VIRY.CZ

Zdavim,
do pocitace se mi dostal security tool, tak bych byl moc rad, jestli by mi nekdo byl ochoten pomoct tento problem vyresit.

Ahoj, vitaj na fore

1) Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Do policka pod nazvom "Custom Scans/Fixes" skopiruj:
Potom klikni na "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.


2) Stiahni GMER, rozbal ho na plochu a spust. Program automaticky zacne scan (po jeho skonceni vloz log c. 1) - pokial pri scanovani nieco najde (=vyskoci nejake upozornenie), klik na "NO" a nastavis program podla obrazku:

Klik na "Scan". Po scane klik na "Save" a log c. 2 vloz sem.

Ak nic nenajde (=nevyskoci nic), zaskrtaj vpravo vsetko a spusti scan. Po jeho ukonceni klik na "Copy" a vloz log c. 2.

hned to uz na tom pracuju.

jen bych chtel upozornit, ze pocitace nejsou moje silna stranka, tak chvilku bude treba trvat

OTL Extras logfile created on: 21.2.2010 17:02:05 - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Èeská republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 93,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 99,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 98,14 Gb Total Space | 22,86 Gb Free Space | 23,29% Space Free | Partition Type: NTFS
Drive D: | 41,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 367,15 Gb Total Space | 272,13 Gb Free Space | 74,12% Space Free | Partition Type: NTFS
Drive G: | 498,47 Mb Total Space | 390,51 Mb Free Space | 78,34% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1715567821-1454471165-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"12185:TCP" = 12185:TCP:*:Enabled:BitComet 12185 TCP
"12185:UDP" = 12185:UDP:*:Enabled:BitComet 12185 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\Program Files\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe" = C:\Program Files\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe:*:Enabled:Kane & Lynch: Dead Men -- (Io Interactive A/S)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- (Electronic Arts)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{00AF66B1-7464-E9D8-3682-D07F6F5518B2}" = CCC Help Finnish
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{1350C9A1-DF5E-62A4-4BB4-CF0C0C45585C}" = Catalyst Control Center Localization Swedish
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{17096B0F-63BD-3BEC-7723-EAFAF4F034E7}" = CCC Help Swedish
"{1A0221A0-C56B-4371-EF10-746128F2EC69}" = CCC Help Norwegian
"{1EB39820-0764-681F-86F9-7BFD2BCA433A}" = Catalyst Control Center Localization Spanish
"{1FF8A71A-42B1-E1EB-7D8C-1C4437E34161}" = CCC Help English
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F7F8B3F-7017-7ACF-F37C-B33B728309BA}" = CCC Help Danish
"{3104509D-012C-5676-6E2F-089AA540A67C}" = Catalyst Control Center Localization German
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{335E46BC-C214-708C-DBEF-5B1802566850}" = CCC Help French
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
"{4B830617-9C7C-FF93-06E7-79D8ECF10C4D}" = Catalyst Control Center Graphics Full New
"{4C8941FE-0F15-E6AE-FDF6-55EF425ED78D}" = Catalyst Control Center Graphics Light
"{4FE0D23E-EC42-F623-F4C9-C5E64B694F85}" = Catalyst Control Center Localization Chinese Standard
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{56012E39-3B98-8676-28F9-31E5794CFA57}" = ccc-utility
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{586BC5DE-C4E6-2AC8-CC47-43AF3A7C3095}" = CCC Help German
"{5C71C33F-7D25-B59C-E433-230F5F6A3BA2}" = CCC Help Italian
"{5CF36055-64E7-BBB1-6926-A99CEA8E7D88}" = ccc-core-static
"{5DE590C8-5310-AB48-B388-A20DAB2971E5}" = Catalyst Control Center Localization Chinese Traditional
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{66826EEA-0C4B-4FE4-9FB1-E82D16059DF7}" = Catalyst Control Center - Branding
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C03D89C-AEF1-6A30-2F27-96F8176203FD}" = CCC Help Chinese Traditional
"{6F8CEE8D-0D44-BB2B-5306-9BCED4951D3A}" = Catalyst Control Center Localization French
"{70A774F7-240F-2D2E-602C-D7A5E7825900}" = Skins
"{711002ED-1940-5F34-3F8F-88025914DD56}" = Catalyst Control Center Core Implementation
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7509C38B-6134-90E9-B40A-7AB62660A113}" = Catalyst Control Center Localization Finnish
"{7532CBDB-A25A-7548-915C-169CDC882FDE}" = CCC Help Japanese
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.0905.1
"{824FF7E8-2548-CAB9-C333-C2024B6279A0}" = CCC Help Dutch
"{850DB4E3-85F3-01D0-E9C0-1176F9A2FB37}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB65964-56E7-4DC7-B65D-3EF5FEC9842A}" = Testy Autoškola
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{951F4D78-5DD8-78A5-09E2-A7411A441029}" = Nero 7 Demo
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B62535DE-790D-AD46-AD89-297AD5EEBE45}" = Catalyst Control Center Graphics Full Existing
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C5F2D27A-A8F0-0D74-D7A5-413C309E01FD}" = Catalyst Control Center Localization Italian
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0666A62-8BED-6440-791F-B598E68E9BB5}" = Catalyst Control Center Localization Dutch
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{D2C6D68A-CDF0-5174-BB73-C55269CC620B}" = Catalyst Control Center Localization Danish
"{D8BA2EC4-50DE-D5F8-61C9-E14C523E0C14}" = ccc-core-preinstall
"{DABD796A-06B5-2146-4D38-FCABB7D17A0B}" = Catalyst Control Center Localization Norwegian
"{E39C74DF-58FD-4E52-9888-2CC59DFB0B34}" = PowerQuest PartitionMagic Pro 7.0
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDC33EB0-6FF3-467B-D09A-59EE279EC8B9}" = Catalyst Control Center Localization Japanese
"{FFE0FADC-8587-BF71-8EF0-2892739FBA5A}" = CCC Help Spanish
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Age of Empires 2.0" = Microsoft Age of Empires II
"AIMP2" = AIMP2
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BitComet" = BitComet 0.99
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.0.18)" = Mozilla Firefox (3.0.18)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MV2Player" = MV2Player (remove only)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"QIP Infium_is1" = QIP Infium 2.0.9018 RC3
"Usb Game Pad" = Usb Game Pad
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Anti-Spy" = Yahoo! Anti-Spy
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 18.4.2009 12:55:37 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = AAVM - chyba pøi testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\BOHDAN\DATA APLIKACí\MOZILLA\FIREFOX\PROFILES\ZEEV6S8O.DEFAULT\PREFS.JS
failed, 00000005.

Error - 29.4.2009 14:20:38 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = AAVM - chyba pøi testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\DOCUMENTS AND SETTINGS\BOHDAN\DATA APLIKACí\MOZILLA\FIREFOX\PROFILES\ZEEV6S8O.DEFAULT\PREFS.JS
failed, 00000005.

Error - 19.2.2010 18:42:24 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestOpenList Error 1753.

Error - 19.2.2010 18:42:24 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybì: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.

Error - 19.2.2010 18:42:31 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybì: CChestListView::OnCreate() !m_strErrorWnd.IsEmpty().

Error - 19.2.2010 19:42:11 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestAddFile Error 1753.

Error - 19.2.2010 19:43:18 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestOpenList Error 1753.

Error - 19.2.2010 19:43:18 | Computer Name = HOME | Source = avast! | ID = 33554522
Description = aswChestInterface - Program vyvolal nestandardní stav. Informace o
chybì: CChestListView::LoadFiles() chestOpenList() failed: 2147422219.

[ Application Events ]
Error - 25.1.2010 11:25:42 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace fifa08.exe, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x717d013d.

Error - 13.2.2010 13:00:39 | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace kaneandlynch.exe, verze 1.0.0.129, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 16.2.2010 12:56:57 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace crysis.exe, verze 1.1.1.690, chybující modul crysystem.dll,
verze 1.1.1.690, adresa chyby 0x00007697.

Error - 16.2.2010 18:29:00 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029cf41.

Error - 17.2.2010 9:58:00 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029cf41.

Error - 17.2.2010 18:48:27 | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace NFSC.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.2.2010 15:35:36 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029d0fd.

Error - 19.2.2010 15:36:03 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029d0fd.

Error - 19.2.2010 15:57:02 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029ceb1.

Error - 19.2.2010 17:07:39 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Chybující aplikace _ex-08.exe, verze 0.0.0.0, chybující modul _ex-08.exe,
verze 0.0.0.0, adresa chyby 0x00001f4f.

[ OSession Events ]
Error - 23.8.2009 18:48:15 | Computer Name = HOME | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 24
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.2.2010 11:58:21 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 pøi pokusu o spuštìní služby StiSvc
s argumenty za úèelem spuštìní serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 21.2.2010 11:58:43 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 pøi pokusu o spuštìní služby StiSvc
s argumenty za úèelem spuštìní serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službì Rozhraní NetBios nad protokolem
TCP/IP, která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službì Ovladaè protokolu TCP/IP, která
neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službì
AFD, která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Apple Mobile Device závisí na službì Ovladaè protokolu TCP/IP,
která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Bonjour Service závisí na službì Ovladaè protokolu TCP/IP,
která neuspìla pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službì Ovladaè IPSEC, která neuspìla
pøi spuštìní v dùsledku následující chyby: %%31

Error - 21.2.2010 11:58:57 | Computer Name = HOME | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladaèe pro spouštìní poèítaèe nebo systému
se nezdaøilo: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss
Tcpip

Error - 21.2.2010 12:01:31 | Computer Name = HOME | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 pøi pokusu o spuštìní služby StiSvc
s argumenty za úèelem spuštìní serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}


< End of report >

OTL logfile created on: 21.2.2010 17:02:05 - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Èeská republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 93,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 99,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 98,14 Gb Total Space | 22,86 Gb Free Space | 23,29% Space Free | Partition Type: NTFS
Drive D: | 41,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 367,15 Gb Total Space | 272,13 Gb Free Space | 74,12% Space Free | Partition Type: NTFS
Drive G: | 498,47 Mb Total Space | 390,51 Mb Free Space | 78,34% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2004.08.18 13:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009.12.28 14:59:45 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008.12.13 20:41:13 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008.11.26 18:18:46 | 000,155,160 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.11.26 18:18:32 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.11.26 18:16:23 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.11.26 18:12:08 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.08.08 14:24:42 | 000,080,392 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008.07.30 03:30:37 | 000,561,152 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008.07.22 20:42:12 | 000,116,040 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.07.03 21:05:00 | 000,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2007.07.24 15:17:08 | 000,229,376 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2006.10.30 03:34:02 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.10.26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010.02.21 16:55:16 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.02.12 18:48:15 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009.05.09 18:01:46 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008.12.13 20:09:16 | 000,646,392 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.11.26 18:18:18 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2008.11.26 18:17:36 | 000,111,184 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.11.26 18:17:25 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.11.26 18:16:38 | 000,050,864 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.11.26 18:16:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.11.26 18:15:35 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.31 03:21:08 | 000,079,960 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2008.07.30 03:30:37 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.07.30 03:30:37 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.07.24 11:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.06.16 08:08:42 | 000,109,184 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.28 15:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007.10.09 13:13:00 | 000,038,144 | ---- | M] (Realtek) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\EAPPkt.sys -- (EAPPkt)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.18 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.08.10 07:00:00 | 000,003,252 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\PQNTDRV.SYS -- (PQNTDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1715567821-1454471165-725345543-500\S-1-5-21-1715567821-1454471165-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.20 00:00:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.19 14:36:25 | 000,000,000 | ---D | M]

[2010.02.20 00:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2010.02.20 00:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jbb2o6be.default\extensions
[2010.02.18 23:36:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010.02.13 02:11:28 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.13 02:11:28 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.13 02:11:28 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.13 02:11:28 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.13 02:11:28 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [08079327] C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe ()
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CTFMON] C:\WINDOWS\Temp\_ex-08.exe ()
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
O4 - Startup: C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštìní\monnid32.exe (TWX Corp.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.13 19:30:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.02.22 01:43:07 | 000,358,248 | R--- | M] (NETGEAR Inc.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.05.29 09:27:40 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.02.22 01:43:07 | 000,358,248 | R--- | M] (NETGEAR Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.12.13 20:12:42 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 90 Days ==========

[2010.02.21 16:58:26 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.02.20 15:10:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010.02.20 00:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2010.02.20 00:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2010.02.20 00:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla
[2010.02.20 00:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.02.19 23:41:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Logitech
[2010.02.19 23:38:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.02.19 23:38:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Cookies
[2010.02.19 23:38:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2010.02.19 23:38:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Data aplikací
[2010.02.19 23:38:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Nabídka Start
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Šablony
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Okolní tiskárny
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Okolní sí
[2010.02.19 23:38:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Local Settings
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Oblíbené položky
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft Help
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft
[2010.02.19 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty
[2010.02.19 22:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\08079327
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010.02.19 22:02:44 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010.02.19 22:02:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010.02.19 22:02:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.02.17 22:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.02.12 18:48:27 | 000,000,000 | ---D | C] -- C:\OEMSettings
[2010.02.12 18:48:15 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys
[2010.02.12 18:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR
[2010.02.12 18:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2009.02.14 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2008.12.13 20:39:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2008.12.13 19:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.12.13 19:30:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010.02.21 16:57:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.02.21 16:55:16 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.02.21 16:55:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.02.21 16:53:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.02.21 16:49:10 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2010.02.20 15:16:24 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010.02.20 15:16:23 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010.02.20 15:16:22 | 003,712,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\IconCache.db
[2010.02.20 15:02:20 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2010.02.20 00:44:31 | 000,197,752 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.02.20 00:41:08 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.20 00:39:02 | 000,000,760 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\setup_ldm.iss
[2010.02.19 23:52:47 | 001,042,738 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.02.19 23:52:47 | 000,438,960 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.02.19 23:52:47 | 000,435,922 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.02.19 23:52:47 | 000,082,476 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.02.19 23:52:47 | 000,071,046 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.02.19 23:41:39 | 000,046,408 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.02.14 00:36:22 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.13 23:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.02.13 17:49:00 | 000,022,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.02.13 17:48:53 | 000,103,736 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.02.12 18:48:15 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\AegisP.sys
[2010.02.12 18:47:59 | 000,001,792 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\NETGEAR WG111v3 Smart Wizard.lnk
[2010.02.12 18:47:59 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\NETGEAR WG111v3 Smart Wizard.lnk
[2009.12.28 14:59:45 | 000,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.20 15:10:19 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2010.02.20 00:41:08 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.20 00:39:06 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\setup.log
[2010.02.20 00:39:02 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\setup_ldm.iss
[2010.02.19 23:38:56 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010.02.19 23:38:53 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010.02.12 18:47:59 | 000,001,792 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštìní\NETGEAR WG111v3 Smart Wizard.lnk
[2010.02.12 18:47:59 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\NETGEAR WG111v3 Smart Wizard.lnk
[2008.12.14 12:47:14 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.12.13 22:30:45 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.12.13 21:14:28 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.13 20:14:07 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2008.12.13 20:09:16 | 000,646,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.12.13 19:58:22 | 000,062,304 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2007.10.12 23:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2004.08.18 13:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[1997.06.14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2010.02.19 22:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\08079327
[2009.01.01 21:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2009.01.13 21:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bohdan\Data aplikací\Leadertech

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\50ce127b6bb5262be7f814de23be86b4\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

Jdu na bod 2

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-21 18:04:56
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxtdipow.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xF74FD0B0]
SSDT sptd.sys ZwEnumerateKey [0xF7502A92]
SSDT sptd.sys ZwEnumerateValueKey [0xF7502E20]
SSDT sptd.sys ZwOpenKey [0xF74FD090]
SSDT sptd.sys ZwQueryKey [0xF7502EF8]
SSDT sptd.sys ZwQueryValueKey [0xF7502D78]
SSDT sptd.sys ZwSetValueKey [0xF7502F8A]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A37F1E8
Device \FileSystem\Fastfat \FatCdrom 89FAF610
Device \Driver\usbuhci \Device\USBPDO-0 8A2781E8
Device \Driver\usbuhci \Device\USBPDO-1 8A2781E8
Device \Driver\usbehci \Device\USBPDO-2 8A27B1E8
Device \Driver\usbuhci \Device\USBPDO-3 8A2781E8
Device \Driver\PCI_NTPNP7978 \Device\00000047 sptd.sys
Device \Driver\usbuhci \Device\USBPDO-4 8A2781E8
Device \Driver\usbehci \Device\USBPDO-5 8A27B1E8
Device \Driver\usbuhci \Device\USBPDO-6 8A2781E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A3811E8
Device \Driver\usbuhci \Device\USBPDO-7 8A2781E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A3811E8
Device \Driver\Cdrom \Device\CdRom0 8A2761E8
Device \Driver\Cdrom \Device\CdRom1 8A2761E8
Device \Driver\atapi \Device\Ide\IdePort0 8A30D1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8A30D1E8
Device \Driver\atapi \Device\Ide\IdePort1 8A30D1E8
Device \Driver\atapi \Device\Ide\IdePort2 8A30D1E8
Device \Driver\atapi \Device\Ide\IdePort3 8A30D1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-12 8A30D1E8
Device \Driver\USBSTOR \Device\00000078 89FF31E8
Device \Driver\USBSTOR \Device\00000079 89FF31E8
Device \Driver\usbuhci \Device\USBFDO-0 8A2781E8
Device \Driver\usbuhci \Device\USBFDO-1 8A2781E8
Device \Driver\usbuhci \Device\USBFDO-2 8A2781E8
Device \Driver\usbehci \Device\USBFDO-3 8A27B1E8
Device \Driver\usbuhci \Device\USBFDO-4 8A2781E8
Device \Driver\Ftdisk \Device\FtControl 8A3811E8
Device \Driver\usbuhci \Device\USBFDO-5 8A2781E8
Device \Driver\usbuhci \Device\USBFDO-6 8A2781E8
Device \Driver\usbehci \Device\USBFDO-7 8A27B1E8
Device \Driver\amat2zzv \Device\Scsi\amat2zzv1 8A2771E8
Device \Driver\amat2zzv \Device\Scsi\amat2zzv1Port5Path0Target0Lun0 8A2771E8
Device \Driver\JRAID \Device\Scsi\JRAID1 8A3801E8
Device \FileSystem\Fastfat \Fat 89FAF610
Device \FileSystem\Cdfs \Cdfs 89FB1980

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -875791541
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 1092739343
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFC 0x1D 0xCE 0xD2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x70 0x67 0x60 0xB1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x56 0x33 0x6C 0x96 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFC 0x1D 0xCE 0xD2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x70 0x67 0x60 0xB1 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x56 0x33 0x6C 0x96 ...

---- EOF - GMER 1.0.15 ----








doufam, ze je to vse co bylo zatim potreba

Preco to bolo robene v nudzovom rezime? Normalny nefunguje?


Skopiruj v OTL do policka pod nazvom "Custom Scans/Fixes":
Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.

v normalnim me to nenecha nic delat

Treba spravit pokyny ako ich poslal a potom uvidime

mam oznacit stejne policka jako pri prvnim OTL?

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\08079327 not found.
File C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON not found.
File C:\WINDOWS\Temp\_ex-08.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST not found.
File C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštění\monnid32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
File\Folder C:\Documents and Settings\All Users\Data aplikací\08079327 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: All Users

User: Bohdan
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.1.30.1 log created on 02212010_192353

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Podarilo sa ti cosi zaujimave - program hlasi, ze v podstate nic nebolo vykonane. Treba len spustit program (OTL) a nakopirovat donho text z predosleho postu, ktory je napisany v /code. To je cela robota, nic viac ani menej

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\08079327 not found.
File C:\Documents and Settings\All Users\Data aplikací\08079327\08079327.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON not found.
File C:\WINDOWS\Temp\_ex-08.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GEST not found.
File C:\Documents and Settings\Bohdan\Nabídka Start\Programy\Po spuštění\monnid32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
File C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (BitComet)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
File\Folder C:\Documents and Settings\All Users\Data aplikací\08079327 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: All Users

User: Bohdan
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 42503 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Host
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.1.30.1 log created on 02222010_142541

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

prave me pocitac funguje jako predtim (zatim? ). po restartu me to nepustilo na nouzovy, tak jsem sel na normalni system a po asi 5 minutovem zamrznuti se rozjel. Znamena to, ze je to na dobre ceste, nebo je to ciste nahoda?