´OTL scan
OTL logfile created on: 3.7.2010 13:50:16 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\abc\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,78 Gb Total Space | 22,97 Gb Free Space | 45,23% Space Free | Partition Type: NTFS
Drive D: | 98,26 Gb Total Space | 8,63 Gb Free Space | 8,78% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MOFIS-NB-HP6735
Current User Name: abc
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.07.03 13:49:12 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\abc\Plocha\OTL.exe
PRC - [2010.06.30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- D:\Pavel\programy\Opera\opera.exe
PRC - [2010.06.20 04:04:47 | 000,035,760 | ---- | M] (Adobe Systems Incorporated) -- D:\Pavel\programy\adobe reader 9\Reader\reader_sl.exe
PRC - [2010.04.02 09:11:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\Cyberlink\Shared files\brs.exe
PRC - [2008.12.11 13:08:46 | 001,044,480 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2008.10.24 13:19:12 | 000,492,904 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
PRC - [2008.10.24 13:19:10 | 000,443,752 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
PRC - [2008.10.24 13:19:08 | 004,613,480 | ---- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
PRC - [2008.05.12 15:55:10 | 001,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.05.12 15:55:10 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.05.17 12:48:50 | 000,220,160 | ---- | M] (XIMETA, Inc.) -- C:\Program Files\NDAS\System\ndasmgmt.exe
PRC - [2006.03.20 21:40:08 | 000,304,640 | ---- | M] (XIMETA, Inc.) -- C:\Program Files\NDAS\System\ndassvc.exe
========== Modules (SafeList) ==========
MOD - [2010.07.03 13:49:12 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\abc\Plocha\OTL.exe
MOD - [2008.05.12 15:51:24 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2008.05.12 15:49:02 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.07.01 19:04:07 | 000,219,648 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\sshnas21.dll -- (SSHNAS)
SRV - [2008.11.11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.10.24 13:19:10 | 000,443,752 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe -- (DisplayLinkService)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.03.20 21:40:08 | 000,304,640 | ---- | M] (XIMETA, Inc.) [Auto | Running] -- C:\Program Files\NDAS\System\ndassvc.exe -- (ndassvc)
========== Driver Services (SafeList) ==========
DRV - [2010.04.02 09:11:16 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/06/19 14:16:26] [Kernel | Auto | Running] -- D:\Pavel\programy\powerdvd\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.02.01 19:34:24 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.01.31 18:54:07 | 001,735,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009.07.29 17:33:04 | 000,213,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2009.06.04 10:10:00 | 000,297,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009.03.19 11:40:10 | 000,009,216 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.12.11 13:11:34 | 000,338,944 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008.10.24 13:19:38 | 000,020,992 | ---- | M] (
http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DisplayLinkUsbPort.sys -- (DisplayLinkUsbPort)
DRV - [2008.10.24 13:19:38 | 000,020,736 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkGAport.sys -- (DisplayLinkGA)
DRV - [2008.10.24 13:19:38 | 000,018,816 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkmirrorport.sys -- (DisplayLinkmirror)
DRV - [2008.10.09 12:32:46 | 001,810,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.09.11 04:32:26 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.23 14:51:02 | 000,024,624 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.05.23 14:50:16 | 000,028,592 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.05.14 09:08:16 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.05.14 09:08:16 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2008.05.14 09:08:14 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.05.14 09:08:14 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.05.14 09:08:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.05.14 09:08:14 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.03.28 11:14:02 | 000,024,064 | ---- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2007.09.21 15:09:00 | 000,029,184 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ax88772.sys -- (AX88772)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.04.16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.03.20 21:40:50 | 000,140,160 | ---- | M] (XIMETA, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\lfsfilt.sys -- (lfsfilt)
DRV - [2006.03.20 21:39:58 | 000,115,584 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndasscsi.sys -- (ndasscsi)
DRV - [2006.03.20 21:39:58 | 000,059,136 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndasbus.sys -- (ndasbus)
DRV - [2006.03.20 21:39:58 | 000,044,288 | ---- | M] (XIMETA, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\lpx.sys -- (lpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/
IE - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\abc\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "
http://www.newversionchecker.com/?redr= ... tutils.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.2
FF - prefs.js..keyword.URL: "
http://search.qip.ru/search?from=FF&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\
bkmrksync@nokia.com: D:\Pavel\programy\NokiaPCsuite\Nokia PC Suite 7\bkmrksync\ [2010.02.02 19:29:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.25 11:03:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.01 07:26:31 | 000,000,000 | ---D | M]
[2010.01.31 19:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Mozilla\Extensions
[2010.05.30 21:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Mozilla\Firefox\Profiles\3wxsbd00.default\extensions
[2010.06.22 22:15:34 | 000,000,000 | ---D | M] (kikin plugin (JDownloader Edition)) -- C:\Documents and Settings\abc\Data aplikací\Mozilla\Firefox\Profiles\3wxsbd00.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010.01.31 22:36:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\abc\Data aplikací\Mozilla\Firefox\Profiles\3wxsbd00.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.02.02 19:21:07 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\abc\Data aplikací\Mozilla\Firefox\Profiles\3wxsbd00.default\searchplugins\qipsearch.xml
[2010.03.26 14:33:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.31 18:55:02 | 000,118,000 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\qippipe.dll
[2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.12.02 10:09:39 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.12.02 10:09:39 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.12.02 10:09:39 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.12.02 10:09:39 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.12.02 10:09:39 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\abc\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Pavel\programy\adobe reader 9\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Documents and Settings\abc\Nabídka Start\Programy\Po spuštění\Údržba databáze BUILDpower.lnk = C:\Program Files\RTS\BUILDpower\BPStartUp.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TrekStor NDAS Device Management.lnk = C:\Program Files\NDAS\System\ndasmgmt.exe (XIMETA, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1
O7 - HKU\S-1-5-21-1123561945-1844823847-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/update/1.1.0/jinsta ... s-i586.cab (Java Plug-in 1.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\abc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\abc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.31 16:41:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a042c82b-6b12-11df-9bb0-002186757a85}\Shell\AutoRun\command - "" = F:\SamsungSoftware\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.01.31 16:40:22 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - C:\WINDOWS\system32\sshnas21.dll ()
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (
http://www.mp3dev.org/)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (
www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)
========== Files/Folders - Created Within 30 Days ==========
[2010.07.03 13:49:12 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\abc\Plocha\OTL.exe
[2010.07.03 13:46:18 | 000,000,000 | ---D | C] -- C:\Avenger
[2010.07.03 13:45:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\abc\Recent
[2010.07.03 13:39:40 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\abc\Plocha\ATF-Cleaner.exe
[2010.07.01 23:42:17 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010.07.01 22:41:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\abc\Plocha\skener
[2010.07.01 22:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.07.01 22:39:48 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.30 21:46:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.06.30 07:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\abc\Plocha\fotkyy
[2010.06.30 07:28:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\abc\Plocha\fotky na fulnek
[2010.06.28 22:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.06.19 14:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\abc\Local Settings\Data aplikací\Cyberlink
[2010.06.19 14:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\abc\Dokumenty\CyberLink
[2010.06.19 14:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\abc\Data aplikací\CyberLink
[2010.06.19 14:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\Cyberlink
[2010.06.19 14:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CyberLink
[2010.06.19 14:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010.06.19 11:17:31 | 000,000,000 | ---D | C] -- C:\DOWNLOAD
[2010.01.31 18:55:05 | 000,195,112 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010.01.31 18:55:01 | 000,186,920 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.07.03 13:49:12 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\abc\Plocha\OTL.exe
[2010.07.03 13:46:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.03 13:46:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.03 13:45:34 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\abc\NTUSER.DAT
[2010.07.03 13:45:34 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\abc\ntuser.ini
[2010.07.03 13:45:26 | 004,318,846 | -H-- | M] () -- C:\Documents and Settings\abc\Local Settings\Data aplikací\IconCache.db
[2010.07.03 13:44:38 | 000,731,136 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\avenger.exe
[2010.07.03 13:39:40 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\abc\Plocha\ATF-Cleaner.exe
[2010.07.02 21:23:10 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.02 11:17:02 | 000,012,881 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\Zazálohujte si důležitá data.docx
[2010.07.02 11:16:38 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\Microsoft Office Word 2007.lnk
[2010.07.02 08:17:55 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\abc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.01 23:29:30 | 000,167,354 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\chyba combofixu.JPG
[2010.07.01 20:20:29 | 000,100,908 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\SystemLook.exe
[2010.07.01 19:10:19 | 000,180,736 | ---- | M] () -- C:\WINDOWS\Aryvab.exe
[2010.07.01 19:04:07 | 000,219,648 | ---- | M] () -- C:\WINDOWS\System32\sshnas21.dll
[2010.07.01 07:28:00 | 000,128,079 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\deník janské.pdf
[2010.06.30 14:19:35 | 000,116,821 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\dveepedek.jpg
[2010.06.30 09:38:00 | 000,053,846 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\215-2010.dwg
[2010.06.29 08:16:04 | 001,152,731 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\Dj GeKKo vs Weebl - Badger and Snake.mp3
[2010.06.29 08:15:23 | 001,100,517 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\narwhals.mp3
[2010.06.28 22:48:29 | 000,293,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.28 22:28:31 | 000,988,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.28 22:28:31 | 000,435,594 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.28 22:28:31 | 000,432,572 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.28 22:28:31 | 000,079,464 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.28 22:28:31 | 000,068,490 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.19 14:12:17 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010.06.19 14:12:16 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2010.06.16 08:45:20 | 000,038,618 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\tattoo.jpg
[2010.06.16 08:41:58 | 000,017,868 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\Berserk_Mark_by_Opeth0012.jpg
[2010.06.15 13:21:00 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\Smlouva 2 - subdodavatel 1.doc
[2010.06.11 07:50:00 | 000,160,768 | ---- | M] () -- C:\Documents and Settings\abc\Plocha\nabídkový rozpocet most v Oskavě.xls
[2010.06.07 21:18:21 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\abc\Data aplikací\AVSDVDPlayer.m3u
[2010.06.07 21:18:03 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.03 13:44:38 | 000,731,136 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\avenger.exe
[2010.07.02 11:17:02 | 000,012,881 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\Zazálohujte si důležitá data.docx
[2010.07.01 23:29:29 | 000,167,354 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\chyba combofixu.JPG
[2010.07.01 23:12:59 | 000,180,736 | ---- | C] () -- C:\WINDOWS\Aryvab.exe
[2010.07.01 20:20:29 | 000,100,908 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\SystemLook.exe
[2010.07.01 19:04:07 | 000,219,648 | ---- | C] () -- C:\WINDOWS\System32\sshnas21.dll
[2010.07.01 07:28:00 | 000,128,079 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\deník janské.pdf
[2010.06.30 14:19:35 | 000,116,821 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\dveepedek.jpg
[2010.06.30 09:38:00 | 000,053,846 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\215-2010.dwg
[2010.06.29 08:16:04 | 001,152,731 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\Dj GeKKo vs Weebl - Badger and Snake.mp3
[2010.06.29 08:14:54 | 001,100,517 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\narwhals.mp3
[2010.06.16 08:45:20 | 000,038,618 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\tattoo.jpg
[2010.06.16 08:41:58 | 000,017,868 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\Berserk_Mark_by_Opeth0012.jpg
[2010.06.15 13:21:00 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\Smlouva 2 - subdodavatel 1.doc
[2010.06.11 07:50:00 | 000,160,768 | ---- | C] () -- C:\Documents and Settings\abc\Plocha\nabídkový rozpocet most v Oskavě.xls
[2010.03.14 02:40:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.25 23:17:23 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2010.02.03 20:31:47 | 000,139,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.02.02 20:58:38 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.02.02 20:58:38 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.01 19:25:47 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.02.01 15:30:40 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\KOAZXA_L.DLL
[2010.01.31 19:12:25 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.01.31 19:12:23 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.01.31 19:12:21 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.01.31 19:12:20 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.01.31 18:55:05 | 001,810,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010.01.31 18:55:05 | 000,034,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010.01.31 18:55:05 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2010.01.31 18:47:23 | 000,000,880 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI
[2008.09.17 19:02:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\MSHRES0E.DLL
[2008.08.20 02:36:54 | 000,028,779 | ---- | C] () -- C:\WINDOWS\MSUMLT0E.INI
[2008.05.12 15:51:50 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.03.29 23:00:40 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005.11.30 13:49:56 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.02.17 13:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 13:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2010.02.01 19:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\DAEMON Tools Lite
[2010.02.01 17:34:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\ESET
[2010.01.31 19:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\GHISLER
[2010.02.03 20:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\id Software
[2010.06.22 22:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\kikin
[2010.02.07 10:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Leadertech
[2010.02.02 19:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Nokia
[2010.02.01 18:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Opera
[2010.02.02 19:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\PC Suite
[2010.03.30 19:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\TS3Client
[2010.01.31 19:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\TuneUp Software
[2010.07.01 19:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\uTorrent
[2010.02.01 19:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.07.01 23:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.05.12 10:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\id Software
[2010.02.02 19:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.02.02 19:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.02.05 19:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.06.30 22:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.02.02 09:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.01.31 19:13:59 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.02.03 14:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Adobe
[2010.01.31 18:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\ATI
[2010.06.19 14:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\CyberLink
[2010.02.01 19:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\DAEMON Tools Lite
[2010.02.01 17:34:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\ESET
[2010.01.31 19:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\GHISLER
[2010.01.31 18:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\hpqLog
[2010.01.31 19:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\HpUpdate
[2010.02.03 20:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\id Software
[2010.01.31 16:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Identities
[2010.01.31 18:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\InstallShield
[2010.06.22 22:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\kikin
[2010.02.07 10:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Leadertech
[2010.01.31 19:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Macromedia
[2010.06.10 14:15:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\abc\Data aplikací\Microsoft
[2010.01.31 19:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Mozilla
[2010.03.13 20:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Nero
[2010.02.02 19:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Nokia
[2010.02.01 18:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Opera
[2010.02.02 19:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\PC Suite
[2010.06.10 11:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Skype
[2010.06.10 08:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\skypePM
[2010.02.25 23:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Sun
[2010.03.30 19:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\TS3Client
[2010.01.31 19:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\TuneUp Software
[2010.07.01 19:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\uTorrent
[2010.02.01 20:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Ventrilo
[2010.06.29 08:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\vlc
[2010.01.31 19:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\Winamp
[2010.01.31 19:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abc\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2010.01.31 19:09:03 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\abc\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: IASTOR.SYS >
[2008.10.17 13:26:39 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\WINDOWS\NLDRV\001\iastor.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.09.10 23:25:20 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.)
Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.02.01 19:34:24 | 000,691,696 | ---- | M] ()
Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.01.31 17:22:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.01.31 17:22:11 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.01.31 17:22:11 | 000,503,808 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2008.09.10 23:25:20 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.)
Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.07.01 19:04:07 | 000,219,648 | ---- | M] () -- C:\WINDOWS\system32\sshnas21.dll
[2010.07.02 21:23:10 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34
< End of report >
poprosím o log ze Rsitu, viz můj podpis 
Přispějete na provoz fóra?
