DeepFrz)
DRV - [2009/05/24 19:00:00 | 000,026,736 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009/02/22 19:16:22 | 000,007,168 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys -- (AODDriver)
DRV - [2008/12/12 10:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008/12/12 10:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008/08/02 00:20:00 | 006,121,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/06/16 03:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/04/13 17:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/12/31 19:18:01 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2007/12/31 19:17:57 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2007/12/31 19:17:33 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2006/11/03 03:32:30 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2001/08/17 15:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/03/13 13:35:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/04 03:29:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/04 03:29:53 | 000,000,000 | ---D | M]

[2009/12/19 15:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\mozilla\Extensions
[2010/04/04 03:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\mozilla\Firefox\Profiles\devn4wnd.default\extensions
[2010/01/25 13:42:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Data aplikací\mozilla\Firefox\Profiles\devn4wnd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/04 03:48:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/11 09:19:23 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/03/11 16:15:05 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/03/11 16:15:05 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/03/11 16:15:05 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/03/11 16:15:05 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/03/11 16:15:05 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001/10/25 09:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe File not found
O4 - HKLM..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe ()
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESMART.EXE (ITE Tech. Inc.)
O4 - HKU\Administrator_ON_C..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\Administrator_ON_C..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe File not found
O4 - HKU\Administrator_ON_C..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\GIGABYTE Gamer HUD.lnk = File not found
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\MemSet.exe.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\forteManager.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\DfLogon: DllName - LogonDll.dll - C:\WINDOWS\System32\LogonDll.dll ()
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/19 14:19:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/02/27 15:15:34 | 000,000,220 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1eac458e-1499-11df-ae3c-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{1eac458e-1499-11df-ae3c-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{1eac458e-1499-11df-ae3c-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e8-eee8-11de-b94a-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e8-eee8-11de-b94a-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e8-eee8-11de-b94a-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e9-eee8-11de-b94a-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e9-eee8-11de-b94a-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e9-eee8-11de-b94a-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{51a8d543-ecd2-11de-acc2-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{51a8d543-ecd2-11de-acc2-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\{f18edcd6-082e-11df-ade7-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd6-082e-11df-ade7-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd6-082e-11df-ade7-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd7-082e-11df-ade7-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd7-082e-11df-ade7-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd7-082e-11df-ade7-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk /k:C *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/04 11:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Faronics
[2010/04/04 05:20:34 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscomctl.ocx
[2010/04/04 05:20:34 | 000,118,784 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msstdfmt.dll
[2010/04/04 05:20:34 | 000,102,912 | R--- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\Ntport.dll
[2010/04/04 05:20:34 | 000,006,080 | ---- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys
[2010/04/04 05:20:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64
[2010/04/04 05:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\ITE
[2010/04/04 04:59:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\4A Games
[2010/04/04 04:53:49 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010/04/04 04:53:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010/04/04 04:53:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010/04/04 04:53:48 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010/04/04 04:53:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/04/04 04:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\METRO 2033
[2010/04/04 03:23:56 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/04/03 11:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/04/03 05:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\4A Games
[2010/04/03 04:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010/04/03 03:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/04/02 16:30:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Plocha\Games
[2010/04/02 16:12:25 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010/04/02 16:07:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\NV3676340.TMP
[2010/04/02 15:43:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2010/04/02 15:43:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010/04/02 15:43:20 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010/04/02 15:43:20 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2010/04/02 15:43:20 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010/04/02 15:43:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2010/04/02 15:43:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010/04/02 15:42:01 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irsir.sys
[2010/04/02 15:42:01 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/04/02 06:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\I96PD205
[2010/04/02 06:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Awd890
[2010/03/30 11:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\DCIM
[2010/03/30 08:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\metro
[2010/03/28 04:21:39 | 000,000,000 | ---D | C] -- C:\RAR
[2010/03/19 14:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Skály
[2010/03/16 11:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\BFBC2
[2010/03/15 21:37:50 | 013,570,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010/03/15 21:37:50 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010/03/15 21:37:50 | 000,143,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2010/03/15 21:37:50 | 000,086,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010/03/15 21:37:44 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010/03/15 14:56:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2010/03/15 14:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\BRS
[2010/03/15 14:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010/03/14 13:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2010/03/12 09:32:40 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010/03/12 09:32:39 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010/03/12 09:32:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010/03/12 09:32:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010/03/12 09:32:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010/03/11 15:39:35 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/04 11:07:52 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/04/04 11:07:52 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/04 11:07:44 | 000,607,848 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010/04/04 11:07:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/04 11:07:38 | 004,194,304 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/04 11:07:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/04/04 11:07:16 | 016,336,546 | ---- | M] () -- C:\Persi0.sys
[2010/04/04 11:06:02 | 005,382,270 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\4thApril Passes.zip
[2010/04/04 11:04:17 | 058,530,994 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/04/04 10:26:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/04 03:37:15 | 000,263,851 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/04/04 03:37:13 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010/04/04 03:32:11 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/04 03:32:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/04 03:32:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstet.dat
[2010/04/04 03:18:23 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/04 03:18:23 | 000,428,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010/04/04 03:18:23 | 000,077,872 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010/04/04 03:18:23 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/03 07:19:23 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/03 03:49:18 | 000,008,410 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/04/02 16:04:46 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/02 03:20:43 | 000,024,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2010/04/02 03:20:42 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\GVTunner.ref
[2010/03/30 11:03:22 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/29 12:48:21 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/03/25 14:36:06 | 000,012,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\vtip.odt
[2010/03/20 15:00:55 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\etdrv.sys
[2010/03/16 02:51:59 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/03/16 02:51:59 | 000,025,695 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/03/16 02:51:59 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/03/15 21:37:34 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010/03/15 11:34:18 | 001,020,388 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/12 10:05:08 | 000,393,733 | ---- | M] () -- C:\AnalysisLog.sr0
[2010/03/11 14:05:42 | 000,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/04 11:07:11 | 016,336,546 | ---- | C] () -- C:\Persi0.sys
[2010/04/04 11:07:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\LogonDll.dll
[2010/04/04 11:04:22 | 005,382,270 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\4thApril Passes.zip
[2010/04/04 05:20:34 | 000,046,080 | R--- | C] () -- C:\WINDOWS\System32\itevio.dll
[2010/04/04 05:20:34 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\drivers\a.bat
[2010/04/03 03:49:18 | 000,008,410 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/04/02 16:08:01 | 000,198,941 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2010/04/02 11:42:13 | 004,194,304 | ---- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/02 11:42:13 | 000,233,472 | ---- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/03/25 14:36:06 | 000,012,783 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\vtip.odt
[2010/03/21 04:06:22 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\GVTunner.ref
[2010/03/15 21:37:34 | 000,263,851 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/15 21:37:34 | 000,066,714 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010/03/12 10:04:59 | 000,393,733 | ---- | C] () -- C:\AnalysisLog.sr0
[2010/01/25 11:38:09 | 000,607,848 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009/12/23 14:38:28 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/23 14:38:28 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/12/23 14:01:41 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/22 17:06:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Bench32.INI
[2009/12/20 09:42:41 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\NxExtensions.dll
[2009/12/19 16:07:46 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/12/19 16:07:46 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\PnkBstrK.sys
[2009/12/19 16:07:27 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/12/19 14:55:28 | 000,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2009/12/19 14:45:00 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/12/19 14:45:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/11/06 05:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/05/21 00:24:48 | 000,001,683 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/08/02 00:20:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/08/02 00:20:00 | 001,499,136 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/08/02 00:20:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/08/02 00:20:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/08/02 00:20:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/06/27 16:49:42 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2004/06/27 14:15:12 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010/02/07 08:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2009/12/23 14:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\avidemux
[2010/02/06 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2010/04/04 03:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010/02/11 17:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DassaultSystemes
[2010/02/11 09:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2010/01/23 11:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2010/02/21 05:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\gtk-2.0
[2009/12/30 12:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2010/01/24 11:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010/03/14 13:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2009/12/20 09:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2010/01/04 17:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2009/12/28 14:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\QIP
[2010/02/10 07:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViGlance
[2010/02/10 07:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViSplore
[2010/02/10 07:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViStart

========== Purity Check ==========


< End of report >
[2010/04/04 11:07:52 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/04/04 11:07:52 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/04 11:07:44 | 000,607,848 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010/04/04 11:07:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/04 11:07:38 | 004,194,304 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/04 11:07:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/04/04 11:06:02 | 005,382,270 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\4thApril Passes.zip
[2010/04/04 11:04:17 | 058,530,994 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/04/04 10:26:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/04 03:37:15 | 000,263,851 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/04/04 03:37:13 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010/04/04 03:32:11 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/04 03:32:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/04 03:32:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstet.dat
[2010/04/04 03:18:23 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/04 03:18:23 | 000,428,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010/04/04 03:18:23 | 000,077,872 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010/04/04 03:18:23 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/03 07:19:23 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/03 03:49:18 | 000,008,410 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/04/02 16:04:46 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/02 03:20:43 | 000,024,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2010/04/02 03:20:42 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\GVTunner.ref
[2010/03/30 11:03:22 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/29 12:48:21 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/03/25 14:36:06 | 000,012,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\vtip.odt
[2010/03/20 15:00:55 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\etdrv.sys
[2010/03/16 02:51:59 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/03/16 02:51:59 | 000,025,695 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/03/16 02:51:59 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/03/15 21:37:34 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010/03/15 11:34:18 | 001,020,388 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/11 14:05:42 | 000,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== LOP Check ==========

[2010/02/07 08:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2009/12/23 14:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\avidemux
[2010/02/06 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2010/04/04 03:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010/02/11 17:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DassaultSystemes
[2010/02/11 09:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2010/01/23 11:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2010/02/21 05:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\gtk-2.0
[2009/12/30 12:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2010/01/24 11:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010/03/14 13:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2009/12/20 09:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2010/01/04 17:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2009/12/28 14:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\QIP
[2010/02/10 07:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViGlance
[2010/02/10 07:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViSplore
[2010/02/10 07:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViStart

========== Purity Check ==========



< End of report >
[2010/04/04 11:07:52 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/04/04 11:07:52 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/04 11:07:44 | 000,607,848 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010/04/04 11:07:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/04 11:07:38 | 004,194,304 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/04 11:07:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/04/04 11:07:06 | 000,000,000 | ---D | M] -- C:\Program Files\Faronics
[2010/04/04 11:06:02 | 005,382,270 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\4thApril Passes.zip
[2010/04/04 10:26:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/04 09:10:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2010/04/04 07:32:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/04/04 05:20:33 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/04/04 05:20:33 | 000,000,000 | ---D | M] -- C:\Program Files\ITE
[2010/04/04 04:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\4A Games
[2010/04/04 04:59:10 | 000,000,000 | ---D | M] -- C:\Program Files\METRO 2033
[2010/04/04 04:55:49 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2010/04/04 04:55:48 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/04 03:37:13 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010/04/04 03:32:11 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/04 03:32:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/04 03:32:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstet.dat
[2010/04/04 03:28:39 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2010/04/04 03:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010/04/04 03:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Real
[2010/04/03 11:45:05 | 000,000,000 | ---D | M] -- C:\Program Files\Sophos
[2010/04/03 08:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft
[2010/04/03 07:19:23 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/03 03:49:18 | 000,008,410 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/04/02 16:12:25 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2010/03/31 15:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Temp
[2010/03/30 11:03:22 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/25 14:36:06 | 000,012,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\vtip.odt
[2010/03/20 15:00:55 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\etdrv.sys
[2010/03/17 16:59:42 | 000,000,000 | ---D | M] -- C:\Program Files\BRS
[2010/03/15 14:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Codemasters
[2010/03/14 16:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\dvdcss
[2010/03/14 13:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2010/03/12 10:25:54 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2010/02/24 13:17:08 | 000,346,296 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\IconCache.db
[2010/02/20 12:39:25 | 000,020,704 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009/12/19 16:07:46 | 000,022,328 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\PnkBstrK.sys
[2009/12/19 15:13:46 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini
[2006/06/29 09:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 09:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 10:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 10:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/04 11:07:52 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010/04/04 11:07:52 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/04/04 11:07:44 | 000,607,848 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010/04/04 11:07:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/04 11:07:38 | 004,194,304 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/04/04 11:07:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/04/04 11:07:16 | 016,336,546 | ---- | M] () -- C:\Persi0.sys
[2010/04/04 11:06:02 | 005,382,270 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\4thApril Passes.zip
[2010/04/04 11:04:17 | 058,530,994 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/04/04 10:26:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/04 03:37:15 | 000,263,851 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/04/04 03:37:13 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010/04/04 03:32:11 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/04 03:32:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/04 03:32:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstet.dat
[2010/04/04 03:18:23 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/04 03:18:23 | 000,428,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010/04/04 03:18:23 | 000,077,872 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010/04/04 03:18:23 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/03 07:19:23 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/04/03 03:49:18 | 000,008,410 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/04/02 16:04:46 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/02 03:20:43 | 000,024,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2010/04/02 03:20:42 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\GVTunner.ref
[2010/03/30 11:03:22 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/29 12:48:21 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/03/25 14:36:06 | 000,012,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\vtip.odt
[2010/03/20 15:00:55 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\etdrv.sys
[2010/03/16 02:51:59 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010/03/16 02:51:59 | 000,025,695 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/03/16 02:51:59 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/03/15 21:37:34 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010/03/15 11:34:18 | 001,020,388 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/12 10:05:08 | 000,393,733 | ---- | M] () -- C:\AnalysisLog.sr0
[2010/03/11 14:05:42 | 000,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== LOP Check ==========

[2010/02/07 08:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2009/12/23 14:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\avidemux
[2010/02/06 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2010/04/04 03:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010/02/11 17:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DassaultSystemes
[2010/02/11 09:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2010/01/23 11:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2010/02/21 05:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\gtk-2.0
[2009/12/30 12:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2010/01/24 11:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010/03/14 13:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2009/12/20 09:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2010/01/04 17:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2009/12/28 14:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\QIP
[2010/02/10 07:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViGlance
[2010/02/10 07:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViSplore
[2010/02/10 07:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViStart

========== Purity Check ==========



< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Po restartu, vše jak před dvěma dny... pls. Help

#21 Příspěvek od motji »

:arrow: Tyto složky znáte?
C:\Documents and Settings\Administrator\Plocha\I96PD205
C:\Documents and Settings\Administrator\Plocha\Awd890

:arrow: Otestujte na www.virustotal.com
C:\Persi0.sys
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#22 Příspěvek od Spo.On »

Ano, je to bios který sem před nedávnem flashoval... po odeslání souboru na otestování vyskočí: "0 bytes size received / Se ha recibido un archivo vacio"
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Po restartu, vše jak před dvěma dny... pls. Help

#23 Příspěvek od motji »

Vydržte chvilku, dám dohromady skript na mazání.
Ještě Vás poprosím


:arrow: Najděte soubor
C:\WINDOWS\System32\drivers\a.bat

-klikněte na něj pravým myšítkem :arrow: otevřít v notepadu :arrow: text vložte zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#24 Příspěvek od Spo.On »

Mělo by to být ono..
copy zntport.sys .\..\..\..\windows\system32\
pause
dir .\..\..\..\windows\system32\z*
pause
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Po restartu, vše jak před dvěma dny... pls. Help

#25 Příspěvek od motji »

Ten baták znáte? Dělal jste ho Vy?

Můžete se ještě podívat po této složce? Pokud ji muáte, co v ní je?
windows\system32\z
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#26 Příspěvek od Spo.On »

Ten neznám... windows\system32\z žádnou takovou složku sem nenašel..
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Po restartu, vše jak před dvěma dny... pls. Help

#27 Příspěvek od motji »

:arrow: Spustte OTL PE
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\System32\drivers\a.bat
C:\Persi0.sys

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1eac458e-1499-11df-ae3c-001fd02de8e2}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bca36e8-eee8-11de-b94a-001fd02de8e2}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bca36e9-eee8-11de-b94a-001fd02de8e2}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f18edcd6-082e-11df-ade7-001fd02de8e2}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f18edcd7-082e-11df-ade7-001fd02de8e2}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GEST"=-
nwiz"=-

:COMMANDS
[Reboot]
-klikněte na tlačítko Run fix.
-Následně se pc restartuje.
- Log vložte zde :)


A pak zkuste, jak to s pc vypadá. Budu tu ješte tak půl hodiny :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#28 Příspěvek od Spo.On »

Po restartu se objevila hláška že bylo PC vypnuto kvůly závažné chybě... to předtím nikdy nenapsalo..
čas, ale pořád nejde změnit
log:

OTL logfile created on: 10.4.2010 12:27:25 - Run
OTLPE by OldTimer - Version 3.1.37.1 Folder = D:\PROGRAMS\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 179,51 Gb Free Space | 38,54% Space Free | Partition Type: NTFS
Drive D: | 276,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1,90 Gb Total Space | 1,43 Gb Free Space | 75,37% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARTIN
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2009.08.05 18:38:58 | 001,056,256 | ---- | M] (Faronics Corporation) [Auto] -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe -- (DFServ)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.11 20:00:06 | 000,080,392 | ---- | M] () [Auto] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008.01.01 01:17:50 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2008.01.01 01:17:35 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (cpuz130)
DRV - [2010.04.10 13:25:08 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.04.02 09:20:43 | 000,024,944 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2010.03.20 21:00:55 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\etdrv.sys -- (etdrv)
DRV - [2010.01.25 19:51:18 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.01.25 19:51:18 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.12.19 15:42:37 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2009.08.05 18:48:02 | 000,152,472 | ---- | M] (Faronics Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\DeepFrz.sys -- (DeepFrz)
DRV - [2009.05.25 01:00:00 | 000,026,736 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009.02.23 01:16:22 | 000,007,168 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys -- (AODDriver)
DRV - [2008.12.12 16:27:46 | 000,018,432 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice)
DRV - [2008.12.12 16:27:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice)
DRV - [2008.08.02 06:20:00 | 006,121,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.06.16 09:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.04.13 23:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.01 01:18:01 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.01.01 01:17:57 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008.01.01 01:17:33 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2006.11.03 09:32:30 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2001.08.17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-790525478-842925246-725345543-500\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-790525478-842925246-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.03.13 19:35:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.10 12:26:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.10 12:26:37 | 000,000,000 | ---D | M]

[2010.04.04 09:48:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.02.11 15:19:23 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.04.10 12:26:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.10 12:26:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.10 12:26:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.10 12:26:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.10 12:26:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe File not found
O4 - HKLM..\Run: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETcall.exe ()
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESMART.EXE (ITE Tech. Inc.)
O4 - HKU\S-1-5-21-790525478-842925246-725345543-500..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKU\S-1-5-21-790525478-842925246-725345543-500..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe File not found
O4 - HKU\S-1-5-21-790525478-842925246-725345543-500..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\.gimp-2.6 [2010.04.03 09:49:21 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Administrator\.recently-used.xbel ()
O4 - Startup: C:\Documents and Settings\Administrator\.thumbnails [2010.02.11 18:06:54 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Cookies [2010.04.03 16:57:36 | 000,000,000 | --SD | M]
O4 - Startup: C:\Documents and Settings\Administrator\Data aplikací [2010.04.03 12:53:47 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Dokumenty [2010.04.03 11:27:03 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Local Settings [2010.01.25 19:37:20 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start [2009.12.26 20:49:28 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Administrator\ntuser.dat ()
O4 - Startup: C:\Documents and Settings\Administrator\ntuser.dat.LOG ()
O4 - Startup: C:\Documents and Settings\Administrator\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\Administrator\Oblíbené položky [2009.12.19 21:23:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Okolní síť [2010.04.01 13:29:50 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Okolní tiskárny [2009.12.19 21:13:46 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Plocha [2010.04.04 17:06:02 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Recent [2010.04.04 09:30:05 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Administrator\SendTo [2009.12.19 20:45:02 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Administrator\Šablony [2010.01.23 15:23:27 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Data aplikací [2010.03.15 20:59:05 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Dokumenty [2010.03.24 17:05:29 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\All Users\DRM [2010.01.18 19:06:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start [2010.02.16 16:31:37 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\All Users\Oblíbené položky [2009.12.19 21:13:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Plocha [2010.04.03 12:53:38 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Šablony [2009.12.20 15:26:12 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Cookies [2009.12.19 20:21:21 | 000,000,000 | --SD | M]
O4 - Startup: C:\Documents and Settings\Default User\Data aplikací [2009.12.19 21:13:46 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Dokumenty [2009.12.19 21:13:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Default User\Local Settings [2009.12.19 21:13:46 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Nabídka Start [2009.12.19 21:13:46 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Default User\NTUSER.DAT ()
O4 - Startup: C:\Documents and Settings\Default User\NTUSER.DAT.LOG ()
O4 - Startup: C:\Documents and Settings\Default User\Oblíbené položky [2009.12.19 21:13:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Default User\Okolní síť [2009.12.19 21:13:46 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Okolní tiskárny [2009.12.19 21:13:46 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Plocha [2009.12.19 21:13:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Default User\Recent [2009.12.19 21:13:46 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\SendTo [2009.12.19 20:19:20 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Šablony [2009.12.19 20:17:45 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\LocalService\Cookies [2009.12.19 20:26:42 | 000,000,000 | --SD | M]
O4 - Startup: C:\Documents and Settings\LocalService\Data aplikací [2009.12.19 20:26:41 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\LocalService\Local Settings [2009.12.19 20:26:41 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\LocalService\ntuser.dat ()
O4 - Startup: C:\Documents and Settings\LocalService\ntuser.dat.LOG ()
O4 - Startup: C:\Documents and Settings\LocalService\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\NetworkService\Cookies [2009.12.25 11:19:45 | 000,000,000 | --SD | M]
O4 - Startup: C:\Documents and Settings\NetworkService\Data aplikací [2009.12.19 20:22:13 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\NetworkService\Local Settings [2009.12.19 20:22:13 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\NetworkService\NTUSER.DAT ()
O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.dat.LOG ()
O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.ini ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-842925246-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.5.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\DfLogon: DllName - LogonDll.dll - C:\WINDOWS\System32\LogonDll.dll ()
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.19 20:19:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.03.24 13:06:41 | 000,000,053 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008.02.27 15:15:34 | 000,000,220 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{1eac458e-1499-11df-ae3c-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{1eac458e-1499-11df-ae3c-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{1eac458e-1499-11df-ae3c-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e8-eee8-11de-b94a-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e8-eee8-11de-b94a-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e8-eee8-11de-b94a-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e9-eee8-11de-b94a-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e9-eee8-11de-b94a-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{3bca36e9-eee8-11de-b94a-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{51a8d543-ecd2-11de-acc2-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{51a8d543-ecd2-11de-acc2-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\{acd09340-3e8f-11df-84d3-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{acd09340-3e8f-11df-84d3-806d6172696f}\Shell\AutoRun\command - "" = D:\reatogoMenu.exe -- [2005.07.16 23:36:50 | 000,240,128 | R--- | M] ()
O33 - MountPoints2\{f18edcd6-082e-11df-ade7-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd6-082e-11df-ade7-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd6-082e-11df-ade7-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd7-082e-11df-ade7-001fd02de8e2}\Shell\AutoRun\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd7-082e-11df-ade7-001fd02de8e2}\Shell\explore\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\{f18edcd7-082e-11df-ade7-001fd02de8e2}\Shell\open\command - "" = STOBOM/odlazim.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk /k:C *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.04 17:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Faronics
[2010.04.04 11:20:34 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscomctl.ocx
[2010.04.04 11:20:34 | 000,118,784 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msstdfmt.dll
[2010.04.04 11:20:34 | 000,102,912 | R--- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\Ntport.dll
[2010.04.04 11:20:34 | 000,006,080 | ---- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys
[2010.04.04 11:20:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64
[2010.04.04 11:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\ITE
[2010.04.04 10:59:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\4A Games
[2010.04.04 10:53:49 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.04.04 10:53:49 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.04.04 10:53:48 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.04.04 10:53:48 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.04.04 10:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\METRO 2033
[2010.04.04 09:23:56 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.04.03 17:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010.04.03 11:27:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\4A Games
[2010.04.03 10:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010.04.03 09:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010.04.02 22:30:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Plocha\Games
[2010.04.02 22:12:25 | 000,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010.04.02 22:07:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\NV3676340.TMP
[2010.04.02 21:43:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2010.04.02 21:43:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010.04.02 21:43:20 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010.04.02 21:43:20 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2010.04.02 21:43:20 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010.04.02 21:43:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2010.04.02 21:43:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010.04.02 21:42:01 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irsir.sys
[2010.04.02 21:42:01 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010.04.02 12:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\I96PD205
[2010.04.02 12:57:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Awd890
[2010.03.30 17:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\DCIM
[2010.03.30 14:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\metro
[2010.03.28 10:21:39 | 000,000,000 | ---D | C] -- C:\RAR
[2010.03.19 20:47:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Skály
[2010.03.16 17:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\BFBC2
[2010.03.16 03:37:50 | 013,570,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010.03.16 03:37:50 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010.03.16 03:37:50 | 000,143,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2010.03.16 03:37:50 | 000,086,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010.03.16 03:37:44 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010.03.15 20:56:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2010.03.15 20:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\BRS
[2010.03.15 20:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010.03.14 19:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2010.03.12 15:32:40 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.03.12 15:32:39 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.03.12 15:32:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.03.12 15:32:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.03.12 15:32:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.03.11 21:39:35 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.10 17:07:42 | 004,194,304 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010.04.10 13:25:08 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.04.10 13:25:07 | 000,263,851 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.04.10 13:24:57 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.10 13:24:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.10 13:24:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.10 12:29:21 | 058,758,894 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.04.10 12:26:08 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.10 12:25:38 | 016,336,640 | ---- | M] () -- C:\Persi0.sys
[2010.04.04 17:07:52 | 000,233,472 | ---- | M] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010.04.04 17:07:52 | 000,229,376 | ---- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010.04.04 17:07:44 | 000,607,848 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.04.04 17:07:38 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010.04.04 17:06:02 | 005,382,270 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\4thApril Passes.zip
[2010.04.04 09:32:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstet.dat
[2010.04.04 09:18:23 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.04 09:18:23 | 000,428,750 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.04 09:18:23 | 000,077,872 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.04 09:18:23 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.03 13:19:23 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.03 09:49:18 | 000,008,410 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010.04.02 22:04:46 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.02 09:20:43 | 000,024,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2010.04.02 09:20:42 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\GVTunner.ref
[2010.03.30 17:03:22 | 000,082,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.29 18:48:21 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.03.25 20:36:06 | 000,012,783 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\vtip.odt
[2010.03.20 21:00:55 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\etdrv.sys
[2010.03.16 08:51:59 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010.03.16 08:51:59 | 000,025,695 | ---- | M] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010.03.16 08:51:59 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.03.16 03:37:34 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010.03.15 17:34:18 | 001,020,388 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.12 16:05:08 | 000,393,733 | ---- | M] () -- C:\AnalysisLog.sr0
[2010.03.11 20:05:42 | 000,215,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.04 17:07:11 | 016,336,640 | ---- | C] () -- C:\Persi0.sys
[2010.04.04 17:07:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\LogonDll.dll
[2010.04.04 17:04:22 | 005,382,270 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\4thApril Passes.zip
[2010.04.04 11:20:34 | 000,046,080 | R--- | C] () -- C:\WINDOWS\System32\itevio.dll
[2010.04.04 11:20:34 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\drivers\a.bat
[2010.04.03 09:49:18 | 000,008,410 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010.04.02 22:08:01 | 000,198,941 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2010.04.02 17:42:13 | 004,194,304 | ---- | C] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010.04.02 17:42:13 | 000,233,472 | ---- | C] () -- C:\Documents and Settings\LocalService\ntuser.dat
[2010.03.25 20:36:06 | 000,012,783 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\vtip.odt
[2010.03.21 10:06:22 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\GVTunner.ref
[2010.03.16 03:37:34 | 000,263,851 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010.03.16 03:37:34 | 000,066,714 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010.03.12 16:04:59 | 000,393,733 | ---- | C] () -- C:\AnalysisLog.sr0
[2010.01.25 17:38:09 | 000,607,848 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.12.23 20:38:28 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.12.23 20:38:28 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.12.23 20:01:41 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.22 23:06:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Bench32.INI
[2009.12.20 15:42:41 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\NxExtensions.dll
[2009.12.19 22:07:46 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.12.19 22:07:46 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\PnkBstrK.sys
[2009.12.19 22:07:27 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.12.19 20:55:28 | 000,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2009.12.19 20:45:00 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.12.19 20:45:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.05.21 06:24:48 | 000,001,683 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.08.02 06:20:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.08.02 06:20:00 | 001,499,136 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.08.02 06:20:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.08.02 06:20:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.08.02 06:20:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004.06.27 22:49:42 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2004.06.27 20:15:12 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010.02.07 14:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2009.12.23 20:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\avidemux
[2010.02.06 22:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2010.04.04 09:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010.02.11 23:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DassaultSystemes
[2010.02.11 15:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2010.01.23 17:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2010.02.21 11:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\gtk-2.0
[2009.12.30 18:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2010.01.24 17:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010.03.14 19:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2009.12.20 15:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2010.01.04 23:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2009.12.28 20:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\QIP
[2010.02.10 13:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViGlance
[2010.02.10 13:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViSplore
[2010.02.10 13:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ViStart

========== Purity Check ==========


< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Po restartu, vše jak před dvěma dny... pls. Help

#29 Příspěvek od motji »

:o ten soubor je tam pořád
Můžete zkusit soubor C:\Persi0.sys dát do zipu nebo raru a nahrát ho na www.leteckaposta.cz. Link mi vložte do sz, díky :)

A čas máte jaký? Já bych řekla, že se nic nesmazalo :o
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Spo.On
1. Stupeň Varování
Příspěvky: 65
Registrován: 07 črc 2009 12:21

Re: Po restartu, vše jak před dvěma dny... pls. Help

#30 Příspěvek od Spo.On »

soubor nejde dát do zipu protože je něčím využívaný....
pokud se nic nesmazalo tak to vypadá že se to zas obnovilo...
čas a datum jsou správné jen se nedá změnit...
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“