Security tool

[Lord Baradur]

Zdavim,
do pocitace se mi dostal security tool, tak bych byl moc rad, jestli by mi nekdo byl ochoten pomoct tento problem vyresit.

[pitimir]

Ahoj, vitaj na fore

1) Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Do policka pod nazvom "Custom Scans/Fixes" skopiruj:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Potom klikni na "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.


2) Stiahni GMER, rozbal ho na plochu a spust. Program automaticky zacne scan (po jeho skonceni vloz log c. 1) - pokial pri scanovani nieco najde (=vyskoci nejake upozornenie), klik na "NO" a nastavis program podla obrazku:

Klik na "Scan". Po scane klik na "Save" a log c. 2 vloz sem.

Ak nic nenajde (=nevyskoci nic), zaskrtaj vpravo vsetko a spusti scan. Po jeho ukonceni klik na "Copy" a vloz log c. 2.

[Lord Baradur]

hned to uz na tom pracuju.

jen bych chtel upozornit, ze pocitace nejsou moje silna stranka, tak chvilku bude treba trvat

[Lord Baradur]

OTL Extras logfile created on: 21.2.2010 17:02:05 - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Èeská republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 93,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 99,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 98,14 Gb Total Space | 22,86 Gb Free Space | 23,29% Space Free | Partition Type: NTFS
Drive D: | 41,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 367,15 Gb Total Space | 272,13 Gb Free Space | 74,12% Space Free | Partition Type: NTFS
Drive G: | 498,47 Mb Total Space | 390,51 Mb Free Space | 78,34% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1715567821-1454471165-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"12185:TCP" = 12185:TCP:*:Enabled:BitComet 12185 TCP
"12185:UDP" = 12185:UDP:*:Enabled:BitComet 12185 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\Program Files\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe" = C:\Program Files\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe:*:Enabled:Kane & Lynch: Dead Men -- (Io Interactive A/S)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- (Electronic Arts)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{00AF66B1-7464-E9D8-3682-D07F6F5518B2}" = CCC Help Finnish
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{1350C9A1-DF5E-62A4-4BB4-CF0C0C45585C}" = Catalyst Control Center Localization Swedish
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{17096B0F-63BD-3BEC-7723-EAFAF4F034E7}" = CCC Help Swedish
"{1A0221A0-C56B-4371-EF10-746128F2EC69}" = CCC Help Norwegian
"{1EB39820-0764-681F-86F9-7BFD2BCA433A}" = Catalyst Control Center Localization Spanish
"{1FF8A71A-42B1-E1EB-7D8C-1C4437E34161}" = CCC Help English
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F7F8B3F-7017-7ACF-F37C-B33B728309BA}" = CCC Help Danish
"{3104509D-012C-5676-6E2F-089AA540A67C}" = Catalyst Control Center Localization German
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{335E46BC-C214-708C-DBEF-5B1802566850}" = CCC Help French
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
"{4B830617-9C7C-FF93-06E7-79D8ECF10C4D}" = Catalyst Control Center Graphics Full New
"{4C8941FE-0F15-E6AE-FDF6-55EF425ED78D}" = Catalyst Control Center Graphics Light
"{4FE0D23E-EC42-F623-F4C9-C5E64B694F85}" = Catalyst Control Center Localization Chinese Standard
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{56012E39-3B98-8676-28F9-31E5794CFA57}" = ccc-utility
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{586BC5DE-C4E6-2AC8-CC47-43AF3A7C3095}" = CCC Help German
"{5C71C33F-7D25-B59C-E433-230F5F6A3BA2}" = CCC Help Italian
"{5CF36055-64E7-BBB1-6926-A99CEA8E7D88}" = ccc-core-static
"{5DE590C8-5310-AB48-B388-A20DAB2971E5}" = Catalyst Control Center Localization Chinese Traditional
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{66826EEA-0C4B-4FE4-9FB1-E82D16059DF7}" = Catalyst Control Center - Branding
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C03D89C-AEF1-6A30-2F27-96F8176203FD}" = CCC Help Chinese Traditional
"{6F8CEE8D-0D44-BB2B-5306-9BCED4951D3A}" = Catalyst Control Center Localization French
"{70A774F7-240F-2D2E-602C-D7A5E7825900}" = Skins
"{711002ED-1940-5F34-3F8F-88025914DD56}" = Catalyst Control Center Core Implementation
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7509C38B-6134-90E9-B40A-7AB62660A113}" = Catalyst Control Center Localization Finnish
"{7532CBDB-A25A-7548-915C-169CDC882FDE}" = CCC Help Japanese
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0905.1
"{824FF7E8-2548-CAB9-C333-C2024B6279A0}" = CCC Help Dutch
"{850DB4E3-85F3-01D0-E9C0-1176F9A2FB37}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB65964-56E7-4DC7-B65D-3EF5FEC9842A}" = Testy Autoškola
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{951F4D78-5DD8-78A5-09E2-A7411A441029}" = Nero 7 Demo
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B62535DE-790D-AD46-AD89-297AD5EEBE45}" = Catalyst Control Center Graphics Full Existing
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C5F2D27A-A8F0-0D74-D7A5-413C309E01FD}" = Catalyst Control Center Localization Italian
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0666A62-8BED-6440-791F-B598E68E9BB5}" = Catalyst Control Center Localization Dutch
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{D2C6D68A-CDF0-5174-BB73-C55269CC620B}" = Catalyst Control Center Localization Danish
"{D8BA2EC4-50DE-D5F8-61C9-E14C523E0C14}" = ccc-core-preinstall
"{DABD796A-06B5-2146-4D38-FCABB7D17A0B}" = Catalyst Control Center Localization Norwegian
"{E39C74DF-58FD-4E52-9888-2CC59DFB0B34}" = PowerQuest PartitionMagic Pro 7.0
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDC33EB0-6FF3-467B-D09A-59EE279EC8B9}" = Catalyst Control Center Localization Japanese
"{FFE0FADC-8587-BF71-8EF0-2892739FBA5A}" = CCC Help Spanish
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Age of Empires 2.0" = Microsoft Age of Empires II
"AIMP2" = AIMP2
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BitComet" = BitComet 0.99
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.0.18)" = Mozilla Firefox (3.0.18)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MV2Player" = MV2Player (remove only)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"QIP Infium_is1" = QIP Infium 2.0.9018 RC3
"Usb Game Pad" = Usb Game Pad
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Anti-Spy" = Yahoo! Anti-Spy
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 18.4.2009 12:55:37 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = AAVM - chyba pøi testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\BOHDAN\DATA APLIKACí\MOZILLA\FIREFOX\PROFILES\ZEEV6S8O.DEFAULT\PREFS.JS
failed, 00000005.

Error - 29.4.2009 14:20:38 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = AAVM - chyba pøi testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\BOHDAN\DATA APLIKACí\MOZILLA\FIREFOX\PROFILES\ZEEV6S8O.DEFAULT\PREFS.JS
failed, 00000005.

Error - 19.2.2010 18:42:24 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestOpenList Error 1753.

Error - 19.2.2010 18:42:24 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybì: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.

Error - 19.2.2010 18:42:31 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybì: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty().

Error - 19.2.2010 19:42:11 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestAddFile Error 1753.

Error - 19.2.2010 19:43:18 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestOpenList Error 1753.

Error - 19.2.2010 19:43:18 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybì: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.

[ Application Events ]
Error - 25.1.2010 11:25:42 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace fifa08.exe, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x717d013d.

Error - 13.2.2010 13:00:39 | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace kaneandlynch.exe, verze 1.0.0.129, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 16.2.2010 12:56:57 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace crysis.exe, verze 1.1.1.690, chybující modul crysystem.dll,
verze 1.1.1.690, adresa chyby 0x00007697.

Error - 16.2.2010 18:29:00 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029cf41.

Error - 17.2.2010 9:58:00 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029cf41.

Error - 17.2.2010 18:48:27 | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace NFSC.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.2.2010 15:35:36 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029d0fd.

Error - 19.2.2010 15:36:03 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029d0fd.

Error - 19.2.2010 15:57:02 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029ceb1.

Error - 19.2.2010 17:07:39 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace _ex-08.exe, verze 0.0.0.0, chybující modul _ex-08.exe,
verze 0.0.0.0, adresa chyby 0x00001f4f.

[ OSession Events ]
Error - 23.8.2009 18:48:15 | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 24
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.2.2010 11:58:21 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 pøi pokusu o spuštìní služby StiSvc
s argumenty za úèelem spuštìní serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 21.2.2010 11:58:43 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 pøi pokusu o spuštìní služby StiSvc
s argumenty za úèelem spuštìní serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službì Rozhraní NetBios nad protokolem
TCP/IP, která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službì Ovladaè protokolu TCP/IP, která
neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službì
AFD, která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Apple Mobile Device závisí na službì Ovladaè protokolu TCP/IP,
která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Bonjour Service závisí na službì Ovladaè protokolu TCP/IP,
která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službì Ovladaè IPSEC, která neuspìla
pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladaèe pro spouštìní poèítaèe nebo systému
se nezdaøilo: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss
Tcpip

Error - 21.2.2010 12:01:31 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 pøi pokusu o spuštìní služby StiSvc
s argumenty za úèelem spuštìní serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}


< End of report >

[Lord Baradur]

OTL logfile created on: 21.2.2010 17:02:05 - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Èeská republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 93,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 99,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 98,14 Gb Total Space | 22,86 Gb Free Space | 23,29% Space Free | Partition Type: NTFS
Drive D: | 41,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 367,15 Gb Total Space | 272,13 Gb Free Space | 74,12% Space Free | Partition Type: NTFS
Drive G: | 498,47 Mb Total Space | 390,51 Mb Free Space | 78,34% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2004.08.18 13:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009.12.28 14:59:45 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008.12.13 20:41:13 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008.11.26 18:18:46 | 000,155,160 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.11.26 18:18:32 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.11.26 18:16:23 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.11.26 18:12:08 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.08.08 14:24:42 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008.07.30 03:30:37 | 000,561,152 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008.07.22 20:42:12 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.07.03 21:05:00 | 000,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2007.07.24 15:17:08 | 000,229,376 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006.10.30 03:34:02 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.10.26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010.02.21 16:55:16 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.02.12 18:48:15 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009.05.09 18:01:46 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008.12.13 20:09:16 | 000,646,392 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.11.26 18:18:18 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2008.11.26 18:17:36 | 000,111,184 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.11.26 18:17:25 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.11.26 18:16:38 | 000,050,864 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.11.26 18:16:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.11.26 18:15:35 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.31 03:21:08 | 000,079,960 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2008.07.30 03:30:37 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.07.30 03:30:37 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.07.24 11:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.06.16 08:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007.10.09 13:13:00 | 000,038,144 | ---- | M] (Realtek) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\EAPPkt.sys -- (EAPPkt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.18 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.08.10 07:00:00 | 000,003,252 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\PQNTDRV.SYS -- (PQNTDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1715567821-1454471165-725345543-500\S-1-5-21-1715567821-1454471165-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.20 00:00:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.19 14:36:25 | 000,000,000 | ---D | M]

[2010.02.20 00:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2010.02.20 00:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jbb2o6be.default\extensions
[2010.02.18 23:36:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010.02.13 02:11:28 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.13 02:11:28 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.13 02:11:28 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.13 02:11:28 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.13 02:11:28 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [08079327] C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe ()
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CTFMON] C:\WINDOWS\Temp\_ex-08.exe ()
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O4 - Startup: C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštìní\monnid32.exe (TWX Corp.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.13 19:30:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.02.22 01:43:07 | 000,358,248 | R--- | M] (NETGEAR Inc.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.05.29 09:27:40 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.02.22 01:43:07 | 000,358,248 | R--- | M] (NETGEAR Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.12.13 20:12:42 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 90 Days ==========

[2010.02.21 16:58:26 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010.02.20 00:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2010.02.20 00:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2010.02.20 00:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla
[2010.02.20 00:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.02.19 23:41:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Logitech
[2010.02.19 23:38:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.02.19 23:38:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2010.02.19 23:38:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2010.02.19 23:38:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Data aplikací
[2010.02.19 23:38:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Nabídka Start
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Šablony
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Okolní tiskárny
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Okolní sí
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Oblíbené položky
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft Help
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty
[2010.02.19 22:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\08079327
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010.02.19 22:02:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.02.17 22:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.02.12 18:48:27 | 000,000,000 | ---D | C] -- C:\OEMSettings
[2010.02.12 18:48:15 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys
[2010.02.12 18:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2010.02.12 18:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009.02.14 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2008.12.13 20:39:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2008.12.13 19:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:30:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010.02.21 16:57:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.02.21 16:55:16 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.02.21 16:55:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.02.21 16:53:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2010.02.20 15:16:24 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010.02.20 15:16:23 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010.02.20 15:16:22 | 003,712,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\IconCache.db
[2010.02.20 15:02:20 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2010.02.20 00:44:31 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.20 00:41:08 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.20 00:39:02 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\setup_ldm.iss
[2010.02.19 23:52:47 | 001,042,738 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.02.19 23:52:47 | 000,438,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.02.19 23:52:47 | 000,435,922 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.02.19 23:52:47 | 000,082,476 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.02.19 23:52:47 | 000,071,046 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.02.19 23:41:39 | 000,046,408 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.02.14 00:36:22 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.13 23:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.02.13 17:49:00 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.02.13 17:48:53 | 000,103,736 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.02.12 18:48:15 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys
[2010.02.12 18:47:59 | 000,001,792 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\NETGEAR WG111v3 Smart Wizard.lnk
[2010.02.12 18:47:59 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\NETGEAR WG111v3 Smart Wizard.lnk
[2009.12.28 14:59:45 | 000,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.20 15:10:19 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2010.02.20 00:41:08 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.20 00:39:06 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\setup.log
[2010.02.20 00:39:02 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\setup_ldm.iss
[2010.02.19 23:38:56 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010.02.19 23:38:53 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010.02.12 18:47:59 | 000,001,792 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\NETGEAR WG111v3 Smart Wizard.lnk
[2010.02.12 18:47:59 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\NETGEAR WG111v3 Smart Wizard.lnk
[2008.12.14 12:47:14 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.12.13 22:30:45 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.12.13 21:14:28 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.13 20:14:07 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2008.12.13 20:09:16 | 000,646,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.12.13 19:58:22 | 000,062,304 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2007.10.12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2004.08.18 13:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2010.02.19 22:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\08079327
[2009.01.01 21:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2009.01.13 21:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Leadertech

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

[Lord Baradur]

Jdu na bod 2

[Lord Baradur]

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-21 18:04:56
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxtdipow.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xF74FD0B0]
SSDT sptd.sys ZwEnumerateKey [0xF7502A92]
SSDT sptd.sys ZwEnumerateValueKey [0xF7502E20]
SSDT sptd.sys ZwOpenKey [0xF74FD090]
SSDT sptd.sys ZwQueryKey [0xF7502EF8]
SSDT sptd.sys ZwQueryValueKey [0xF7502D78]
SSDT sptd.sys ZwSetValueKey [0xF7502F8A]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A37F1E8
Device \FileSystem\Fastfat \FatCdrom 89FAF610
Device \Driver\usbuhci \Device\USBPDO-0 8A2781E8
Device \Driver\usbuhci \Device\USBPDO-1 8A2781E8
Device \Driver\usbehci \Device\USBPDO-2 8A27B1E8
Device \Driver\usbuhci \Device\USBPDO-3 8A2781E8
Device \Driver\PCI_NTPNP7978 \Device\00000047 sptd.sys
Device \Driver\usbuhci \Device\USBPDO-4 8A2781E8
Device \Driver\usbehci \Device\USBPDO-5 8A27B1E8
Device \Driver\usbuhci \Device\USBPDO-6 8A2781E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A3811E8
Device \Driver\usbuhci \Device\USBPDO-7 8A2781E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A3811E8
Device \Driver\Cdrom \Device\CdRom0 8A2761E8
Device \Driver\Cdrom \Device\CdRom1 8A2761E8
Device \Driver\atapi \Device\Ide\IdePort0 8A30D1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8A30D1E8
Device \Driver\atapi \Device\Ide\IdePort1 8A30D1E8
Device \Driver\atapi \Device\Ide\IdePort2 8A30D1E8
Device \Driver\atapi \Device\Ide\IdePort3 8A30D1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 8A30D1E8
Device \Driver\USBSTOR \Device\00000078 89FF31E8
Device \Driver\USBSTOR \Device\00000079 89FF31E8
Device \Driver\usbuhci \Device\USBFDO-0 8A2781E8
Device \Driver\usbuhci \Device\USBFDO-1 8A2781E8
Device \Driver\usbuhci \Device\USBFDO-2 8A2781E8
Device \Driver\usbehci \Device\USBFDO-3 8A27B1E8
Device \Driver\usbuhci \Device\USBFDO-4 8A2781E8
Device \Driver\Ftdisk \Device\FtControl 8A3811E8
Device \Driver\usbuhci \Device\USBFDO-5 8A2781E8
Device \Driver\usbuhci \Device\USBFDO-6 8A2781E8
Device \Driver\usbehci \Device\USBFDO-7 8A27B1E8
Device \Driver\amat2zzv \Device\Scsi\amat2zzv1 8A2771E8
Device \Driver\amat2zzv \Device\Scsi\amat2zzv1Port5Path0Target0Lun0 8A2771E8
Device \Driver\JRAID \Device\Scsi\JRAID1 8A3801E8
Device \FileSystem\Fastfat \Fat 89FAF610
Device \FileSystem\Cdfs \Cdfs 89FB1980

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -875791541
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 1092739343
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFC 0x1D 0xCE 0xD2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x70 0x67 0x60 0xB1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x56 0x33 0x6C 0x96 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFC 0x1D 0xCE 0xD2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x70 0x67 0x60 0xB1 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x56 0x33 0x6C 0x96 ...

---- EOF - GMER 1.0.15 ----








doufam, ze je to vse co bylo zatim potreba

[pitimir]

Preco to bolo robene v nudzovom rezime? Normalny nefunguje?


Skopiruj v OTL do policka pod nazvom "Custom Scans/Fixes":

Kód: Vybrat vše

:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [08079327] C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe ()
O4 - HKLM..\Run: [CTFMON] C:\WINDOWS\Temp\_ex-08.exe ()
O4 - HKLM..\Run: [GEST] File not found
O4 - Startup: C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštìní\monnid32.exe (TWX Corp.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)

:files
C:\Documents and Settings\All Users\Data aplikací\08079327

:commands
[emptytemp]
[reboot]

Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.

[Lord Baradur]

v normalnim me to nenecha nic delat

[pitimir]

Treba spravit pokyny ako ich poslal a potom uvidime

[Lord Baradur]

mam oznacit stejne policka jako pri prvnim OTL?

[Lord Baradur]

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\08079327 not found.
File C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON not found.
File C:\WINDOWS\Temp\_ex-08.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST not found.
File C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštění\monnid32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
File\Folder C:\Documents and Settings\All Users\Data aplikací\08079327 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: All Users

User: Bohdan
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.1.30.1 log created on 02212010_192353

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[pitimir]

Podarilo sa ti cosi zaujimave - program hlasi, ze v podstate nic nebolo vykonane. Treba len spustit program (OTL) a nakopirovat donho text z predosleho postu, ktory je napisany v /code. To je cela robota, nic viac ani menej

[Lord Baradur]

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\08079327 not found.
File C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON not found.
File C:\WINDOWS\Temp\_ex-08.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST not found.
File C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštění\monnid32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
File\Folder C:\Documents and Settings\All Users\Data aplikací\08079327 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: All Users

User: Bohdan
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 42503 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.1.30.1 log created on 02222010_142541

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Lord Baradur]

prave me pocitac funguje jako predtim (zatim? ). po restartu me to nepustilo na nouzovy, tak jsem sel na normalni system a po asi 5 minutovem zamrznuti se rozjel. Znamena to, ze je to na dobre ceste, nebo je to ciste nahoda?