VIRY.CZ

Ahoj, dneska me sestra zavolala, ze ji AVG ohlasil nejaky spyware. Tak sem si rikal, ze zkusim stahnout RSIT a hodit log sem. Bohuzel, pri pristupu na viry.cz kurzor mysi zmrznul a bylo nutno restartovat, tak sem prinesl rsit rovnou na flashce a zkusit spustit -> klasicka windows chyba 'Neodesilat'. To same i v nouzovem rezimu.

Rad bych tedy pozadal o radu, jak tenhle zapeklitejsi problem vyresit, diky.

Jeste bych se chtel zeptat, jaky je idealni trio zabezpeceni - antivir+firewall+antispyware - zdarma?

Zdravím

Stáhněte http://oldtimer.geekstogo.com/OTLPE.iso nebo http://ottools.noahdfear.net/OTLPE.iso

Vypalte obraz disku pomocí nějakého vypalovacího programu (Nero, Active ISO Burner http://www.stahuj.centrum.cz/multimedia ... -burner/?g)
Vypálené CD vložte do mechaniky počítače, na kterém máte problém.
Restartujte PC a nabootujte z CD.
Po naběhnutí bude na ploše ikona "OTL", dvojklikem spusťte.
Log vložte sem.

Doporučil bych Aviru nebo Avast + ZoneAlarm.

OTL logfile created on: 4/15/2010 11:14:27 PM - Run
OTLPE by OldTimer - Version 3.1.37.1 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 324.00 Mb Available Physical Memory | 63.00% Memory free
459.00 Mb Paging File | 340.00 Mb Available in Paging File | 74.00% Paging File free
Paging file location(s): S:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.42 Gb Total Space | 67.73 Gb Free Space | 63.05% Space Free | Partition Type: NTFS
Drive D: | 498.42 Mb Total Space | 206.60 Mb Free Space | 41.45% Space Free | Partition Type: FAT
Drive E: | 4.37 Gb Total Space | 3.61 Gb Free Space | 82.72% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (ATI Smart)
SRV - [2010/04/09 08:02:53 | 002,325,816 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/04/09 08:01:56 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/04/09 08:01:35 | 005,888,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/02/23 08:04:34 | 000,369,920 | ---- | M] () [On_Demand] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008/05/21 07:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2007/04/02 02:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (dtscsi)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Auto] -- -- (bsaspi32)
DRV - [2010/04/09 08:05:01 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/04/09 08:04:57 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/04/09 08:04:56 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/04/09 08:04:56 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/04/09 08:04:52 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/09 08:01:38 | 000,122,376 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010/04/09 08:01:38 | 000,030,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010/04/09 08:01:37 | 000,026,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010/04/09 08:01:16 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/04/09 08:01:16 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2008/06/20 07:08:27 | 000,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/05/02 04:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/02 04:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/01/01 11:38:05 | 000,715,248 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006/05/13 05:28:09 | 000,010,578 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006/03/09 09:29:00 | 003,650,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/12/10 06:48:46 | 000,024,704 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2004/12/10 06:48:40 | 000,068,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004/12/10 06:48:18 | 000,036,480 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2004/12/10 06:48:08 | 000,052,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2004/12/10 06:47:58 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2004/09/17 12:13:16 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto] -- C:\WINDOWS\system32\STEC3.sys -- (STEC3)
DRV - [2004/08/17 18:43:38 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/09 07:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004/08/09 07:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004/07/19 10:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2003/12/24 00:43:42 | 000,256,512 | R--- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mrv8k51.sys -- (W8100PCI)
DRV - [2003/12/01 11:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/07/18 04:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (sisagp)
DRV - [2003/06/13 03:53:06 | 000,015,232 | ---- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003/01/29 02:55:22 | 000,006,841 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gflmouhid.sys -- (genmcmnUSB)
DRV - [2002/10/16 05:27:02 | 000,947,884 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002/08/20 05:19:08 | 000,009,472 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf)
DRV - [2002/07/30 04:46:28 | 000,005,760 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2002/06/12 23:37:16 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/05/28 04:21:10 | 000,048,896 | R--- | M] (Windows (R) 2000 DDK provider) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex)
DRV - [2001/08/17 18:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 16:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\qv2kux.sys -- (QV2KUX)
DRV - [2001/08/17 16:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029) Realtek RTL8029(AS)
DRV - [1999/09/10 08:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ASPI32.sys -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/04/09 08:01:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/04/12 11:42:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/31 08:27:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/31 08:27:01 | 000,000,000 | ---D | M]

[2009/09/08 10:21:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/30 18:15:16 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009/07/30 18:15:16 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009/07/30 18:15:16 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009/07/30 18:15:16 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009/07/30 18:15:16 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2003/04/16 08:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (XBTP01621 Class) - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~2\BEARSH~1\MediaBar.dll File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BearShare] C:\Program Files\BearShare\BearShare.exe File not found
O4 - HKLM..\Run: [HTpatch] C:\WINDOWS\htpatch.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [mouseElf] C:\Program Files\Genius NetScroll+ Traveler Mouse\gnetmous.exe ( )
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WhenUSave] C:\Program Files\Save\Save.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Application Data [2008/01/02 03:55:16 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Application Data [2008/01/02 03:55:16 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Dokumenty [2009/12/19 08:34:26 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\All Users\DRM [2007/06/10 07:02:08 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start [2009/10/26 16:24:30 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\All Users\ntuser.dat ()
O4 - Startup: C:\Documents and Settings\All Users\ntuser.dat.LOG ()
O4 - Startup: C:\Documents and Settings\All Users\Oblíbené položky [2005/03/02 09:35:33 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Plocha [2010/04/14 10:04:18 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Šablony [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Cookies [2005/03/02 10:11:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\Default User\Data aplikací [2005/03/02 09:35:33 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Dokumenty [2005/03/02 09:35:33 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Default User\Local Settings [2005/03/02 09:35:33 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Nabídka Start [2005/03/02 09:35:33 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Default User\NTUSER.DAT ()
O4 - Startup: C:\Documents and Settings\Default User\NTUSER.DAT.LOG ()
O4 - Startup: C:\Documents and Settings\Default User\Oblíbené položky [2005/03/02 09:35:33 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Default User\Okolní síť [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Okolní tiskárny [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Plocha [2005/03/02 09:35:33 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Default User\Recent [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\SendTo [2005/03/02 10:07:22 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Šablony [2005/03/02 10:04:17 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Doma\Cookies [2009/10/14 15:25:28 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\Doma\Data aplikací [2009/10/17 13:19:27 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Doma\Dokumenty [2009/10/17 12:11:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Doma\Local Settings [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Doma\Nabídka Start [2005/03/02 09:35:33 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Doma\NTUSER.DAT ()
O4 - Startup: C:\Documents and Settings\Doma\NTUSER.DAT.LOG ()
O4 - Startup: C:\Documents and Settings\Doma\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\Doma\Oblíbené položky [2009/02/01 14:14:40 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Doma\Okolní síť [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Doma\Okolní tiskárny [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Doma\Plocha [2010/04/14 10:12:39 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Doma\Recent [2009/02/01 14:14:38 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Doma\SendTo [2009/02/01 14:14:25 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Doma\Šablony [2005/03/02 10:04:17 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Kačka\.gimp-2.6 [2010/03/11 17:29:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Kačka\.recently-used.xbel ()
O4 - Startup: C:\Documents and Settings\Kačka\.thumbnails [2009/11/08 11:26:19 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Application Data [2007/03/30 10:16:43 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Cookies [2010/04/13 17:00:58 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\Kačka\Application Data [2007/03/30 10:16:43 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Dokumenty [2010/04/14 10:37:18 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Local Settings [2007/02/09 17:17:41 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Nabídka Start [2005/03/02 09:35:33 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Kačka\NTUSER.DAT ()
O4 - Startup: C:\Documents and Settings\Kačka\NTUSER.DAT.LOG ()
O4 - Startup: C:\Documents and Settings\Kačka\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\Kačka\Oblíbené položky [2009/09/08 10:45:33 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Okolní síť [2009/10/17 16:30:04 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Okolní tiskárny [2005/03/02 09:35:33 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Plocha [2010/04/14 10:18:30 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Kačka\Recent [2010/04/14 10:38:03 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Kačka\SendTo [2007/07/01 06:27:29 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Kačka\UserData [2006/04/06 12:20:31 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\Kačka\Šablony [2005/03/02 10:04:17 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\LocalService\Cookies [2005/03/02 10:12:47 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\LocalService\Data aplikací [2009/10/14 14:27:41 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\LocalService\Local Settings [2005/03/02 10:12:38 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\LocalService\NTUSER.DAT ()
O4 - Startup: C:\Documents and Settings\LocalService\ntuser.dat.LOG ()
O4 - Startup: C:\Documents and Settings\LocalService\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\NetworkService\Cookies [2005/03/02 10:46:50 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\NetworkService\Data aplikací [2005/03/02 10:12:29 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\NetworkService\Local Settings [2005/03/02 10:12:30 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\NetworkService\NTUSER.DAT ()
O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.dat.LOG ()
O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.ini ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O12 - Plugin for: .mp3 - C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://active.macromedia.com/director/cabs/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3190CE26-0B6E-4133-A7D3-87D29CB92120} http://www.bezpecnyinternet.cz/SBI.cab (SBIInetInstall Control)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/ ... 0_0_44.cab (FilePlanet Download Control Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 0723032407 (Reg Error: Key error.)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/msnme ... loader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://player.virtools.com/downloads/pl ... taller.exe (Virtools WebPlayer Class)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/games/popcaploader_v6.cab (PopCapLoader Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/22 15:36:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/01/05 18:39:44 | 000,000,095 | ---- | M] () - E:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/14 10:02:15 | 000,000,000 | ---D | C] -- C:\730e78370f00d330fc51b13b
[2010/04/09 08:05:18 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/04/09 08:04:56 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/04/09 08:04:56 | 000,025,096 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010/04/09 08:01:16 | 000,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2010/04/09 08:01:16 | 000,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2005/08/22 14:24:59 | 011,527,321 | ---- | C] ( ) -- C:\Program Files\1417.exe
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/15 16:02:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/15 10:23:11 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/14 10:09:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/14 10:08:16 | 000,262,144 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/04/14 10:01:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/14 09:59:17 | 000,049,980 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/04/14 08:30:46 | 058,888,023 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/04/13 09:21:06 | 000,578,151 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/04/09 08:05:01 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/04/09 08:05:00 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/04/09 08:04:57 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2010/04/09 08:04:56 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/04/09 08:04:56 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2010/04/09 08:04:52 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/04/09 08:04:48 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/04/09 08:01:16 | 000,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2010/04/09 08:01:16 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2010/04/08 09:13:00 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/03/28 03:28:08 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/28 03:28:08 | 000,437,558 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010/03/28 03:28:08 | 000,082,372 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010/03/28 03:28:08 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/28 03:28:07 | 001,046,890 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2006/03/19 13:04:40 | 000,006,841 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys
[2006/03/09 09:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/03/09 09:29:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005/11/26 14:48:49 | 000,005,826 | R--- | C] () -- C:\WINDOWS\GenAmvTool.INI
[2005/11/26 14:48:48 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2005/11/26 14:48:48 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2005/11/26 14:48:48 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2005/11/15 09:12:41 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005/11/15 09:12:41 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005/11/15 09:12:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005/09/10 10:39:11 | 000,000,107 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2005/08/15 11:58:44 | 000,000,011 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2005/08/09 18:19:20 | 000,000,940 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/06/29 03:58:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/06/15 15:50:24 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/05/06 14:29:23 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2005/03/27 05:57:36 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Milli.ini
[2005/03/03 16:24:16 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005/03/02 12:44:04 | 000,003,072 | R--- | C] () -- C:\WINDOWS\winio.sys
[2005/03/02 12:44:04 | 000,001,285 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2005/03/02 12:44:04 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/03/02 12:44:03 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/03/02 12:44:03 | 000,000,326 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/03/02 12:44:02 | 000,001,406 | ---- | C] () -- C:\WINDOWS\level.ini
[2005/03/02 12:44:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2005/03/02 12:44:02 | 000,000,149 | ---- | C] () -- C:\WINDOWS\disney.ini
[2005/03/02 12:44:02 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005/03/02 12:44:02 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
[2005/03/02 12:43:45 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005/03/02 12:43:25 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/03/02 12:43:19 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/03/02 12:43:19 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/03/02 12:43:18 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/03/02 12:43:18 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/03/02 12:42:58 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\Ltann62n.dll
[2005/03/02 12:42:58 | 000,078,336 | ---- | C] () -- C:\WINDOWS\System32\Ltimg62n.dll
[2005/03/02 12:42:58 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\Ltfil62n.dll
[2005/03/02 12:42:58 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\Ltwnd62n.dll
[2005/03/02 12:42:58 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\Lttwn62n.dll
[2005/03/02 12:42:58 | 000,003,200 | ---- | C] () -- C:\WINDOWS\System32\Ltthk62w.dll
[2005/03/02 12:42:56 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\Lffax62n.dll
[2005/03/02 12:42:56 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\Lfcmp62n.dll
[2005/03/02 12:42:56 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\Lfpng62n.dll
[2005/03/02 12:42:56 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\Lftif62n.dll
[2005/03/02 12:42:56 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\Lflma62n.dll
[2005/03/02 12:42:56 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\Lfica62n.dll
[2005/03/02 12:42:56 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\Lfpcx62n.dll
[2005/03/02 12:42:56 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\Lflmb62n.dll
[2005/03/02 12:42:56 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\Lfeps62n.dll
[2005/03/02 12:42:56 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\Lfpct62n.dll
[2005/03/02 12:42:56 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\Lfgif62n.dll
[2005/03/02 12:42:56 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\Lfbmp62n.dll
[2005/03/02 12:42:56 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\Lfpsd62n.dll
[2005/03/02 12:42:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Lfwmf62n.dll
[2005/03/02 12:42:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Lftga62n.dll
[2005/03/02 12:42:56 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\Lfwpg62n.dll
[2005/03/02 12:42:56 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\Lfimg62n.dll
[2005/03/02 12:42:56 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\Lfras62n.dll
[2005/03/02 12:42:56 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\Lfmsp62n.dll
[2005/03/02 12:42:56 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Lfmac62n.dll
[2005/03/02 12:42:56 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Lfcal62n.dll
[2005/03/02 12:42:56 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\Lfwfx62n.dll
[2005/03/02 12:42:56 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\Lfpcd62n.dll
[2005/03/02 12:42:51 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2005/03/02 12:42:47 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2005/02/24 12:51:52 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2005/02/17 06:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/02/17 06:31:58 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/02/17 06:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/02/17 06:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/02/17 06:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/02/17 06:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/02/17 06:31:57 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2004/11/15 10:17:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

========== Purity Check ==========

< End of report >

Spusťte OTL a do spodního okénka vložte následující skript.

Kód: Vybrat vše

:OTL
O3 - HKLM\..\Toolbar: (no name) - {37B85A29-692B-4205-9CAD-2626E4993404} - No CLSID value found.
O4 - HKLM..\Run: [BearShare] C:\Program Files\BearShare\BearShare.exe File not found
O4 - HKLM..\Run: [WhenUSave] C:\Program Files\Save\Save.exe File not found
[2005/08/22 14:24:59 | 011,527,321 | ---- | C] ( ) -- C:\Program Files\1417.exe
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]

Poté klikněte na "Opravit", PC se restartuje.

Tak sem to zkopiroval na txt -> pres flashku jsem to dostal do druhyho pc -> z txt zkopirovano do OTLPE do spodniho okna
-> Run Fix

Pak se mi nic samo nerestartovalo, tak sem to restartoval sam a zkusil normalne boot do windowsu a bohuzel problem nezmizel.

Taky mam 2 doplnujici otazky, ktery s problemem s vytuhlym pc moc nesouvisi.

1) Projel jsem tu flashku Esetem a pise mi to, ze tam je trojskej kun, tak sem se chtel zeptat, jak se leci takovej flash disk?

2) U sebe na PC jsem se kouk do Esetu a ten pise: Pocet zkontrolovanych objektu 14863 a infikovanych 1. Tak me to trochu zneklidnilo, jak v tom pc muze bejt 1 infikovanej soubor a Esetu to nejak nevadi?! (To uz bez pripojene flashky.)

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
Vložte do PC všechny flash disky, které používáte.
Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
Během skenování může být počítač restartován.

A to mam udelat s kterym pocitacem, s tim mym nebo s tim druhym nefunkcnim, mrznoucim?

Na tom nefunkčním, na ten druhý se podíváme později.

Mam jeste dotaz, jak mam ten Combofix zapnout? Kdyz se prihlasim klasicky pres windows na spravce ucet, tak mi po dvojkliku na combofix.exe vyjde jen chyba Neodesílat. Pokud na to dvakrat kliknu v tom Reatogo (boot pres to CD), tak se nestane vubec nic...

Zkuste ComboFix přejmenovat (cokoliv.com) a spustit v nouzovém režimu.

Tak bohuzel ani v nouzovym rezimu se mi to nepodarilo spustit - prejmenoval sem to na cokoliv.com a stejne to jenom hazi neodesilat.

Ted zacinam mit podivny potize i s tim mym pocitacem, jede mi podivne pomalu internet, ale na to kdyztak zalozim dalsi topic, at se to neplete.

Budeme pokračovat zde.

Máte instalační CD Vaší verze Windows

Na nefunkcnim jsou ofic. Windows XP Home, bohuzel uz je to starsi pc (celeron 2,2 ghz) a v te dobe jsem jeste nebyl tak uvedomelej, abych se po tom CDcku ptal. Takze bohuzel, nemam.

Stáhni si MSDaRT pro svůj příslušný operační systém:

Windows XP -> http://www.mediafire.com/?ddsfd2xdndw
Windows Vista -> http://www.mediafire.com/?knvmygelfxy
Windows 7 -> http://www.mediafire.com/?5qmmdkzjeg3

Nainstaluj program dle pokynů staženého instalátoru.
Po dokončení instalace spusť tento soubor: C:\Program Files\Microsoft Diagnostics and Recovery Toolset\ERDC.exe
Klikej postupně na tlačítko Next, nech vytvořit .iso soubor a pomocí průvodce ho vypal na CD.

2) Restartuj počítač, na kterém máš problémy a vlož do jeho mechaniky vypálené CD. Předtím, než se Windows načtou, mačkej libovolnou klávesu a počítač začne bootovat z CD.
Po nabootování jdi přes menu Start - System Tools - System Files Repair.
Spustí se průvodce, který vyhledá virem narušené / poškozené systémové soubory. Všechny soubory, které najde, nech opravit.

Jdi přes menu Start - Log Off - Restart - OK a tvůj počítač se restartuje.

3) Po restartu počítače jdi v OS přes menu Start - Nastavení - Ovládací panely - Přidat nebo odebrat programy - vyber: Microsoft Diagnostics and Recovery Toolset - klikni na Odebrat. Tohle MSDaRT zase odinstaluje.

Napiš výsledky.

edit: smazan log z rsit

VIRY.CZ

PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu

Re: PC zamrza, RSIT nelze spustit ani z nouzoveho rezimu