po odstranění viru se brutálně zpomalil PC

Zpráva

Paulie0001 · #16 Příspěvek od **Paulie0001** » 24 dub 2010 11:03

Mno....ehm...... Jsem teď trošku zmaten........ Jak jsem v těch Windowsech a tam je spuštěn stále ten Combofix, tak jsem si jen zkusil na něco kliknout na ploše, a když klíkám na ty ostatní ikonky, tak je to vše normální..... včera se to ještě sekalo, když jsem klikl na ikonu, tak se mi označila až za minutu, ale ted klikám a vypadá to vše v pořádku, hned se to označí......

Ale nechci se radovat předčasně, a tak ještě počkám na Vaše pokyny. Combofix je stále spuštěn a stále připravuje Log, a mám obavy, že kdybych ho zrušil a resetnul PC, tak že to bude opět pomalé........ ale zatím to vypadá v pořádku

#17 Příspěvek od **Caroprd111** » 24 dub 2010 11:12

Restartujte PC a podívejte se, jestli není v PC log ComboFix.txt

Paulie0001 · #18 Příspěvek od **Paulie0001** » 24 dub 2010 11:24

Našel jsem ho, a po restartu PC naběhl v pořádku a bez problémů.... Mimochodem na C:\ je složka Combofix, která má 15mb a obsahuje 278 souborů........ Mám-li s tím něco udělat či nikoli......... A jestli si myslíte, že je to vše už v pořádku, tak Vám chci moc poděkovat, protože jsem si nevěděl rady, a opravdu to zatím vypadá v pořádku. Popřípadě, máte-li nějaké návrhy co bych mohl ještě udělat, tak prosím napište. Ještě jednou děkuji

ComboFix 10-04-21.01 - Administrator 24.04.2010 12:05:48.4.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.3073 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\Program Files\FLV Direct Player
C:\Program Files\FLV Direct Player\downloading.swf
C:\Program Files\FLV Direct Player\FLVPlayer.exe
C:\Program Files\FLV Direct Player\player.swf
C:\Program Files\FLV Direct Player\preload.swf
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Button.bmp
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Logo.bmp
C:\Program Files\FLV Direct Player\Skin\DirectFLV\skin.xml
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Window.bmp
C:\Program Files\FLV Direct Player\uninstall.exe
E:\Autorun.inf
E:\install.exe
F:\autorun.inf
G:\autorun.inf
H:\autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AVPsys

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-24 do 2010-04-24 )))))))))))))))))))))))))))))))
.

2010-04-23 04:29:55 . 2010-04-23 04:30:02 -------- d-----w- C:\rsit
2010-04-22 06:11:07 . 2010-04-22 06:11:07 -------- d-----w- C:\$AVG
2010-04-22 06:03:44 . 2010-04-22 06:03:46 12464 ----a-w- C:\WINDOWS\system32\avgrsstx.dll
2010-04-22 06:03:43 . 2010-04-22 06:03:43 52872 ----a-w- C:\WINDOWS\system32\drivers\avgrkx86.sys
2010-04-22 06:03:43 . 2010-04-22 06:03:43 25096 ----a-w- C:\WINDOWS\system32\drivers\AVGIDSxx.sys
2010-04-22 06:03:40 . 2010-04-22 06:03:42 242696 ----a-w- C:\WINDOWS\system32\drivers\avgtdix.sys
2010-04-22 06:03:32 . 2010-04-22 06:03:33 216200 ----a-w- C:\WINDOWS\system32\drivers\avgldx86.sys
2010-04-22 06:03:30 . 2010-04-22 06:03:32 29512 ----a-w- C:\WINDOWS\system32\drivers\avgmfx86.sys
2010-04-22 06:03:25 . 2010-04-22 16:25:18 -------- d-----w- C:\WINDOWS\system32\drivers\Avg
2010-04-22 06:01:02 . 2010-04-22 06:01:02 50968 ----a-w- C:\WINDOWS\system32\avgfwdx.dll
2010-04-22 06:01:02 . 2010-04-22 06:01:02 30104 ----a-w- C:\WINDOWS\system32\drivers\avgfwdx.sys
2010-04-22 06:00:41 . 2010-04-22 06:00:41 -------- d-----w- C:\Program Files\AVG
2010-04-22 05:52:05 . 2010-04-22 16:37:52 128512 --sh--r- C:\vgyn6ewc.exe
2010-04-12 16:41:58 . 2010-04-12 16:41:59 -------- d-----w- C:\Program Files\TO2SAM
2010-04-07 09:32:07 . 2010-04-07 09:32:07 -------- d-----w- C:\Program Files\Conduit
2010-04-07 09:31:54 . 2010-04-07 09:32:07 -------- d-----w- C:\Program Files\DVDVideoSoft
2010-04-07 09:31:47 . 2010-04-07 09:32:00 -------- d-----w- C:\Program Files\Common Files\DVDVideoSoft
2010-04-06 12:49:25 . 2010-04-06 12:49:25 281760 ----a-w- C:\WINDOWS\system32\drivers\atksgt.sys
2010-04-06 12:49:25 . 2010-04-06 12:49:25 25888 ----a-w- C:\WINDOWS\system32\drivers\lirsgt.sys
2010-04-06 12:37:39 . 2010-04-06 12:37:40 691696 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys
2010-04-04 09:21:16 . 2010-04-04 11:17:27 -------- d-----w- C:\Program Files\Windows Media Connect 2
2010-04-04 09:06:44 . 2010-04-04 09:15:00 111513 ----a-w- C:\WINDOWS\system32\KWWdq-.exe
2010-04-04 09:00:22 . 2010-04-04 09:00:22 -------- d-----w- C:\Program Files\Common Files\CyberLink
2010-04-04 08:58:34 . 2010-04-04 08:58:06 29480 ----a-w- C:\WINDOWS\system32\msxml3a.dll
2010-04-04 07:59:34 . 2010-04-04 08:03:46 5 ----a-w- C:\WINDOWS\system32\SySwmvtoavi.dat
2010-03-31 03:05:50 . 2010-03-31 03:05:50 -------- d-----w- C:\spoolerlogs
2010-03-26 13:18:59 . 2010-03-26 13:18:59 21840 ----a-w- C:\WINDOWS\system32\SIntfNT.dll
2010-03-26 13:18:59 . 2010-03-26 13:18:59 17212 ----a-w- C:\WINDOWS\system32\SIntf32.dll
2010-03-26 13:18:59 . 2010-03-26 13:18:59 12067 ----a-w- C:\WINDOWS\system32\SIntf16.dll
2010-03-26 13:16:03 . 2010-03-26 13:26:02 29222 ----a-w- C:\WINDOWS\DIIUnin.dat
2010-03-26 13:16:02 . 2010-03-26 13:16:02 94208 ----a-w- C:\WINDOWS\DIIUnin.exe
2010-03-26 13:16:02 . 2010-03-26 13:16:02 2829 ----a-w- C:\WINDOWS\DIIUnin.pif

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-06 12:49:12 . 2010-04-06 12:48:58 -------- d-----w- C:\Program Files\AGEIA Technologies
2010-04-06 12:48:45 . 2010-02-12 18:48:42 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-06 12:43:17 . 2010-01-12 11:54:13 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2010-04-04 08:58:06 . 2003-02-21 01:42:00 353576 ----a-w- C:\WINDOWS\system32\msvcr71.dll
2010-04-04 08:58:05 . 2003-03-18 19:14:52 505128 ----a-w- C:\WINDOWS\system32\msvcp71.dll
2010-03-28 08:36:10 . 2001-10-25 14:00:00 77886 ----a-w- C:\WINDOWS\system32\perfc005.dat
2010-03-28 08:36:10 . 2001-10-25 14:00:00 427610 ----a-w- C:\WINDOWS\system32\perfh005.dat
2010-03-24 19:49:27 . 2010-03-24 19:49:27 -------- d-----w- C:\Program Files\MSECache
2010-03-22 10:15:22 . 2010-03-22 10:15:22 1122304 ----a-w- C:\WINDOWS\system32\2-xA2a.dll
2010-03-21 08:19:23 . 2010-02-24 11:03:40 -------- d-----w- C:\Program Files\Common Files\Blizzard Entertainment
2010-03-14 22:26:59 . 2010-03-14 22:26:59 -------- d-----w- C:\Program Files\Microsoft.NET
2010-02-12 21:26:49 . 2010-01-12 08:08:35 86327 ----a-w- C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\index.dat
2010-02-12 21:26:49 . 2010-01-12 08:08:33 3038 ----a-w- C:\WINDOWS\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2010-02-10 20:36:16 . 2010-02-10 20:36:16 25280 ----a-w- C:\WINDOWS\system32\drivers\hamachi.sys
2010-02-08 19:43:52 . 2010-02-07 19:42:22 56816 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-02-07 15:38:26 . 2010-02-07 15:12:20 66936 --sha-w- C:\WINDOWS\slinfo_0.drv
2010-02-07 15:11:14 . 2010-02-07 15:11:14 86528 ----a-w- C:\WINDOWS\bnetunin.exe
2010-02-07 15:11:14 . 2010-02-07 15:11:14 61440 ----a-w- C:\WINDOWS\diabunin.exe
2010-02-01 10:18:47 . 2010-01-16 20:00:12 107888 ----a-w- C:\WINDOWS\system32\CmdLineExt.dll
.

#19 Příspěvek od **Caroprd111** » 24 dub 2010 11:32

Poprosím o nový log z RSIT. Po ComboFixu dočistíme později.

Paulie0001 · #20 Příspěvek od **Paulie0001** » 24 dub 2010 11:35

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jiršoun at 2010-04-24 13:34:02
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (22%) free of 10 GB
Total RAM: 3326 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:34:09, on 24.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
H:\Šikovné programy\Antivir AVG\avgchsvx.exe
H:\Šikovné programy\Antivir AVG\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Bin\AVGIDSAgent.exe
H:\Šikovné programy\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\OSCAR Editor\OscarEditor.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Šikovné programy\Antivir AVG\avgcsrvx.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
H:\Šikovné programy\Antivir AVG\avgwdsvc.exe
H:\Šikovné programy\Antivir AVG\avgfws9.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
H:\Šikovné programy\Antivir AVG\avgemc.exe
H:\Šikovné programy\Antivir AVG\avgam.exe
H:\Šikovné programy\Antivir AVG\avgnsx.exe
H:\Šikovné programy\Antivir AVG\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
H:\Šikovné programy\Antivir AVG\avgcsrvx.exe
C:\Documents and Settings\Jiršoun\Plocha\RSIT.exe
C:\Program Files\trend micro\Jiršoun.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Šikovné programy\Antivir AVG\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll
O2 - BHO: everyflv - {be763f45-ec5e-7351-a031-29725a5cb9e9} - C:\WINDOWS\system32\2-xA2a.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] H:\Šikovné programy\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mspaint] "C:\WINDOWS\system32\Paint.exe" -autocheck
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RGSC] C:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\IKOVNP~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://H:\IKOVNP~1\MSOFFI~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\IKOVNP~1\MSOFFI~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Šikovné programy\Antivir AVG\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - H:\Šikovné programy\Antivir AVG\Toolbar\ToolbarBroker.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - H:\Šikovné programy\Antivir AVG\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - H:\Šikovné programy\Antivir AVG\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - H:\Šikovné programy\Antivir AVG\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - H:\Šikovné programy\NERO\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7100 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - H:\Šikovné programy\Antivir AVG\avgssie.dll [2010-04-22 1598744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll [2010-02-23 1664256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{be763f45-ec5e-7351-a031-29725a5cb9e9}]
everyflv - C:\WINDOWS\system32\2-xA2a.dll [2010-03-22 1122304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
DVDVideoSoft Toolbar - C:\Program Files\DVDVideoSoft\tbDVDV.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Program Files\DVDVideoSoft\tbDVDV.dll [2009-12-31 2349080]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll [2010-02-23 1664256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"PWRISOVM.EXE"=H:\Šikovné programy\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"mspaint"=C:\WINDOWS\system32\Paint.exe -autocheck []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files\OSCAR Editor\OscarEditor.exe [2009-08-31 4053504]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-09-13 139264]
"RGSC"=C:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe [2010-02-15 306088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdoosoft]
C:\DOCUME~1\JIROUN~1\LOCALS~1\Temp\herss.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eurobattlegui]
H:\Hry\Warcraft III\eb.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Grid]
C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-06-25 17887232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
h:\komunikátory\steam\steam.exe [2010-03-13 1217872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
C:\Program Files\TO2SSM\McciTrayApp.exe [2009-01-16 1473536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VycistitPocitac]
H:\Šikovné programy\Vyčistit PC\VycistitPocitac.exe /SCHEDULED []

C:\Documents and Settings\Jiršoun\Nabídka Start\Programy\Po spuštění
GIGABYTE Gamer HUD Lite.lnk - C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-22 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"H:\Hry\Warcraft III\War3.exe"="H:\Hry\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"H:\Hry\Warcraft III\Warcraft III.exe"="H:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"H:\Komunikátory\STEAM\Steam.exe"="H:\Komunikátory\STEAM\Steam.exe:*:Enabled:Steam Client"
"H:\Komunikátory\STEAM\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe"="H:\Komunikátory\STEAM\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe:*:Enabled:Lost Planet: Extreme Condition"
"H:\Komunikátory\STEAM\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe"="H:\Komunikátory\STEAM\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe:*:Enabled:Lost Planet: Extreme Condition"
"C:\WINDOWS\system32\CNAB4RPK.EXE"="C:\WINDOWS\system32\CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"H:\Hry\Killing Floor\KillingFloor\System\KillingFloor.exe"="H:\Hry\Killing Floor\KillingFloor\System\KillingFloor.exe:*:Enabled:KillingFloor"
"H:\Komunikátory\Garena\Garena.exe"="H:\Komunikátory\Garena\Garena.exe:*:Enabled:Garena"
"H:\Hry\Killing Floor\Killing floor\KillingFloor\System\KillingFloor.exe"="H:\Hry\Killing Floor\Killing floor\KillingFloor\System\KillingFloor.exe:*:Enabled:KillingFloor"
"H:\Casino\ParadiseCasino\casino.exe"="H:\Casino\ParadiseCasino\casino.exe:*:Enabled:casino"
"H:\Hry\Killing Floor\System\KillingFloor.exe"="H:\Hry\Killing Floor\System\KillingFloor.exe:*:Enabled:KillingFloor"
"H:\Hry\Counter strike\cstrike.exe"="H:\Hry\Counter strike\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"H:\Hry\Counter strike\hl.exe"="H:\Hry\Counter strike\hl.exe:*:Disabled:Half-Life Launcher"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"H:\Hry\HRY OD DANA\Prey\PREYDed.exe"="H:\Hry\HRY OD DANA\Prey\PREYDed.exe:*:Enabled:PREY"
"H:\Komunikátory\QIP\qip.exe"="H:\Komunikátory\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"H:\Hry\HRY OD DANA\FarCry\Bin32\FarCry.exe"="H:\Hry\HRY OD DANA\FarCry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"H:\Hry\Diablo\Spawn\diablo_s.exe"="H:\Hry\Diablo\Spawn\diablo_s.exe:*:Enabled:Diablo"
"H:\Hry\Counter strike\hlds.exe"="H:\Hry\Counter strike\hlds.exe:*:Enabled:HLDS Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Komunikátory\STEAM\SteamApps\naga_mc\counter-strike source\hl2.exe"="H:\Komunikátory\STEAM\SteamApps\naga_mc\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"H:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe"="H:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"H:\Hry\GTA IV\Grand Theft Auto IV\GTAIV.exe"="H:\Hry\GTA IV\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"H:\Hry\Counter strike\hlds.exe -game cstrike +exec server.cfg +port 27015 +sv_lan 1 -nomaster +maxplayers 16 +map de_aztec -console.exe"="H:\Hry\Counter strike\hlds.exe -game cstrike +exec server.cfg +port 27015 +sv_lan 1 -nomaster +maxplayers 16 +map de_aztec -console.exe:*:Enabled:HLDS Launcher"
"H:\Hry\KaM - The Peasants Rebellion\KM_TPR.exe"="H:\Hry\KaM - The Peasants Rebellion\KM_TPR.exe:*:Enabled:KM_TPR"
"H:\Šikovné programy\GHostOne\GHostOne.exe"="H:\Šikovné programy\GHostOne\GHostOne.exe:*:Enabled:GHost One - advanced hosting bot"
"H:\Šikovné programy\GHostOne\ghost.exe"="H:\Šikovné programy\GHostOne\ghost.exe:*:Enabled:ghost"
"I:\WOW DOWNLOADERS\WOW BC\WOW-BURNINGCRUSADE-ENGB-INSTALLER-DOWNLOADER.EXE"="I:\WOW DOWNLOADERS\WOW BC\WOW-BURNINGCRUSADE-ENGB-INSTALLER-DOWNLOADER.EXE:*:Disabled:Blizzard Downloader"
"H:\Hry\Call of Juarez - Bound in blood\CoJBiBGame_x86.exe"="H:\Hry\Call of Juarez - Bound in blood\CoJBiBGame_x86.exe:*:Disabled:Call of Juarez - Bound in Blood"
"H:\Hry\StarCraft II Beta\StarCraft II.exe"="H:\Hry\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"H:\Hry\StarCraft II Beta\Versions\Base14356\SC2.exe"="H:\Hry\StarCraft II Beta\Versions\Base14356\SC2.exe:*:Enabled:StarCraft II"
"H:\Hry\StarCraft II Beta\Versions\Base14093\SC2.exe"="H:\Hry\StarCraft II Beta\Versions\Base14093\SC2.exe:*:Enabled:StarCraft II"
"H:\Hry\StarCraft II Beta\Versions\Base14621\SC2.exe"="H:\Hry\StarCraft II Beta\Versions\Base14621\SC2.exe:*:Enabled:StarCraft II"
"H:\Šikovné programy\Antivir AVG\avgam.exe"="H:\Šikovné programy\Antivir AVG\avgam.exe:*:Enabled:avgam.exe"
"H:\Šikovné programy\Antivir AVG\avgdiagex.exe"="H:\Šikovné programy\Antivir AVG\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"H:\Šikovné programy\Antivir AVG\avgemc.exe"="H:\Šikovné programy\Antivir AVG\avgemc.exe:*:Enabled:avgemc.exe"
"H:\Šikovné programy\Antivir AVG\avgupd.exe"="H:\Šikovné programy\Antivir AVG\avgupd.exe:*:Enabled:avgupd.exe"
"H:\Šikovné programy\Antivir AVG\avgnsx.exe"="H:\Šikovné programy\Antivir AVG\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{223f48d1-0c5d-11df-959f-00241ddfe751}]
shell\AutoRun\command - K:\ji83j.exe
shell\open\command - K:\ji83j.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7875d4fe-ff8b-11de-9582-00241ddfe751}]
shell\AutoRun\command - L:\mi9al8rs.exe
shell\open\command - L:\mi9al8rs.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3d01bc8-4472-11df-95f6-00241ddfe751}]
shell\AutoRun\command - L:\ba.exe
shell\open\command - L:\ba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5497df7-0517-11df-9590-00241ddfe751}]
shell\AutoRun\command - L:\chxnxyx.exe
shell\open\command - L:\chxnxyx.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db857f15-0ae2-11df-959a-00241ddfe751}]
shell\AutoRun\command - L:\affi8l.exe
shell\open\command - L:\affi8l.exe

======List of files/folders created in the last 1 months======

2010-04-24 12:15:31 ----D---- C:\WINDOWS\temp
2010-04-24 12:03:24 ----D---- C:\ComboFix
2010-04-23 06:29:55 ----D---- C:\rsit
2010-04-22 21:29:35 ----A---- C:\WINDOWS\ntbtlog.txt
2010-04-22 08:11:07 ----D---- C:\$AVG
2010-04-22 08:03:44 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-04-22 08:03:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2010-04-22 08:01:02 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2010-04-22 08:00:41 ----D---- C:\Program Files\AVG
2010-04-22 08:00:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2010-04-22 07:52:05 ----RSH---- C:\vgyn6ewc.exe
2010-04-19 10:26:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Boss Media
2010-04-12 18:41:58 ----D---- C:\Program Files\TO2SAM
2010-04-07 11:32:07 ----D---- C:\Program Files\Conduit
2010-04-07 11:31:54 ----D---- C:\Program Files\DVDVideoSoft
2010-04-07 11:31:47 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-04-06 14:48:58 ----D---- C:\WINDOWS\system32\AGEIA
2010-04-06 14:48:58 ----D---- C:\Program Files\AGEIA Technologies
2010-04-06 14:48:20 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-04-06 14:48:19 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-04-06 14:48:19 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-04-06 14:48:18 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-04-06 14:48:18 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-04-06 14:48:17 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-06 14:48:17 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-04-06 14:48:17 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-04-06 14:48:17 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-04-06 14:48:16 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-04-06 14:48:16 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-04-06 14:48:16 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-04-06 14:48:15 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-04-06 14:48:15 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-04-06 14:46:50 ----D---- C:\Documents and Settings\Jiršoun\Data aplikací\Prison Break
2010-04-06 14:36:29 ----D---- C:\Documents and Settings\Jiršoun\Data aplikací\DAEMON Tools Lite
2010-04-06 14:36:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-04-04 13:17:52 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-04-04 13:17:12 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-04-04 13:16:21 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-04-04 11:35:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-04-04 11:21:40 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-04-04 11:21:32 ----A---- C:\WINDOWS\imsins.BAK
2010-04-04 11:21:16 ----D---- C:\Program Files\Windows Media Connect 2
2010-04-04 11:06:44 ----A---- C:\WINDOWS\system32\KWWdq-.exe
2010-04-04 11:03:58 ----D---- C:\Documents and Settings\Jiršoun\Data aplikací\CyberLink
2010-04-04 11:00:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2010-04-04 11:00:22 ----D---- C:\Program Files\Common Files\CyberLink
2010-04-04 10:58:34 ----A---- C:\WINDOWS\system32\msxml3a.dll
2010-04-04 10:58:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Temp
2010-04-04 10:02:02 ----A---- C:\WINDOWS\crywmvtoavi.ini
2010-03-31 05:05:50 ----D---- C:\spoolerlogs
2010-03-26 15:18:59 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2010-03-26 15:18:59 ----A---- C:\WINDOWS\system32\SIntf32.dll
2010-03-26 15:18:59 ----A---- C:\WINDOWS\system32\SIntf16.dll
2010-03-26 15:16:02 ----A---- C:\WINDOWS\DIIUnin.exe

======List of files/folders modified in the last 1 months======

2010-04-24 13:34:08 ----D---- C:\Program Files\trend micro
2010-04-24 13:34:07 ----D---- C:\WINDOWS\Prefetch
2010-04-24 13:28:59 ----D---- C:\Program Files\Mozilla Firefox
2010-04-24 13:16:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-24 13:15:49 ----D---- C:\WINDOWS\system32
2010-04-24 13:13:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-24 12:20:26 ----D---- C:\WINDOWS
2010-04-24 12:20:26 ----A---- C:\WINDOWS\system.ini
2010-04-24 12:19:42 ----D---- C:\WINDOWS\system32\drivers
2010-04-24 12:17:47 ----D---- C:\WINDOWS\system32\config
2010-04-24 12:16:02 ----D---- C:\WINDOWS\ERDNT
2010-04-24 12:14:42 ----RD---- C:\Program Files
2010-04-24 12:14:41 ----AD---- C:\Qoobox
2010-04-24 12:13:07 ----D---- C:\WINDOWS\AppPatch
2010-04-24 12:13:03 ----D---- C:\Program Files\Common Files
2010-04-22 21:31:17 ----D---- C:\Documents and Settings
2010-04-22 08:01:04 ----HD---- C:\WINDOWS\inf
2010-04-22 08:00:00 ----SHD---- C:\WINDOWS\Installer
2010-04-22 07:59:59 ----D---- C:\WINDOWS\WinSxS
2010-04-22 07:57:45 ----SD---- C:\Documents and Settings\Jiršoun\Data aplikací\Microsoft
2010-04-13 02:20:01 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-06 14:48:45 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-06 14:48:21 ----D---- C:\WINDOWS\system32\DirectX
2010-04-06 14:47:42 ----RSD---- C:\WINDOWS\assembly
2010-04-06 14:43:17 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-04 13:17:52 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-04 13:17:25 ----D---- C:\Program Files\Windows Media Player
2010-04-04 13:17:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-04 13:17:19 ----D---- C:\WINDOWS\Help
2010-04-04 13:11:02 ----A---- C:\WINDOWS\win.ini
2010-04-04 10:58:06 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-04-04 10:58:05 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-03-28 15:19:38 ----D---- C:\Documents and Settings\Jiršoun\Data aplikací\Hamachi
2010-03-28 10:36:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-22 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-04-22 29512]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-04-22 242696]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-04-14 225664]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-04-06 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-04-06 25888]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-04-22 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 AVGIDSShimxpx;AVG9IDSShim; \??\H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-10 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-25 5095936]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-28 7655872]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2009-08-21 57248]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2009-06-29 142592]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\System32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-06-25 1684736]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-04-22 30104]
S3 ayejci8i;ayejci8i; C:\WINDOWS\system32\drivers\ayejci8i.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\JIROUN~1\LOCALS~1\Temp\JMT5.tmp []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-06-25 1389056]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 vtany;vtany; \??\C:\WINDOWS\vtany.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xhunter1;xhunter1; \??\C:\WINDOWS\xhunter1.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 avg9emc;AVG E-mail Scanner; H:\Šikovné programy\Antivir AVG\avgemc.exe [2010-04-22 916760]
R2 avg9wd;AVG WatchDog; H:\Šikovné programy\Antivir AVG\avgwdsvc.exe [2010-04-22 308064]
R2 avgfws9;AVG Firewall; H:\Šikovné programy\Antivir AVG\avgfws9.exe [2010-04-22 2325816]
R2 AVGIDSAgent;AVG9IDSAgent; H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-04-22 5888008]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; H:\Šikovné programy\Antivir AVG\Toolbar\ToolbarBroker.exe [2010-02-23 369920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 NBService;NBService; H:\Šikovné programy\NERO\Nero 7\Nero BackItUp\NBService.exe [2006-09-12 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

#21 Příspěvek od **Caroprd111** » 24 dub 2010 11:52

Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek

Start > Spustit (Win + R)

Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

Klikněte na OK

Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

Paulie0001 · #22 Příspěvek od **Paulie0001** » 24 dub 2010 21:20

Poslechl jsem všechny Vaše rady, a zde vkládám první log z GMER, a po něm hned druhý (nejsem si ale jist, zda byl scan dokončen..... Myslím že se to zaseklo na jednom řádku, tak jsem dal jen SAVE a ještě nechávám scan doběhnout.... ale už se asi nic nestane)
1. log
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-24 21:52:56
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\JIROUN~1\LOCALS~1\Temp\pwtdapod.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----

2. log
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-24 22:16:32
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\JIROUN~1\LOCALS~1\Temp\pwtdapod.sys

---- System - GMER 1.0.15 ----

SSDT \??\H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB81CA670]
SSDT \??\H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB81CA720]
SSDT \??\H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB81CA7C0]
SSDT \??\H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB81CA860]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB7658360, 0x3E57A5, 0xE8000020]
? C:\DOCUME~1\JIROUN~1\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x66 0xAD 0x94 0x7C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x66 0xAD 0x94 0x7C ...
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000

#23 Příspěvek od **Caroprd111** » 24 dub 2010 21:34

Vložte do PC všechny flash disky, které používáte.

Obrázek

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

Spusťte, poté zvolte jazyk E - Enter
Zvolte 2 - Enter (je možný restart PC)
Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Paulie0001 · #24 Příspěvek od **Paulie0001** » 28 dub 2010 16:10

Dobrý den, předem se omlouvám za moji delší nepřítomnost.... Zde vkládám 1.log z usbfix a hned se vrhám na další scan.

############################## | UsbFix V6.109 |

User : Jiršoun (Administrators) # PAULIE
Update on 26/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:00:17 | 28.4.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Celeron(R) D CPU 3.06GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
AV : AVG Internet Security 9.0 [ Enabled | Updated ]
FW : AVG Firewall[ Enabled ]9.0

A:\ -> Disketová jednotka 3 1/2"
C:\ -> Místní pevný disk # 10 Go (1,82 Go free) # NTFS
D:\ -> Místní pevný disk
E:\ -> Místní pevný disk # 149,05 Go (100,26 Go free) # NTFS
F:\ -> Místní pevný disk # 55,47 Go (18,22 Go free) [PERROS] # NTFS
G:\ -> Místní pevný disk # 97,65 Go (97,56 Go free) [SATA-SYSTEM] # NTFS
H:\ -> Místní pevný disk # 368,1 Go (68,36 Go free) [SATA-DATA] # NTFS
I:\ -> Disk CD-ROM # 640 Mo (0 Mo free) [ROM2] # CDFS
J:\ -> Vyměnitelný disk # 3,73 Go (3,73 Go free) # FAT32
K:\ -> Vyměnitelný disk # 124,47 Mo (124,47 Mo free) # FAT
L:\ -> Vyměnitelný disk # 3,72 Go (3,72 Go free) [KINGSTON] # FAT32
M:\ -> Vyměnitelný disk # 3,63 Go (3,63 Go free) [USB DISK] # FAT32

################## | Files # Infected Folders |

Deleted ! C:\DOCUME~1\JIROUN~1\LOCALS~1\Temp\nodqq.exe
Deleted ! C:\DOCUME~1\JIROUN~1\LOCALS~1\Temp\nodqq0.dll
Deleted ! C:\vgyn6ewc.exe
Deleted ! C:\Recycler\S-1-5-21-343818398-1580818891-725345543-1003
Deleted ! E:\vgyn6ewc.exe
Deleted ! E:\$Recycle.Bin\S-1-5-21-610962651-4212776453-3548456129-1000
Deleted ! E:\Recycler\S-1-5-21-343818398-1580818891-725345543-1003
Deleted ! E:\Recycler\S-1-5-21-343818398-1580818891-725345543-500
Deleted ! F:\vgyn6ewc.exe
Deleted ! F:\$Recycle.Bin\S-1-5-21-610962651-4212776453-3548456129-1000
Deleted ! F:\Recycler\S-1-5-21-1844237615-484061587-725345543-1003
Deleted ! F:\Recycler\S-1-5-21-343818398-1580818891-725345543-1003
Deleted ! F:\Recycler\S-1-5-21-343818398-1580818891-725345543-500
Deleted ! F:\Recycler\S-1-5-21-436374069-1123561945-839522115-1003
Deleted ! F:\Recycler\S-1-5-21-448539723-1425521274-839522115-1003
Deleted ! F:\Recycler\S-1-5-21-448539723-1425521274-839522115-1005
Deleted ! G:\vgyn6ewc.exe
Deleted ! G:\$Recycle.Bin\S-1-5-21-610962651-4212776453-3548456129-1000
Deleted ! G:\Recycler\S-1-5-21-343818398-1580818891-725345543-1003
Deleted ! G:\Recycler\S-1-5-21-343818398-1580818891-725345543-500
Deleted ! H:\vgyn6ewc.exe
Deleted ! H:\$Recycle.Bin\S-1-5-21-610962651-4212776453-3548456129-1000
Deleted ! H:\Recycler\S-1-5-21-343818398-1580818891-725345543-1003
Deleted ! H:\Recycler\S-1-5-21-343818398-1580818891-725345543-500
Deleted ! H:\Recycler\S-1-5-21-436374069-1123561945-839522115-1003
(!) Not deleted ! I:\autorun.inf
(!) Not deleted ! I:\autorun.exe

################## | Registry |

Deleted ! [HKLM\software\microsoft\shared tools\msconfig\startupreg\cdoosoft]
Deleted ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{223f48d1-0c5d-11df-959f-00241ddfe751}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{c5497df7-0517-11df-9590-00241ddfe751}\Shell\AutoRun\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{db857f15-0ae2-11df-959a-00241ddfe751}\Shell\AutoRun\Command

################## | Listing of the present files |

[12.01.2010 10:09|--a------|0] C:\AUTOEXEC.BAT
[12.01.2010 20:55|--a------|211] C:\Boot.bak
[12.02.2010 23:42|-rahs----|281] C:\boot.ini
[25.10.2001 16:00|-rahs----|4952] C:\Bootfont.bin
[04.08.2004 00:00|--a------|261312] C:\cmldr
[12.01.2010 10:09|--a------|0] C:\CONFIG.SYS
[12.01.2010 10:09|-rahs----|0] C:\IO.SYS
[12.01.2010 10:09|-rahs----|0] C:\MSDOS.SYS
[12.01.2010 20:52|-rahs----|47564] C:\NTDETECT.COM
[12.02.2010 23:19|-rahs----|250576] C:\ntldr
[?|?|?] C:\pagefile.sys
[28.04.2010 17:08|--a------|4128] C:\UsbFix.txt
[29.12.2009 21:24|---------|2] E:\$UpgDrv$
[14.01.2010 01:39|--a------|383568] E:\699705.zip
[12.01.2010 22:14|--a------|29931255] E:\9-12_xp32-64_hydravision.exe
[12.01.2010 22:22|--a------|28474620] E:\9-12_xp32_dd.exe
[12.01.2010 22:23|--a------|46510828] E:\9-12_xp32_dd_ccc_wdm_enu.exe
[19.01.2010 19:51|--a------|91] E:\cmd.exe.log
[19.01.2010 21:02|--a------|22061] E:\ComboFix.txt
[12.02.2010 21:20|--a------|111] E:\DevList.txt
[13.01.2010 01:30|--a------|6650968] E:\DotA Allstars v6.65.w3x
[22.01.2010 06:29|--a------|360] E:\drwtsn32.exe.log
[22.01.2010 06:29|--a------|360] E:\dwwin.exe.log
[07.11.2007 08:00|--a------|17734] E:\eula.1028.txt
[07.11.2007 08:00|--a------|17734] E:\eula.1031.txt
[07.11.2007 08:00|--a------|10134] E:\eula.1033.txt
[07.11.2007 08:00|--a------|17734] E:\eula.1036.txt
[07.11.2007 08:00|--a------|17734] E:\eula.1040.txt
[07.11.2007 08:00|--a------|118] E:\eula.1041.txt
[07.11.2007 08:00|--a------|17734] E:\eula.1042.txt
[07.11.2007 08:00|--a------|17734] E:\eula.2052.txt
[07.11.2007 08:00|--a------|17734] E:\eula.3082.txt
[17.01.2010 06:42|--a------|4179293] E:\everesthome220.exe
[07.11.2007 08:00|--a------|1110] E:\globdata.ini
[08.07.2006 17:59|--a------|25780342] E:\Heroes of Might and Magic 1.nrg
[17.01.2010 07:22|--a------|2513432] E:\infinst_autol.exe
[14.01.2010 01:45|--a------|1554521] E:\infinst_enu(2).exe
[07.11.2007 08:00|--a------|843] E:\install.ini
[07.11.2007 08:03|--a------|76304] E:\install.res.1028.dll
[07.11.2007 08:03|--a------|96272] E:\install.res.1031.dll
[07.11.2007 08:03|--a------|91152] E:\install.res.1033.dll
[07.11.2007 08:03|--a------|97296] E:\install.res.1036.dll
[07.11.2007 08:03|--a------|95248] E:\install.res.1040.dll
[07.11.2007 08:03|--a------|81424] E:\install.res.1041.dll
[07.11.2007 08:03|--a------|79888] E:\install.res.1042.dll
[07.11.2007 08:03|--a------|75792] E:\install.res.2052.dll
[07.11.2007 08:03|--a------|96272] E:\install.res.3082.dll
[22.01.2010 06:23|--a------|89] E:\KFEd.exe.log
[06.02.2010 17:01|--a------|806] E:\KF_revLoader.exe.log
[06.02.2010 17:08|--a------|2727576617] E:\KillingFloor.exe.log
[24.01.2010 19:22|--a------|454] E:\Play.exe.log
[22.01.2010 07:45|--a------|1174] E:\revLoader.exe.log
[07.11.2007 08:00|--a------|5686] E:\vcredist.bmp
[07.11.2007 08:09|--a------|1442522] E:\VC_RED.cab
[07.11.2007 08:12|--a------|232960] E:\VC_RED.MSI
[29.12.2009 21:24|---------|2] F:\$UpgDrv$
[19.07.2009 14:50|--a------|20787] F:\Alien_vs_Predator_2.4541093.TPB.torrent
[19.07.2009 14:50|--a------|14218] F:\Alien_vs_Predator_2_-_Primal_Hunt.4541106.TPB.torrent
[10.06.2009 23:42|--a------|24] F:\autoexec.bat
[23.07.2009 01:34|--a------|67436544] F:\boot.iso
[10.06.2009 23:42|--a------|10] F:\config.sys
[12.01.2010 05:57|--ahs----|2817384448] F:\hiberfil.sys
[27.12.2009 11:59|--a------|190] F:\Install.log
[05.01.2010 16:26|-rahs----|0] F:\IO.SYS
[05.01.2010 16:26|-rahs----|0] F:\MSDOS.SYS
[27.12.2009 11:56|--a------|1841] F:\RHDSetup.log
[12.02.2010 22:50|--a------|486051200] H:\DXSDK_Aug08.exe
[27.02.2010 10:04|--a------|28160] H:\Valent.doc
[16.03.1998 21:30|-r-------|50] I:\AUTORUN.INF
[27.07.1999 18:21|-r-------|291840] I:\AutoRun.exe
[12.07.1998 15:50|-r-------|164864] I:\Preview.exe
[30.03.1999 22:35|-r-------|107] I:\graphics.res
[30.07.1999 15:29|-r-------|358912] I:\setup.exe
[30.07.1999 17:58|-r-------|9020269] I:\setup.res

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# E:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# F:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# G:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# H:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_PAULIE.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.109 ! |

#25 Příspěvek od **Caroprd111** » 28 dub 2010 16:16

Paulie0001 · #26 Příspěvek od **Paulie0001** » 28 dub 2010 16:30

No scan se zatím kousnul......

Mám tam příkazový řádek kde je :

Kód: Vybrat vše

G QUERY "HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON"
 1>"C:Documents and Settings\Jiršoun\Plocha\cmd.txt"
e nalézt uvedenou cestu.

Nějak mi ta levá část toho příkazového řádku chybí, když se tam nevešlo na konci ani "Nelze nalézt uvedenou cestu"... Když na ten příkazový řádek najedu, tak kurzor myši se změní na přesýpací hodiny....

A pod tím př. řádkem je:

Kód: Vybrat vše

Manual File Scan - Looking at file: C:\WINDOWS\system32\zipfldr.dll....

#27 Příspěvek od **Caroprd111** » 28 dub 2010 16:47

Restartujte PC a spusťte OTL bez skriptu.

Paulie0001 · #28 Příspěvek od **Paulie0001** » 28 dub 2010 17:13

OTL logfile created on: 28.4.2010 18:06:25 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Documents and Settings\Jiršoun\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 10,00 Gb Total Space | 1,78 Gb Free Space | 17,80% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 149,05 Gb Total Space | 100,26 Gb Free Space | 67,27% Space Free | Partition Type: NTFS
Drive F: | 55,47 Gb Total Space | 18,77 Gb Free Space | 33,84% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 97,56 Gb Free Space | 99,90% Space Free | Partition Type: NTFS
Drive H: | 368,10 Gb Total Space | 68,80 Gb Free Space | 18,69% Space Free | Partition Type: NTFS
Drive I: | 640,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 3,73 Gb Total Space | 3,73 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive K: | 124,47 Mb Total Space | 124,47 Mb Free Space | 100,00% Space Free | Partition Type: FAT
Drive L: | 3,72 Gb Total Space | 3,72 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive M: | 3,63 Gb Total Space | 3,63 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: PAULIE
Current User Name: Jiršoun
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.28 17:10:56 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiršoun\Plocha\OTL.exe
PRC - [2010.04.22 08:02:42 | 001,086,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgchsvx.exe
PRC - [2010.04.22 08:02:42 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgnsx.exe
PRC - [2010.04.22 08:02:40 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgrsx.exe
PRC - [2010.04.22 08:02:37 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgcsrvx.exe
PRC - [2010.04.22 08:02:10 | 002,325,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgfws9.exe
PRC - [2010.04.22 08:01:44 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgemc.exe
PRC - [2010.04.22 08:01:40 | 000,836,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgam.exe
PRC - [2010.04.22 08:01:38 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\avgwdsvc.exe
PRC - [2010.04.22 08:01:24 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2009.08.31 12:43:34 | 004,053,504 | ---- | M] () -- C:\Program Files\OSCAR Editor\OscarEditor.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.09.13 12:12:52 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.09.13 12:07:08 | 000,880,640 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2005.03.22 17:00:00 | 000,057,344 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB4RPK.EXE

========== Modules (SafeList) ==========

MOD - [2010.04.28 17:10:56 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiršoun\Plocha\OTL.exe
MOD - [2009.07.16 12:10:58 | 000,193,536 | ---- | M] () -- C:\Program Files\OSCAR Editor\Win32Share.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.04.22 08:02:10 | 002,325,816 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Šikovné programy\Antivir AVG\avgfws9.exe -- (avgfws9)
SRV - [2010.04.22 08:01:44 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Šikovné programy\Antivir AVG\avgemc.exe -- (avg9emc)
SRV - [2010.04.22 08:01:38 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Šikovné programy\Antivir AVG\avgwdsvc.exe -- (avg9wd)
SRV - [2010.04.22 08:01:24 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010.02.23 14:04:34 | 000,369,920 | ---- | M] () [On_Demand | Stopped] -- H:\Šikovné programy\Antivir AVG\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.10.30 04:34:02 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.04.28 16:32:05 | 000,025,616 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Jiršoun\Local Settings\temp\XNG5F.tmp -- (GarenaPEngine)
DRV - [2010.04.22 08:03:43 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010.04.22 08:03:43 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010.04.22 08:03:42 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.04.22 08:03:33 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.04.22 08:03:32 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.04.22 08:01:27 | 000,122,376 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010.04.22 08:01:26 | 000,030,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010.04.22 08:01:26 | 000,026,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\Šikovné programy\Antivir AVG\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010.04.22 08:01:02 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010.04.22 08:01:02 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010.02.10 22:36:16 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.09.28 01:12:21 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.08.21 22:24:10 | 000,057,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009.06.29 13:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.06.25 08:07:44 | 005,095,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.06.25 08:07:40 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.06.25 08:07:40 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2008.04.14 01:30:04 | 000,225,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.04.14 01:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 01:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.03.29 11:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 11:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2006.12.28 06:44:00 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2005.08.08 15:44:04 | 000,006,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MouseCap.sys -- (MouseCap)
DRV - [2005.01.07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2001.10.25 16:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.10.25 16:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-343818398-1580818891-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-343818398-1580818891-725345543-1003\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-343818398-1580818891-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {be524832-829b-53b6-1b4f-4f4d20c2d00f}:4.6.6.6
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: avg@igeared:4.002.023.004
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2269050&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: H:\Šikovné programy\Antivir AVG\Firefox [2010.04.22 08:01:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: H:\Šikovné programy\Antivir AVG\Toolbar\Firefox\avg@igeared [2010.04.22 08:03:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.13 13:05:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.16 23:00:58 | 000,000,000 | ---D | M]

[2010.01.12 21:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\Mozilla\Extensions
[2010.04.28 17:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\Mozilla\Firefox\Profiles\xi9t9af8.default\extensions
[2010.04.07 11:32:04 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Documents and Settings\Jiršoun\Data aplikací\Mozilla\Firefox\Profiles\xi9t9af8.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.04.07 14:38:56 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Data aplikací\Mozilla\Firefox\Profiles\xi9t9af8.default\searchplugins\conduit.xml
[2010.04.04 11:06:30 | 000,000,266 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Data aplikací\Mozilla\Firefox\Profiles\xi9t9af8.default\searchplugins\Search.xml
[2010.04.28 17:28:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.04 11:15:00 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{be524832-829b-53b6-1b4f-4f4d20c2d00f}
[2009.12.22 05:24:43 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.12.22 05:24:43 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.12.22 05:24:43 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.12.22 05:24:43 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.12.22 05:24:43 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.04.24 12:20:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Šikovné programy\Antivir AVG\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll ()
O2 - BHO: (everyflv) - {be763f45-ec5e-7351-a031-29725a5cb9e9} - C:\WINDOWS\system32\2-xA2a.dll ()
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-343818398-1580818891-725345543-1003\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [mspaint] C:\WINDOWS\System32\Paint.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-343818398-1580818891-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-343818398-1580818891-725345543-1003..\Run: [OscarEditor] C:\Program Files\OSCAR Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-343818398-1580818891-725345543-1003..\Run: [RGSC] C:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-1580818891-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-343818398-1580818891-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-343818398-1580818891-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKU\S-1-5-21-343818398-1580818891-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - H:\Šikovné programy\MS OFFICE\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\Šikovné programy\MS OFFICE\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - H:\Šikovné programy\Antivir AVG\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Šikovné programy\Antivir AVG\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.12 10:09:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.04.28 17:08:25 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.04.28 17:08:25 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.04.28 17:08:25 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.04.28 17:08:25 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.04.28 17:08:26 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [1998.03.16 21:30:14 | 000,000,050 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [1999.07.27 18:21:24 | 000,291,840 | R--- | M] () - I:\AutoRun.exe -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.28 17:10:55 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jiršoun\Plocha\OTL.exe
[2010.04.28 17:08:25 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010.04.28 16:55:23 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.04.27 14:34:53 | 011,624,176 | ---- | C] (LucasArts) -- C:\Documents and Settings\Jiršoun\Plocha\JKAcademy1_01.exe
[2010.04.26 20:49:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010.04.25 15:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Plocha\Enemy Territory 2.60b
[2010.04.25 14:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\PunkBuster
[2010.04.24 15:12:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Data aplikací\AVG9
[2010.04.24 14:04:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.04.24 12:15:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.04.24 12:03:24 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.04.23 06:29:55 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.22 08:11:07 | 000,000,000 | ---D | C] -- C:\$AVG
[2010.04.22 08:10:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\AVG Security Toolbar
[2010.04.22 08:03:44 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.04.22 08:03:43 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010.04.22 08:03:43 | 000,025,096 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010.04.22 08:03:40 | 000,242,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.04.22 08:03:32 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.04.22 08:03:30 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.04.22 08:03:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010.04.22 08:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2010.04.22 08:01:02 | 000,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2010.04.22 08:01:02 | 000,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2010.04.22 08:00:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010.04.22 08:00:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2010.04.19 10:26:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.04.19 10:26:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\Boss Media
[2010.04.14 20:35:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Plocha\plochaaa
[2010.04.12 18:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\TO2SAM
[2010.04.07 11:32:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\DVDVideoSoft
[2010.04.07 11:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.04.07 11:32:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\Conduit
[2010.04.07 11:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Dokumenty\DVDVideoSoft
[2010.04.07 11:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.04.07 11:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.04.06 14:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010.04.06 14:48:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA
[2010.04.06 14:48:20 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.04.06 14:48:19 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.04.06 14:48:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.04.06 14:48:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.04.06 14:48:18 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.04.06 14:48:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.04.06 14:48:17 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010.04.06 14:48:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010.04.06 14:48:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010.04.06 14:48:16 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010.04.06 14:48:16 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010.04.06 14:48:16 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010.04.06 14:48:15 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010.04.06 14:48:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010.04.06 14:36:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Data aplikací\DAEMON Tools Lite
[2010.04.06 14:36:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.04 13:17:52 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.04.04 11:35:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2010.04.04 11:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010.04.04 11:04:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\Cyberlink
[2010.04.04 11:03:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Dokumenty\CyberLink
[2010.04.04 11:03:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiršoun\Data aplikací\CyberLink
[2010.04.04 11:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CyberLink
[2010.04.04 11:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010.04.04 10:58:34 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.04.04 10:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.03.31 05:05:50 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.28 18:03:34 | 000,253,748 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.04.28 18:03:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.28 18:03:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.28 18:02:00 | 008,650,752 | -H-- | M] () -- C:\Documents and Settings\Jiršoun\NTUSER.DAT
[2010.04.28 17:16:07 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\cmd.bat
[2010.04.28 17:10:56 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiršoun\Plocha\OTL.exe
[2010.04.28 17:08:39 | 000,317,606 | ---- | M] () -- C:\UsbFix_Upload_Me_PAULIE.zip
[2010.04.28 15:02:55 | 001,777,578 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\UsbFix.exe
[2010.04.28 14:59:34 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\Nový objekt - Dokument aplikace Microsoft Word (2).doc
[2010.04.28 14:14:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.27 17:13:33 | 000,214,816 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.04.27 17:06:50 | 000,138,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.27 14:35:32 | 011,624,176 | ---- | M] (LucasArts) -- C:\Documents and Settings\Jiršoun\Plocha\JKAcademy1_01.exe
[2010.04.26 07:46:28 | 002,739,070 | -H-- | M] () -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\IconCache.db
[2010.04.25 15:13:48 | 005,806,971 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\ET_Patch_2_60.exe
[2010.04.25 12:47:06 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\etmin.exe
[2010.04.24 21:43:37 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jiršoun\defogger_reenable
[2010.04.24 14:04:03 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\Wolfenstein - Enemy Territory.lnk
[2010.04.24 12:20:26 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.24 12:20:00 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.04.22 20:58:48 | 000,018,944 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.22 20:30:52 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\RSIT.exe
[2010.04.22 18:25:04 | 059,133,905 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.04.22 08:03:46 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.04.22 08:03:46 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 9.0.lnk
[2010.04.22 08:03:43 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010.04.22 08:03:43 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010.04.22 08:03:42 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.04.22 08:03:33 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010.04.22 08:03:32 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.04.22 08:03:30 | 000,580,293 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010.04.22 08:03:30 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010.04.22 08:01:02 | 000,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2010.04.22 08:01:02 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2010.04.13 02:20:01 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.10 21:25:11 | 000,002,329 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\OSCAR Mouse Script Editor.lnk
[2010.04.07 12:53:03 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Dokumenty\johny save list.list
[2010.04.06 13:02:14 | 000,000,097 | ---- | M] () -- C:\Documents and Settings\Jiršoun\default.pls
[2010.04.06 07:46:25 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\technicka_zprava.doc
[2010.04.06 06:48:53 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Plocha\obalka.doc
[2010.04.04 13:20:27 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.04.04 13:20:27 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.04.04 13:16:44 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.04.04 13:16:36 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.04.04 13:11:02 | 000,000,491 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.04.04 11:15:00 | 000,111,513 | ---- | M] () -- C:\WINDOWS\System32\KWWdq-.exe
[2010.04.04 10:58:06 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010.04.04 10:58:06 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.04.04 10:06:48 | 000,002,592 | ---- | M] () -- C:\Documents and Settings\Jiršoun\Dokumenty\Souboj Titánů.mp3
[2010.04.04 10:03:46 | 000,000,055 | ---- | M] () -- C:\WINDOWS\crywmvtoavi.ini
[2010.04.04 10:03:46 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\SySwmvtoavi.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.28 17:16:07 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\cmd.bat
[2010.04.28 17:08:38 | 000,317,606 | ---- | C] () -- C:\UsbFix_Upload_Me_PAULIE.zip
[2010.04.28 15:02:53 | 001,777,578 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\UsbFix.exe
[2010.04.28 14:31:53 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\Nový objekt - Dokument aplikace Microsoft Word (2).doc
[2010.04.25 15:14:17 | 000,846,336 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\pbsetup.exe
[2010.04.25 15:13:14 | 005,806,971 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\ET_Patch_2_60.exe
[2010.04.25 14:54:28 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.25 14:54:09 | 000,214,816 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.04.25 14:54:09 | 000,214,816 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.04.25 14:54:04 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.04.25 12:47:06 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\etmin.exe
[2010.04.25 09:29:04 | 000,299,008 | ---- | C] () -- C:\WINDOWS\rm2uinst.exe
[2010.04.24 21:43:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jiršoun\defogger_reenable
[2010.04.24 14:04:03 | 000,000,523 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\Wolfenstein - Enemy Territory.lnk
[2010.04.22 20:30:49 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\RSIT.exe
[2010.04.22 08:03:46 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AVG 9.0.lnk
[2010.04.22 08:03:30 | 000,580,293 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010.04.22 08:03:30 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010.04.22 08:03:25 | 059,133,905 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.04.14 20:34:40 | 000,063,165 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\Protínání vpřed z úhlů.pdf
[2010.04.07 12:53:03 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Dokumenty\johny save list.list
[2010.04.06 06:50:20 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\Výpočet orientovaných směrů.xls
[2010.04.06 06:50:02 | 000,074,752 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\Centrační změny.xls
[2010.04.06 06:26:40 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Plocha\technicka_zprava.doc
[2010.04.04 13:11:32 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.04.04 13:11:31 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.04.04 11:21:32 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.04.04 11:06:44 | 000,111,513 | ---- | C] () -- C:\WINDOWS\System32\KWWdq-.exe
[2010.04.04 10:06:47 | 000,002,592 | ---- | C] () -- C:\Documents and Settings\Jiršoun\Dokumenty\Souboj Titánů.mp3
[2010.04.04 10:02:02 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2010.04.04 09:59:34 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySwmvtoavi.dat
[2010.03.26 15:18:59 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.03.26 15:18:59 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.03.26 15:18:59 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.03.22 12:15:22 | 001,122,304 | ---- | C] () -- C:\WINDOWS\System32\2-xA2a.dll
[2010.03.15 00:28:48 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.02.23 18:39:30 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010.02.14 15:30:43 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.07 17:12:20 | 000,066,936 | -HS- | C] () -- C:\WINDOWS\slinfo_0.drv
[2010.01.12 22:02:42 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010.01.12 16:32:32 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.01.12 14:42:42 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2010.01.12 13:36:56 | 000,002,359 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.01.12 13:36:54 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.12.19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.11 12:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.10.28 18:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005.08.08 15:44:04 | 000,006,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\MouseCap.sys
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll

========== LOP Check ==========

[2010.04.22 08:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2010.04.22 19:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2010.04.19 10:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.01.14 20:41:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.04.06 14:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.21 21:13:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Fallout3
[2010.02.05 20:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.01.14 01:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2010.02.05 20:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.01.12 20:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PCPitstop
[2010.04.04 10:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.04.24 15:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\AVG9
[2010.01.18 00:24:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\Canon
[2010.04.06 14:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\DAEMON Tools Lite
[2010.02.05 21:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\Nokia
[2010.02.05 21:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\PC Suite
[2010.01.13 16:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\Red Alert 3
[2010.03.11 22:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiršoun\Data aplikací\TS3Client

========== Purity Check ==========

< End of report >

#29 Příspěvek od **Caroprd111** » 28 dub 2010 18:26

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
DRV - [2010.04.28 16:32:05 | 000,025,616 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Jiršoun\Local Settings\temp\XNG5F.tmp -- (GarenaPEngine)
O2 - BHO: (everyflv) - {be763f45-ec5e-7351-a031-29725a5cb9e9} - C:\WINDOWS\system32\2-xA2a.dll ()
O4 - HKLM..\Run: [mspaint] C:\WINDOWS\System32\Paint.exe File not found
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2010.04.04 11:15:00 | 000,111,513 | ---- | M] () -- C:\WINDOWS\System32\KWWdq-.exe

:Files
C:\Program Files\Garena
E:\KFEd.exe.log 
E:\KF_revLoader.exe.log 
E:\KillingFloor.exe.log 
E:\Play.exe.log 
E:\revLoader.exe.log

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Paulie0001 · #30 Příspěvek od **Paulie0001** » 28 dub 2010 19:00

hotovo:
Jen bych se ještě chtěl ze zajímavosti něco zeptat..... Že je Garena červ, to už mi zde někdo vysvětloval, ale můžu se zeptat, co Killing Floor? Jsem jen nedávno četl, že je to nová hra tak jsem ji stáhl, ale už mne stejně omrzela..... A 2. otázka, jste mi nedávno poradil odinstalovat emulátory virtuálních mechanik (Power ISO/Deamon Tools). Chtěl bych se zeptat, či je to taky nějaká havěť nebo něco jiného.... Děkuji a zde posílám log:

All processes killed
========== OTL ==========
Service GarenaPEngine stopped successfully!
Service GarenaPEngine deleted successfully!
C:\Documents and Settings\Jiršoun\Local Settings\temp\XNG5F.tmp moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{be763f45-ec5e-7351-a031-29725a5cb9e9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be763f45-ec5e-7351-a031-29725a5cb9e9}\ deleted successfully.
C:\WINDOWS\system32\2-xA2a.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mspaint deleted successfully.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\ deleted successfully.
C:\WINDOWS\002301_.tmp deleted successfully.
C:\WINDOWS\003232_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET2B5.tmp deleted successfully.
C:\WINDOWS\System32\drivers\SET10C4.tmp deleted successfully.
C:\WINDOWS\system32\KWWdq-.exe moved successfully.
========== FILES ==========
File\Folder C:\Program Files\Garena not found.
E:\KFEd.exe.log moved successfully.
E:\KF_revLoader.exe.log moved successfully.
File move failed. E:\KillingFloor.exe.log scheduled to be moved on reboot.
E:\Play.exe.log moved successfully.
E:\revLoader.exe.log moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: Jiršoun
->Temp folder emptied: 1193035 bytes
->Temporary Internet Files folder emptied: 33556 bytes
->FireFox cache emptied: 76393189 bytes
->Flash cache emptied: 58948 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 693147 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 75,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Jiršoun
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.3.0 log created on 04282010_194631

Files\Folders moved on Reboot...
E:\KillingFloor.exe.log moved successfully.

Registry entries deleted on Reboot...

VIRY.CZ

po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC

Re: po odstranění viru se brutálně zpomalil PC