spravce zařízení

Zpráva

mahajana · #16 Příspěvek od **mahajana** » 17 čer 2010 16:12

brankar píše:dobrý den motji tak nakonec to bylo vyply ve službach asi dostane syn po jinak vše zobrazeno

dejte mu jinak do

.....

http://www.microsoft.com/cze/athome/sec ... count.mspx

#17 Příspěvek od **motji** » 17 čer 2010 20:25

Taky mě to časem čeká, nezbedné dětičky

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O3 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:63238B95
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

brankar · #18 Příspěvek od **brankar** » 18 čer 2010 09:32

tady je log ...Jinak tohle otl PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)asi nemohlo smazat protože to zůstalo půl hodiny v čistcíim režimu a nic se nedělo

All processes killed
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, => in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:63238B95> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9> in the current context!
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP132.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP136.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP324.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP417.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE0.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI142.tmp moved successfully.
C:\WINDOWS\Installer\MSI18.tmp moved successfully.
C:\WINDOWS\Installer\MSI35.tmp moved successfully.
C:\WINDOWS\Installer\MSI47.tmp moved successfully.
C:\WINDOWS\Installer\MSI54.tmp moved successfully.
C:\WINDOWS\Installer\MSIA.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5570685 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 7001 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: user
->Temp folder emptied: 10946321 bytes
->Temporary Internet Files folder emptied: 360742 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2033 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65536 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 164267302 bytes

Total Files Cleaned = 173,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.6.0 log created on 06182010_102431

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#19 Příspěvek od **motji** » 18 čer 2010 09:38

Nesmazalo se to, nevím proč

. Prosím zkuste spustit ještě tento skript.

Kód: Vybrat vše

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O3 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:63238B95
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

:commands
[Reboot]

brankar · #20 Příspěvek od **brankar** » 18 čer 2010 09:43

Zase stejný problém jak dlouho se to má mazat ,hodilo to hlášku tento program neodpovida když jsem chtěl ukončit OTL

#21 Příspěvek od **motji** » 18 čer 2010 09:49

Zkuste ho spustit v nouzovém režimu.

brankar · #22 Příspěvek od **brankar** » 18 čer 2010 09:57

zase to same zůstane to vyset

a zas ta hlaška tento program neodpovídá

#23 Příspěvek od **motji** » 18 čer 2010 09:59

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

brankar · #24 Příspěvek od **brankar** » 18 čer 2010 10:03

Mám ho spustit v normalnim režimu nebo v nouzovim

#25 Příspěvek od **motji** » 18 čer 2010 10:07

V normálním režimu

brankar · #26 Příspěvek od **brankar** » 18 čer 2010 10:33

ComboFix 10-06-17.02 - user 18.06.2010 11:13:43.47.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.262 [GMT 2:00]
Spuštěný z: c:\documents and settings\user\Plocha\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\win.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-18 do 2010-06-18 )))))))))))))))))))))))))))))))
.

2010-06-18 07:26 . 2010-06-18 07:26 -------- d-----w- C:\_OTL
2010-06-16 14:44 . 2010-06-16 14:44 -------- d-----w- c:\program files\Lavalys
2010-06-15 11:58 . 2010-06-15 11:58 -------- d-----w- c:\program files\Marcos Velasco Security
2010-06-15 10:50 . 2010-06-15 10:50 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-06-15 09:53 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-15 09:52 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-06-15 09:49 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-06-14 07:55 . 2010-06-14 07:55 -------- d-sh--w- c:\documents and settings\All Users\DRM
2010-06-14 05:33 . 2010-06-14 05:40 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-06-14 05:33 . 2010-06-14 05:40 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-06-14 05:33 . 2010-06-14 05:40 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-06-05 09:39 . 2010-06-05 09:39 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 14:54 . 2010-06-02 14:54 -------- d-----w- c:\program files\LucasArts
2010-05-31 09:40 . 2010-05-31 09:40 61 --sh--w- c:\windows\cnerolf.dat
2010-05-30 18:35 . 2010-05-30 18:35 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-05-30 18:34 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-15 10:39 . 2006-03-02 12:00 91866 ----a-w- c:\windows\system32\perfc005.dat
2010-06-15 10:39 . 2006-03-02 12:00 469558 ----a-w- c:\windows\system32\perfh005.dat
2010-06-12 15:49 . 2009-10-26 12:45 -------- d-----w- c:\program files\Microsoft Games
2010-06-11 16:54 . 2008-10-17 21:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-10 09:15 . 2010-04-25 09:07 -------- d-----w- c:\program files\Centauri
2010-06-10 08:53 . 2010-06-04 06:36 56788 ----a-w- c:\windows\system32\drivers\kwflower.log
2010-06-04 08:58 . 2010-06-04 06:40 4972 ----a-w- c:\windows\system32\drivers\kwfupper.log
2010-06-03 08:09 . 2009-06-08 05:52 -------- d-----w- c:\program files\trend micro
2010-06-02 18:38 . 2009-07-09 18:19 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-05-30 18:36 . 2008-12-24 18:35 -------- d-----w- c:\program files\Samsung
2010-05-25 17:08 . 2010-01-24 11:55 -------- d-----w- c:\program files\EA GAMES
2010-05-22 13:35 . 2010-05-06 16:46 -------- d-----w- c:\program files\3D Driving-School
2010-05-22 09:43 . 2009-10-10 16:24 -------- d-----w- c:\program files\Electronic Arts
2010-05-09 17:33 . 2008-10-26 06:54 -------- d-----w- c:\program files\EA Sports
2010-05-09 17:07 . 2010-02-01 19:25 -------- d-----w- c:\program files\KONAMI
2010-05-09 16:08 . 2010-02-02 12:16 451072 ----a-w- c:\windows\Radeon Omega Drivers v2.6.87 Uninstall.exe
2010-05-09 16:08 . 2010-05-09 16:08 -------- d-----w- c:\program files\Radeon Omega Drivers
2010-05-09 14:39 . 2010-05-09 14:39 -------- d-----w- c:\program files\ATI Technologies
2010-05-09 13:42 . 2009-10-03 14:02 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-06 10:35 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-05 10:00 . 2010-02-18 11:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-02 08:09 . 2008-04-14 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2010-02-18 11:21 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-02-18 11:21 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-21 16:12 . 2010-04-21 16:12 -------- d-----w- c:\program files\18 WoS Pedal to the Metal
2010-04-20 05:32 . 2008-04-14 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-01-06 12:46 . 2010-01-06 12:23 209 ----a-w- c:\program files\operaprefs_default.ini
2009-11-20 18:11 . 2009-11-20 18:11 15828 ----a-w- c:\program files\license.rtf
2009-11-20 18:01 . 2009-11-20 18:01 832296 ----a-w- c:\program files\opera.exe
2009-11-20 18:01 . 2009-11-20 18:01 4450088 ----a-w- c:\program files\opera.dll
2009-11-20 18:00 . 2009-11-20 18:00 653419 ----a-w- c:\program files\encoding.bin
2009-06-17 13:41 . 2009-06-17 13:41 3870 ----a-w- c:\program files\lngcode.txt
2004-02-26 12:35 . 2004-02-26 12:35 7904 ----a-w- c:\program files\html40_entities.dtd
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-02-02 1800464]
"AtiPTA"="atiptaxx.exe" [2005-11-23 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 12:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2010\\fm.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\opera.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27.1.2009 11:14 64160]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [21.4.2009 10:57 134344]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 10:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.2.2010 10:15 66632]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [3.2.2010 21:50 45696]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [3.2.2010 21:50 56960]
S3 ATICDSDr;ATICDSDr; [x]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [18.8.2005 7168]
S3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [24.6.2008 10:36 65024]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer;c:\windows\system32\DRIVERS\kwflower.sys --> c:\windows\system32\DRIVERS\kwflower.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [18.2.2010 13:21 38224]
S3 pbfilter;pbfilter; [x]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.2.2010 10:15 12872]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.10.2009 19:15 721904]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com
uStart Page = about:blank
mStart Page =
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {7E1B775D-FB9F-4945-8B6B-60D8BA4F52C7} = 10.1.1.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-18 11:25
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet006\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1409082233-1580818891-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1409082233-1580818891-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b7,4a,67,15,5b,a9,6a,5b,cd,e9,29,0d,e8,6d,03,26,ab,ed,d4,03,b1,05,91,
9e,12,18,64,cd,52,6a,9b,30,35,dd,39,6d,c6,2c,07,28,e0,cc,4d,3d,fe,d3,a7,b4,\
"??"=hex:8a,95,0c,91,36,dd,90,2c,2c,e3,05,7a,7a,8f,80,cc

[HKEY_USERS\S-1-5-21-1409082233-1580818891-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:01,38,c0,f0,9f,86,ce,1b,9b,97,ec,02,a1,a1,36,1d,98,51,81,c5,8c,
68,61,8a,14,b7,48,c9,32,14,df,e7,50,bc,54,d5,aa,8d,f6,19,7a,aa,ed,ff,ce,8b,\
"rkeysecu"=hex:03,a4,a8,d4,d9,9b,91,ef,48,52,9f,6c,1c,34,21,ac
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(628)
c:\windows\system32\guard32.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(684)
c:\windows\system32\guard32.dll
.
Celkový čas: 2010-06-18 11:31:29
ComboFix-quarantined-files.txt 2010-06-18 09:31

Před spuštěním: Volných bajtů: 57 465 626 624
Po spuštění: Volných bajtů: 57 413 894 144

Current=6 Default=6 Failed=1 LastKnownGood=7 Sets=1,2,3,4,5,6,7
- - End Of File - - A1B79E0FABC3091448C11A91A69D41D8

#27 Příspěvek od **motji** » 18 čer 2010 10:35

Fajn, můžete ještě jednou spustit OTL bez skriptu?

brankar · #28 Příspěvek od **brankar** » 18 čer 2010 10:40

A mám něco zaškrtnout

brankar · #29 Příspěvek od **brankar** » 18 čer 2010 11:04

tady je OTL

OTL logfile created on: 18.6.2010 11:45:05 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\user\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 180,00 Mb Available Physical Memory | 35,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 53,50 Gb Free Space | 35,90% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VLASTN-81FD8C78
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.18 09:23:59 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
PRC - [2010.02.02 13:42:15 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009.11.20 20:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\opera.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.06.18 09:23:59 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
MOD - [2010.02.02 13:42:47 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.05.03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.02.02 13:42:15 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.06.10 10:53:46 | 000,056,788 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2010.06.02 20:38:51 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.02.17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010.02.17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010.02.02 13:42:46 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2009.10.10 19:15:45 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.03.15 12:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.03.05 11:32:39 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008.10.30 11:21:03 | 000,075,072 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2008.06.24 10:36:14 | 000,065,024 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kvpndrv.sys -- (kvpndev)
DRV - [2008.04.13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007.05.02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007.03.01 10:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.11.23 04:50:50 | 001,410,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.08.18 00:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - [2005.07.15 16:02:41 | 000,056,960 | ---- | M] (OrangeWare Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ousb2hub.sys -- (ousb2hub)
DRV - [2005.07.15 16:02:30 | 000,045,696 | ---- | M] (OrangeWare Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ousbehci.sys -- (ousbehci)
DRV - [2005.01.14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.10.28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.30 17:36:24 | 000,637,713 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.02.24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002.07.24 04:30:00 | 000,032,128 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A A0 D6 E0 EA 69 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2010.06.18 11:24:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Dokumenty\Obrázky\01F1GPAUS3517.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Dokumenty\Obrázky\01F1GPAUS3517.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.06.18 11:35:31 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.06.18 11:11:32 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.06.18 11:11:32 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.06.18 11:11:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.06.18 11:11:31 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.06.18 11:11:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.06.18 11:11:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.06.18 09:26:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.06.18 09:23:59 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.06.16 22:50:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010.06.16 16:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010.06.15 13:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Marcos Velasco Security
[2010.06.15 13:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Plocha\mvregclean59-br
[2010.06.15 12:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010.06.15 11:53:27 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.15 11:52:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.06.15 11:49:01 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010.06.15 11:49:01 | 000,017,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010.06.14 09:55:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010.06.11 19:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\Flight Simulator X Files
[2010.06.11 19:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\Crack
[2010.06.05 11:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.06.04 12:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\BLOKOVANI
[2010.06.04 08:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Data aplikací\Kerio
[2010.06.02 20:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Data aplikací\LogMeIn Hamachi
[2010.06.02 20:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
[2010.06.02 16:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2010.05.30 20:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers

========== Files - Modified Within 30 Days ==========

[2010.06.18 11:38:46 | 000,005,210 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.18 11:25:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.18 11:24:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.18 11:04:08 | 003,714,040 | R--- | M] () -- C:\Documents and Settings\user\Plocha\ComboFix.exe
[2010.06.18 11:01:27 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.18 11:01:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.18 10:25:08 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\user\ntuser.dat
[2010.06.18 10:25:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010.06.18 09:23:59 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.06.17 20:18:33 | 000,019,788 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\podri.jpg
[2010.06.17 16:42:23 | 002,645,156 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\IconCache.db
[2010.06.17 12:45:54 | 000,000,676 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.06.17 12:45:54 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2010.06.16 22:44:18 | 000,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.16 16:44:09 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\user\Plocha\EVEREST Home Edition.lnk
[2010.06.16 12:02:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.15 13:58:29 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MV RegClean 5.9.lnk
[2010.06.15 13:57:49 | 001,432,604 | ---- | M] () -- C:\Documents and Settings\user\Plocha\mvregclean59-br.zip
[2010.06.15 12:39:20 | 001,085,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.15 12:39:20 | 000,471,496 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.15 12:39:20 | 000,469,558 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.15 12:39:20 | 000,091,866 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.15 12:39:20 | 000,078,808 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.14 08:35:07 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.14 07:40:54 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.06.14 07:40:54 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.06.14 07:40:54 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.06.13 18:37:15 | 000,055,828 | -H-- | M] () -- C:\treeinfo.wc
[2010.06.12 17:44:55 | 000,000,374 | ---- | M] () -- C:\WINDOWS\cfplogvw.INI
[2010.06.12 15:06:51 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Flight Simulator 2004.lnk
[2010.06.12 14:15:44 | 000,041,656 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.12 10:42:35 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\spider.sav
[2010.06.08 07:21:17 | 000,000,127 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.06.02 20:38:51 | 000,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2010.06.02 16:57:29 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Launch Star Wars JK Jedi Academy.lnk
[2010.05.31 11:40:52 | 000,000,061 | -HS- | M] () -- C:\WINDOWS\cnerolf.dat
[2010.05.29 10:11:56 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Microsoft Office Word 2003.lnk

========== Files Created - No Company Name ==========

[2010.06.18 11:11:32 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.06.18 11:11:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.06.18 11:11:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.06.18 11:11:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.06.18 11:04:03 | 003,714,040 | R--- | C] () -- C:\Documents and Settings\user\Plocha\ComboFix.exe
[2010.06.17 17:16:03 | 000,019,788 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\podri.jpg
[2010.06.16 16:44:09 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\user\Plocha\EVEREST Home Edition.lnk
[2010.06.15 13:58:29 | 000,000,957 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MV RegClean 5.9.lnk
[2010.06.15 13:57:49 | 001,432,604 | ---- | C] () -- C:\Documents and Settings\user\Plocha\mvregclean59-br.zip
[2010.06.14 07:33:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.06.14 07:33:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.06.14 07:33:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.06.12 15:06:49 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Flight Simulator 2004.lnk
[2010.06.11 19:32:06 | 001,601,868 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\Crack.rar
[2010.06.02 16:57:21 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Launch Star Wars JK Jedi Academy.lnk
[2010.05.31 11:40:52 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.dat
[2010.05.30 20:34:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.01.24 09:45:25 | 000,000,620 | ---- | C] () -- C:\WINDOWS\RegGenie.ini
[2010.01.17 17:52:45 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.12.27 11:26:08 | 000,000,158 | ---- | C] () -- C:\WINDOWS\TSDataEx.ini
[2009.08.23 18:45:12 | 000,000,127 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.07.16 07:49:24 | 000,139,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.27 16:59:51 | 000,000,146 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2009.06.08 19:08:47 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.05.20 14:45:42 | 000,000,374 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009.04.01 14:08:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.03.10 11:13:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009.01.27 10:01:15 | 000,000,055 | ---- | C] () -- C:\WINDOWS\cryvideotoavi.ini
[2008.12.27 10:59:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.12.26 12:13:47 | 000,000,024 | ---- | C] () -- C:\WINDOWS\sysc_drv.ini
[2008.11.29 21:32:55 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wintab32.dll
[2008.10.18 00:27:43 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.10.18 00:27:38 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.10.18 00:27:38 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.10.18 00:27:37 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.10.18 00:21:07 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.17 23:50:39 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2008.10.17 23:50:38 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2008.10.17 23:33:54 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008.10.17 23:27:42 | 000,005,210 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.10.15 13:57:54 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ktzlib80_1.2.3.dll
[2008.01.24 03:49:14 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\fs2cchk4.dll
[2007.06.19 09:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.20 08:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004.06.27 22:49:42 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:63238B95
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
< End of report >

brankar · #30 Příspěvek od **brankar** » 18 čer 2010 11:58

TADY JE TO ZNOVU

OTL logfile created on: 18.6.2010 12:21:44 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\user\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 249,00 Mb Available Physical Memory | 49,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 53,49 Gb Free Space | 35,89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VLASTN-81FD8C78
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.18 09:23:59 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
PRC - [2010.02.02 13:42:15 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009.11.20 20:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\opera.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.06.18 09:23:59 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
MOD - [2010.02.02 13:42:47 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2008.05.13 09:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008.04.14 14:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.05.03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.02.02 13:42:15 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.06.10 10:53:46 | 000,056,788 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2010.06.02 20:38:51 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.02.17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010.02.17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010.02.02 13:42:46 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2009.10.10 19:15:45 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.03.15 12:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.03.05 11:32:39 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008.10.30 11:21:03 | 000,075,072 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2008.06.24 10:36:14 | 000,065,024 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kvpndrv.sys -- (kvpndev)
DRV - [2008.04.13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007.05.02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007.03.01 10:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.11.23 04:50:50 | 001,410,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.08.18 00:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - [2005.07.15 16:02:41 | 000,056,960 | ---- | M] (OrangeWare Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ousb2hub.sys -- (ousb2hub)
DRV - [2005.07.15 16:02:30 | 000,045,696 | ---- | M] (OrangeWare Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ousbehci.sys -- (ousbehci)
DRV - [2005.01.14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.10.28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.30 17:36:24 | 000,637,713 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.02.24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002.07.24 04:30:00 | 000,032,128 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A A0 D6 E0 EA 69 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2010.06.18 11:24:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Dokumenty\Obrázky\01F1GPAUS3517.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Dokumenty\Obrázky\01F1GPAUS3517.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.06.18 11:35:31 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.06.18 11:11:32 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.06.18 11:11:32 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.06.18 11:11:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.06.18 11:11:31 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.06.18 11:11:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.06.18 11:11:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.06.18 09:26:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.06.18 09:23:59 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.06.16 22:50:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010.06.16 16:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010.06.15 13:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Marcos Velasco Security
[2010.06.15 13:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Plocha\mvregclean59-br
[2010.06.15 12:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010.06.15 11:53:27 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.15 11:52:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.06.15 11:49:01 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010.06.15 11:49:01 | 000,017,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010.06.14 09:55:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010.06.11 19:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\Flight Simulator X Files
[2010.06.11 19:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\SPUSTENI HRY
[2010.06.05 11:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.06.04 12:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\BLOKOVANI
[2010.06.04 08:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Data aplikací\Kerio
[2010.06.02 20:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Data aplikací\LogMeIn Hamachi
[2010.06.02 20:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
[2010.06.02 16:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2010.05.30 20:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers

========== Files - Modified Within 30 Days ==========

[2010.06.18 12:21:41 | 000,005,160 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.18 12:12:20 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.18 11:25:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.18 11:24:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.18 11:04:08 | 003,714,040 | R--- | M] () -- C:\Documents and Settings\user\Plocha\ComboFix.exe
[2010.06.18 11:01:27 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.18 11:01:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.18 10:25:08 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\user\ntuser.dat
[2010.06.18 10:25:08 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010.06.18 09:23:59 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.06.17 20:18:33 | 000,019,788 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\podri.jpg
[2010.06.17 16:42:23 | 002,645,156 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\IconCache.db
[2010.06.17 12:45:54 | 000,000,676 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.06.17 12:45:54 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2010.06.16 22:44:18 | 000,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.16 16:44:09 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\user\Plocha\EVEREST Home Edition.lnk
[2010.06.16 12:02:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.15 13:58:29 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MV RegClean 5.9.lnk
[2010.06.15 13:57:49 | 001,432,604 | ---- | M] () -- C:\Documents and Settings\user\Plocha\mvregclean59-br.zip
[2010.06.15 12:39:20 | 001,085,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.15 12:39:20 | 000,471,496 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.15 12:39:20 | 000,469,558 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.15 12:39:20 | 000,091,866 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.15 12:39:20 | 000,078,808 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.14 07:40:54 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.06.14 07:40:54 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.06.14 07:40:54 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.06.13 18:37:15 | 000,055,828 | -H-- | M] () -- C:\treeinfo.wc
[2010.06.12 17:44:55 | 000,000,374 | ---- | M] () -- C:\WINDOWS\cfplogvw.INI
[2010.06.12 15:06:51 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Flight Simulator 2004.lnk
[2010.06.12 14:15:44 | 000,041,656 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.12 10:42:35 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\spider.sav
[2010.06.08 07:21:17 | 000,000,127 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.06.02 20:38:51 | 000,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2010.06.02 16:57:29 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Launch Star Wars JK Jedi Academy.lnk
[2010.05.31 11:40:52 | 000,000,061 | -HS- | M] () -- C:\WINDOWS\cnerolf.dat
[2010.05.29 10:11:56 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Microsoft Office Word 2003.lnk

========== Files Created - No Company Name ==========

[2010.06.18 11:11:32 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.06.18 11:11:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.06.18 11:11:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.06.18 11:11:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.06.18 11:04:03 | 003,714,040 | R--- | C] () -- C:\Documents and Settings\user\Plocha\ComboFix.exe
[2010.06.17 17:16:03 | 000,019,788 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\podri.jpg
[2010.06.16 16:44:09 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\user\Plocha\EVEREST Home Edition.lnk
[2010.06.15 13:58:29 | 000,000,957 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MV RegClean 5.9.lnk
[2010.06.15 13:57:49 | 001,432,604 | ---- | C] () -- C:\Documents and Settings\user\Plocha\mvregclean59-br.zip
[2010.06.14 07:33:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.06.14 07:33:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.06.14 07:33:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.06.12 15:06:49 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Flight Simulator 2004.lnk
[2010.06.11 19:32:06 | 001,601,868 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\Crack.rar
[2010.06.02 16:57:21 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Launch Star Wars JK Jedi Academy.lnk
[2010.05.31 11:40:52 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.dat
[2010.05.30 20:34:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.01.24 09:45:25 | 000,000,620 | ---- | C] () -- C:\WINDOWS\RegGenie.ini
[2010.01.17 17:52:45 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.12.27 11:26:08 | 000,000,158 | ---- | C] () -- C:\WINDOWS\TSDataEx.ini
[2009.08.23 18:45:12 | 000,000,127 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.07.16 07:49:24 | 000,139,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.27 16:59:51 | 000,000,146 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2009.06.08 19:08:47 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.05.20 14:45:42 | 000,000,374 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009.04.01 14:08:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.03.10 11:13:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009.01.27 10:01:15 | 000,000,055 | ---- | C] () -- C:\WINDOWS\cryvideotoavi.ini
[2008.12.27 10:59:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.12.26 12:13:47 | 000,000,024 | ---- | C] () -- C:\WINDOWS\sysc_drv.ini
[2008.11.29 21:32:55 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wintab32.dll
[2008.10.18 00:27:43 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.10.18 00:27:38 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.10.18 00:27:38 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.10.18 00:27:37 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.10.18 00:21:07 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.17 23:50:39 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2008.10.17 23:50:38 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2008.10.17 23:33:54 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008.10.17 23:27:42 | 000,005,160 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.10.15 13:57:54 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ktzlib80_1.2.3.dll
[2008.01.24 03:49:14 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\fs2cchk4.dll
[2007.06.19 09:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.20 08:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004.06.27 22:49:42 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:63238B95
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
< End of report >

OTL Extras logfile created on: 18.6.2010 12:21:44 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\user\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 249,00 Mb Available Physical Memory | 49,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 53,49 Gb Free Space | 35,89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VLASTN-81FD8C78
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010 -- (Sports Interactive)
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe" = C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Disabled:Microsoft Flight Simulator -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\opera.exe" = C:\Program Files\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = CCC
"{06053AB3-B607-B752-3252-4A2EA9E9761E}" = CCC Help Dutch
"{083A7AA2-8871-42B0-8513-7428F44DFC38}" = MariusSoft Disk Scrubber
"{0A9C9BD5-8588-40D4-8A1A-860E3D2ED6EE}" = NBA 2K10
"{0B4A8658-43F1-50CA-AF30-C67E3AE2C9ED}" = CCC Help Greek
"{0CC61470-D776-2353-D5CB-C7BC20204863}" = CCC Help Finnish
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{0F55F69B-FB6C-5157-A5DC-B8AC58048A1A}" = ATI Catalyst Install Manager
"{1043E281-B080-4947-9BD7-3F1D233BF6D2}" = WinXP Manager
"{12655AB3-9285-A2F0-5BBC-C5C45E4D718C}" = CCC Help Czech
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{24700C01-3A72-29D4-001B-6EE6BF71EB5E}" = CCC Help Korean
"{26262388-95BF-58B0-CD46-A8F957BB67BF}" = Catalyst Control Center Graphics Full Existing
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{329376FB-FB6C-C587-F483-07E3418456F5}" = ccc-utility
"{33A38A8B-9E1E-BCBB-EA87-CE797EC75080}" = CCC Help Chinese Traditional
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369EEB32-64D1-F22A-1B2C-A3E81582E767}" = CCC Help Japanese
"{38AD6EA4-BBC1-4A95-B792-9950D48E2171}" = Kerio Visual C++ 2005 redistributable permanent package
"{3EBC0693-0A27-4B50-90A1-A8B688911C7A}" = Samsung PC Studio 3
"{3FCD8F30-057D-C96F-AEF4-B0D77DE9730C}" = CCC Help Portuguese
"{46605BDE-7F82-DB0F-7906-3279A7E639BE}" = Catalyst Control Center Localization All
"{480A8E00-D808-7D79-977B-CEBBB3BEB409}" = CCC Help French
"{48C7FD10-D6AD-8EE0-2E8E-0480C4EEB1BD}" = Catalyst Control Center HydraVision Full
"{5CA7ABC3-5F89-3A1D-A113-046EA4C7FCEB}" = ccc-core-static
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F77AD48-BA04-F868-2D04-FC1BFF5E00BA}" = Catalyst Control Center Graphics Light
"{7104189A-C592-4A56-AC9E-7C0CA135DA3C}" = AGEIA PhysX v6.10.25
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{788907C5-C83B-9785-A1F0-67050017324E}" = CCC Help Spanish
"{7914BE1E-F186-4790-B8F4-9F63C52A41C1}" = Medal of Honor Allied Assault(tm) Spearhead
"{7F5F1767-88C6-CBFC-5DD3-D853343FD5AE}" = CCC Help German
"{84DE3702-3262-BE38-27E8-5ED423D803C6}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{95053B5A-42E0-830E-85BD-733FAFC28BA7}" = ccc-core-preinstall
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{9B40D533-4F38-893D-EE5A-17226104BBC2}" = Skins
"{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis 3
"{9B94BE6F-7CA3-4C40-A266-62667FF746CC}" = Ovladače ATI
"{A08CB73B-5DEA-185D-5D98-2230004D75ED}" = CCC Help Danish
"{A22D91C3-E7BD-CBEE-7CDC-DE4C42FA27B7}" = CCC Help Hungarian
"{A2A5C34C-BD78-4505-9E57-AFCDF2FB926C}" = Autodesk DWF Writer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD0DD974-ADC2-8C10-DFA6-C1203A6E5106}" = CCC Help Polish
"{B014F739-B305-5319-D996-6612BD60ED74}" = CCC Help Swedish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C570CAF4-D734-5412-C842-9AB150803074}" = Catalyst Control Center Core Implementation
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01F5B2C-2776-6C46-441C-E819C08DF4FF}" = CCC Help Turkish
"{D2FCA53F-F568-D08A-458F-F7C9769A30ED}" = CCC Help Norwegian
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D89B70AB-CF91-36A4-8658-FACA3AF6A654}" = Catalyst Control Center Graphics Previews Common
"{DE6A7775-D036-4216-AD8A-2ACBAC49F532}" = WinXP Manager
"{DF1274DC-02D4-B2D7-6197-5D24E1EF84B1}" = CCC Help Thai
"{E000D42E-5842-20A6-EEB1-6DED8C2746C5}" = CCC Help Italian
"{E7679B31-21F5-4AAE-1620-0DFACF702325}" = Catalyst Control Center Graphics Full New
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F83491F9-7CDF-46A7-9994-9E002CE5CE75}" = CCC Help Russian
"{F85B3B0A-E302-4B67-9220-6B57F075B311}" = ATI Catalyst Control Center
"{F8CCEF4F-6EEF-4B81-B70D-821E72451D93}" = Opera 9.61
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter a Princ Dvojí Krve™
"{FDE409B1-1FF3-DC39-083E-C0F4ED496D5E}" = CCC Help English
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"18 Wheels of Steel Pedal to the Metal" = 18 Wheels of Steel Pedal to the Metal
"3D Driving-School" = 3D Driving-School
"7-Zip" = 7-Zip 4.65
"AbsoluteShield File Shredder_is1" = AbsoluteShield File Shredder
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ares" = Ares 2.1.0
"ATI Display Driver" = ATI Display Driver (Omega 2.6.87)
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner (remove only)
"COMODO Internet Security" = COMODO Internet Security
"Creation Master 10_is1" = Creation Master 10 Release 10.1
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FarmingSimulator2009DE_is1" = Landwirtschafts-Simulator 2009
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Football Manager 2010" = Football Manager 2010
"Free Mp3/Wma/Ogg Converter_is1" = Free Mp3/Wma/Ogg Converter 4.0.1
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.8.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Midtown Madness Demo" = Microsoft Midtown Madness Trial Version
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MV RegClean 5.9_is1" = MV RegClean 5.9
"PowerISO" = PowerISO
"Radeon Omega Drivers for Windows 2k/XPv2.6.87" = Radeon Omega Drivers v2.6.87 Setup Files and Tools
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"Star Wars: Jedi Knight - Jedi Academy CZ" = Star Wars: Jedi Knight - Jedi Academy CZ
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Messenger Update" = Messenger Update
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

VIRY.CZ

spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení

Re: spravce zařízení