VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosim o radu a omrknuti logu... diky

https://forum.viry.cz:443/viewtopic.php?t=103374

Stránka 3 z 5

Re: Prosim o radu a omrknuti logu... diky

Napsal: 05 srp 2010 21:17
od ray204
OTL

OTL logfile created on: 5. 8. 2010 22:13:00 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = G:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

1 022,00 Mb Total Physical Memory | 838,00 Mb Available Physical Memory | 82,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 97,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143,42 Gb Total Space | 121,22 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7,67 Gb Total Space | 0,08 Gb Free Space | 0,99% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LENOVO3000N200
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.08.05 22:03:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2008.07.07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008.04.14 16:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.08.05 22:03:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
MOD - [2008.04.14 16:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010.08.05 22:11:26 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\rpcnetp.exe -- (rpcnetp)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.18 17:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007.04.16 12:33:18 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2007.04.16 12:21:20 | 000,983,040 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2007.04.16 12:14:24 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2007.04.09 11:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007.03.16 06:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007.01.19 16:16:46 | 000,061,440 | ---- | M] (AuthenTec,Inc) [Auto | Stopped] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2006.12.19 17:53:46 | 000,024,072 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.11.11 22:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006.11.06 14:21:10 | 000,210,432 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005.07.08 18:24:46 | 000,871,424 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2005.06.14 23:40:54 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\LMabcoms.exe -- (lmab_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lmimirr.sys -- (lmimirr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\INSTB32.SYS -- (INSTB32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1.LEN\LOCALS~1\Temp\EverestDriver.sys -- (EverestDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Veronika\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.08.04 22:36:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.23 11:57:22 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 11:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 11:57:22 | 000,100,480 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.06.19 13:59:10 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.06.19 13:59:04 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.06.19 13:59:02 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.05.14 18:12:45 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.04.14 16:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.08.07 21:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.04.30 07:37:20 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Ovladač adaptéru Intel(R)
DRV - [2007.04.10 16:55:28 | 000,140,808 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) (****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.03.29 16:19:36 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007.03.21 22:31:32 | 003,684,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.02.16 16:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.01.30 19:57:00 | 004,474,368 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.01.23 18:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.13 11:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.10.30 11:52:04 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.10.30 11:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.10.30 11:51:30 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006.10.30 11:51:24 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.10.10 08:54:34 | 000,138,240 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006.10.10 08:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006.10.10 08:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006.10.10 08:54:32 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2006.08.30 15:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.07.12 11:58:02 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006.05.24 12:48:14 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)
DRV - [2006.05.19 15:24:20 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005.07.08 18:17:54 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.07.08 18:17:36 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004.08.22 17:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004.08.22 17:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2002.11.28 16:18:04 | 000,015,360 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002.11.28 12:43:49 | 000,022,016 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys -- (ElbyVCD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1202660629-1844823847-839522115-500\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1202660629-1844823847-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.01 15:06:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.15 11:48:45 | 000,000,000 | ---D | M]

[2010.08.05 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.10.26 18:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.10 20:55:09 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.05.08 21:15:02 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.05.08 21:15:02 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.05.08 21:15:02 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.05.08 21:15:02 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.05.08 21:15:02 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.08.04 22:24:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe File not found
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [Lexmark X6100 Series] C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.08.05 21:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.08.05 16:20:22 | 001,204,586 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\UsbFix.exe
[2010.08.04 23:34:07 | 000,000,000 | ---D | C] -- C:\Intel
[2010.08.04 23:03:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.08.04 22:52:52 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.08.04 22:36:06 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.08.04 22:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.08.04 22:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.08.04 22:21:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.08.04 22:14:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.08.04 19:53:07 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.08.04 19:53:06 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.08.04 19:53:04 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.08.04 19:53:02 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2010.08.04 19:53:02 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2010.08.04 19:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.08.04 19:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.08.04 19:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\GRETECH
[2010.08.04 19:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\Adobe
[2010.08.04 19:06:25 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.08.04 19:06:25 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.08.04 19:06:25 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.08.04 19:06:25 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe.mwt
[2010.08.04 19:06:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.08.04 19:05:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.08.04 18:24:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.08.04 18:23:22 | 000,000,000 | ---D | C] -- C:\ComboFix23459C
[2010.08.04 18:21:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\PrivacIE
[2010.08.04 18:15:39 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010.08.04 18:08:26 | 000,000,000 | ---D | C] -- C:\ComboFix2
[2010.08.04 17:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\Malwarebytes
[2010.08.04 17:59:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.04 17:59:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.04 17:59:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.08.04 17:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2010.08.04 16:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.08.04 08:32:47 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\IETldCache
[2010.08.04 08:32:25 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\Microsoft
[2010.08.04 08:32:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\SendTo
[2010.08.04 08:32:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací
[2010.08.04 08:32:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Nabídka Start
[2010.08.04 08:32:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Cookies
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Šablony
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Recent
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Okolní tiskárny
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Okolní síť
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Local Settings
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Oblíbené položky
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Local Settings\Data aplikací\Microsoft
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Dokumenty
[2010.08.02 22:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2010.08.02 21:20:31 | 000,000,000 | ---D | C] -- C:\found.001
[2010.08.02 21:16:41 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\mp3fhg.acm
[2010.08.02 21:16:41 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010.08.02 21:16:41 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010.08.02 21:16:40 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010.08.02 21:16:40 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010.08.02 21:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010.07.22 18:56:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2010.07.22 18:56:27 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2010.07.15 12:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Trans
[2009.01.13 13:40:32 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2009.01.13 13:40:32 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2008.04.02 13:31:36 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.08.05 22:11:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.05 22:11:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.05 22:11:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010.08.05 22:11:26 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.exe
[2010.08.05 22:08:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{752B43E6-B86D-40EC-A2D7-1CADB49EE03A}.job
[2010.08.05 21:56:46 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.08.05 21:56:34 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.05 21:54:06 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.05 21:51:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.05 21:44:25 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.dll
[2010.08.05 21:39:17 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\NTUSER.DAT
[2010.08.05 21:39:17 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\ntuser.ini
[2010.08.05 21:39:16 | 004,240,656 | -H-- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Local Settings\Data aplikací\IconCache.db
[2010.08.05 21:36:16 | 000,442,873 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2010.08.05 08:45:02 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.08.05 08:44:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\agremove.exe
[2010.08.04 22:48:40 | 001,204,586 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\UsbFix.exe
[2010.08.04 22:36:08 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.08.04 22:36:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.08.04 22:32:52 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.08.04 22:25:56 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.04 22:24:48 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.08.04 22:24:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.08.04 21:44:08 | 000,000,569 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.04 19:53:22 | 000,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.08.04 19:53:06 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.08.04 19:53:05 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.08.04 19:53:03 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.08.04 19:25:17 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.04 18:04:28 | 003,749,693 | R--- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\ComboFix2.exe
[2010.08.04 17:03:52 | 005,153,350 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2010.08.04 16:28:24 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\HijackThis.lnk
[2010.08.03 11:30:13 | 000,000,156 | ---- | M] () -- C:\WINDOWS\z.reg
[2010.08.02 22:02:02 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\GOM Player.lnk
[2010.08.02 21:44:00 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Connect.lnk
[2010.08.02 12:25:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Vyčištění disku.job
[2010.07.29 14:56:15 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.07.27 08:30:31 | 008,466,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010.07.25 21:03:41 | 000,002,511 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vodafone SMS.lnk
[2010.07.15 11:48:46 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.07.15 10:06:05 | 000,000,642 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010.07.14 10:00:00 | 000,108,032 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.07.14 10:00:00 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.05 08:41:13 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.dll
[2010.08.05 08:40:31 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.exe
[2010.08.04 22:36:08 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.08.04 22:25:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.04 19:53:22 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.08.04 19:06:25 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.08.04 19:06:25 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.08.04 19:06:25 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.08.04 19:06:25 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.08.04 19:06:25 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.08.04 18:24:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.08.04 18:24:16 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.08.04 18:16:59 | 003,749,693 | R--- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\ComboFix2.exe
[2010.08.04 17:03:21 | 005,153,350 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2010.08.04 16:55:49 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.08.04 16:28:24 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\HijackThis.lnk
[2010.08.04 08:32:28 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\ntuser.ini
[2010.08.04 08:32:25 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\NTUSER.DAT
[2010.08.04 08:32:25 | 000,073,728 | -H-- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\NtUser.dat.LOG
[2010.08.03 11:30:03 | 000,000,156 | ---- | C] () -- C:\WINDOWS\z.reg
[2010.08.02 22:02:02 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\GOM Player.lnk
[2010.08.02 21:16:43 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.08.02 21:16:42 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.08.02 21:16:40 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.08.02 21:16:40 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.08.02 21:16:39 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.08.02 21:16:39 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.07.22 18:56:33 | 000,002,557 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Connect.lnk
[2010.07.22 18:56:33 | 000,002,511 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vodafone SMS.lnk
[2008.04.30 09:36:16 | 000,000,641 | ---- | C] () -- C:\WINDOWS\SESTDLL.INI
[2008.04.03 09:41:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbfvs.dll
[2008.04.03 09:41:07 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\lxbfcoin.ini
[2008.04.03 09:35:40 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBFLCNP.DLL
[2008.04.02 13:46:47 | 000,000,642 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2008.04.02 13:33:04 | 000,000,507 | ---- | C] () -- C:\WINDOWS\LMABB2DD.ini
[2008.04.02 13:31:12 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\LMabusb1.dll
[2008.04.02 13:31:12 | 000,630,784 | ---- | C] () -- C:\WINDOWS\System32\LMabpmui.dll
[2008.04.02 13:31:11 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\LMabserv.dll
[2008.04.02 13:31:10 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\LMabpar1.dll
[2008.04.02 13:31:10 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\LMablmpm.dll
[2008.04.02 13:31:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LMabprox.dll
[2008.04.02 13:31:10 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\LMabpplc.dll
[2008.04.02 13:31:09 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\LMabip1.dll
[2008.04.02 13:31:09 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\LMabcomm.dll
[2008.04.02 13:31:08 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\LMabcomc.dll
[2008.03.29 18:41:23 | 000,000,101 | ---- | C] () -- C:\WINDOWS\DVDIdlePro.INI
[2008.03.29 16:35:13 | 000,000,140 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.03.29 15:55:22 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.03.29 15:33:23 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.03.29 11:46:13 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.03.25 16:58:41 | 000,004,672 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.03.25 16:46:18 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007.03.21 23:31:34 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.03.21 23:31:34 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.03.21 23:31:32 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.03.21 23:31:32 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007.03.21 23:31:32 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.03.21 23:31:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.11.11 22:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006.03.02 13:00:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\syscvchk.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2010.02.07 22:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.08.04 22:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.12 17:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DivoGames
[2010.04.12 10:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2008.06.09 11:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2009.10.26 18:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.01.03 12:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2008.06.20 08:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.08.04 19:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2008.04.04 11:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.03.25 18:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC-Doctor
[2008.03.29 15:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.01.03 12:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TurboFLOORPLAN Dum & Interiér & Zahrada Pro
[2010.07.22 18:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2008.03.30 12:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Elaborate Bytes
[2010.02.15 13:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\MAXON
[2008.04.04 11:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Nokia
[2008.04.04 11:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\PC Suite
[2010.08.03 14:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\RST
[2008.03.29 15:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\TuneUp Software
[2010.06.16 19:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Vodafone
[2010.04.27 19:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2008.10.05 13:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\AVGTOOLBAR
[2010.08.04 22:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\DAEMON Tools Lite
[2009.10.26 18:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\ICQ
[2009.11.13 15:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\LG Electronics
[2009.02.20 17:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\Nokia
[2009.02.20 17:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\PC Suite
[2010.04.12 17:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\Retriever
[2010.07.15 12:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\RST
[2009.11.26 21:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\TMInc
[2008.11.04 16:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\TuneUp Software
[2010.04.27 19:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\Vodafone
[2009.11.13 15:34:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Veronika\Data aplikací\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2010.01.01 18:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.08.05 22:08:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{752B43E6-B86D-40EC-A2D7-1CADB49EE03A}.job
[2010.08.02 12:25:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\Vyčištění disku.job

========== Purity Check ==========


< End of report >

Re: Prosim o radu a omrknuti logu... diky

Napsal: 05 srp 2010 21:18
od ray204
EXTRAS

OTL Extras logfile created on: 5. 8. 2010 22:13:00 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = G:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

1 022,00 Mb Total Physical Memory | 838,00 Mb Available Physical Memory | 82,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 97,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143,42 Gb Total Space | 121,22 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7,67 Gb Total Space | 0,08 Gb Free Space | 0,99% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LENOVO3000N200
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" = C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI -- File not found
"C:\WINDOWS\system32\LMabcoms.exe" = C:\WINDOWS\system32\LMabcoms.exe:*:Enabled:Lexmark Enhanced TCP/IP -- ()
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0143CF89-5CF2-4F2D-80D5-BFAE64E1BA00}" = MITs Wizard 3.0 for Device
"{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}" = PC Connectivity Solution
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BFFC6B8-4EC0-4240-858C-998FD4077983}" = Nokia Connectivity Cable Driver
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.32
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F541C8-EB78-4606-8234-0955ED803787}" = TurboFLOORPLAN Dum & Interiér & Zahrada Pro v12
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A52A504E-18BE-4821-9A2A-BFB4542DA0BD}" = Lenovo PM Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinstalovat LG PC Suite III
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EC422FB2-9F4D-4FB1-A5CE-5F741132EBC5}" = Lenovo Fingerprint Software
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59A3B93-6C1C-4C3E-BCC4-4897490E2963}" = LG Bluetooth Drivers
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"4CFD94C379217A02D5EA067615FF789CD731BCDB" = Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Ceník stavebních prací_is1" = Ceník stavebních prací 2.6 - aktualizace 2.6.7
"CloneCD" = CloneCD
"DiskCleaner" = Disk Cleaner (remove only)
"DVD-CLONER V_is1" = DVD-CLONER V5.10 Build 967
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InCD!UninstallKey" = InCD
"InstallShield_{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver
"InstallShield_{74F541C8-EB78-4606-8234-0955ED803787}" = TurboFLOORPLAN Dum & Interiér & Zahrada Pro v12
"IrfanView" = IrfanView (remove only)
"Lexmark X6100 Series" = Lexmark X6100 Series
"Lexmark_HostCD" = Lexmark Software Uninstall
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OnScreenDisplay" = On Screen Display
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"ProInst" = Software Intel(R) PROSet/Wireless
"Retriever_is1" = Retriever 1.1.4.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TRANS_is1" = TRANS 3.3.2.713
"Treasures of the Ancient Cavern_is1" = Treasures of the Ancient Cavern
"Usbfix" = Usbfix By C_XX & El Desaparecido
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Příručka k zařízení Windows Mobile®
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5. 8. 2010 2:33:19 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = GetProcessOwner

Error - 5. 8. 2010 2:41:20 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 2:46:41 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 6:10:14 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 6:17:33 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 8:50:21 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 15:40:15 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 15:44:32 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 15:52:01 | Computer Name = LENOVO3000N200 | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 5. 8. 2010 15:54:06 | Computer Name = LENOVO3000N200 | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 5. 8. 2010 15:37:52 | Computer Name = LENOVO3000N200 | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 5. 8. 2010 15:37:52 | Computer Name = LENOVO3000N200 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec khips MRxSmb NetBIOS NetBT RasAcd
Rdbss
sptd
Tcpip

Error - 5. 8. 2010 15:38:06 | Computer Name = LENOVO3000N200 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 5. 8. 2010 15:38:14 | Computer Name = LENOVO3000N200 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 5. 8. 2010 15:39:03 | Computer Name = LENOVO3000N200 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}

Error - 5. 8. 2010 15:39:17 | Computer Name = LENOVO3000N200 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5. 8. 2010 15:40:16 | Computer Name = LENOVO3000N200 | Source = Service Control Manager | ID = 7000
Description = Služba TuneUp Design Expansion neuspěla při spuštění v důsledku následující
chyby: %%1083

Error - 5. 8. 2010 15:40:16 | Computer Name = LENOVO3000N200 | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126

Error - 5. 8. 2010 15:52:02 | Computer Name = LENOVO3000N200 | Source = Service Control Manager | ID = 7000
Description = Služba TuneUp Design Expansion neuspěla při spuštění v důsledku následující
chyby: %%1083

Error - 5. 8. 2010 15:52:02 | Computer Name = LENOVO3000N200 | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%126


< End of report >

Re: Prosim o radu a omrknuti logu... diky

Napsal: 05 srp 2010 21:27
od ray204
Po zadani zeleneho textu :


OTL logfile created on: 5. 8. 2010 22:21:15 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = G:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

1 022,00 Mb Total Physical Memory | 813,00 Mb Available Physical Memory | 79,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 96,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143,42 Gb Total Space | 121,22 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7,67 Gb Total Space | 0,08 Gb Free Space | 0,98% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LENOVO3000N200
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.08.05 22:03:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2008.07.07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008.04.14 16:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.08.05 22:03:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
MOD - [2008.04.14 16:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010.08.05 22:11:26 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\rpcnetp.exe -- (rpcnetp)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.18 17:48:28 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.07 08:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007.04.16 12:33:18 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2007.04.16 12:21:20 | 000,983,040 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2007.04.16 12:14:24 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2007.04.09 11:24:32 | 000,054,832 | ---- | M] (Lenovo.) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe -- (FNF5SVC)
SRV - [2007.03.16 06:26:22 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)
SRV - [2007.01.19 16:16:46 | 000,061,440 | ---- | M] (AuthenTec,Inc) [Auto | Stopped] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2006.12.19 17:53:46 | 000,024,072 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.11.11 22:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006.11.06 14:21:10 | 000,210,432 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005.07.08 18:24:46 | 000,871,424 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2005.06.14 23:40:54 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\System32\LMabcoms.exe -- (lmab_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lmimirr.sys -- (lmimirr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\INSTB32.SYS -- (INSTB32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1.LEN\LOCALS~1\Temp\EverestDriver.sys -- (EverestDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Veronika\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.08.04 22:36:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.11.25 01:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 01:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 01:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.23 11:57:22 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 11:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 11:57:22 | 000,100,480 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.06.19 13:59:10 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.06.19 13:59:04 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.06.19 13:59:02 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.05.14 18:12:45 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.04.14 16:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.08.07 21:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.04.30 07:37:20 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Ovladač adaptéru Intel(R)
DRV - [2007.04.10 16:55:28 | 000,140,808 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) (****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.03.29 16:19:36 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007.03.21 22:31:32 | 003,684,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.02.16 16:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.01.30 19:57:00 | 004,474,368 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.01.23 18:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.13 11:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.10.30 11:52:04 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.10.30 11:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.10.30 11:51:30 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006.10.30 11:51:24 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.10.10 08:54:34 | 000,138,240 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006.10.10 08:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006.10.10 08:54:32 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006.10.10 08:54:32 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2006.08.30 15:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.07.12 11:58:02 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)
DRV - [2006.05.24 12:48:14 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)
DRV - [2006.05.19 15:24:20 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005.07.08 18:17:54 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.07.08 18:17:36 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2004.08.22 17:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004.08.22 17:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2002.11.28 16:18:04 | 000,015,360 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002.11.28 12:43:49 | 000,022,016 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys -- (ElbyVCD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1202660629-1844823847-839522115-500\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1202660629-1844823847-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.01 15:06:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.15 11:48:45 | 000,000,000 | ---D | M]

[2010.08.05 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.10.26 18:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.05.10 20:55:09 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.05.08 21:15:02 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.05.08 21:15:02 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.05.08 21:15:02 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.05.08 21:15:02 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.05.08 21:15:02 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.08.04 22:24:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll File not found
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe File not found
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [Lexmark X6100 Series] C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PM Driver\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1202660629-1844823847-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpReg: CloneCDElbyCDFL - hkey= - key= - C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes AG)
MsConfig - StartUpReg: InCD - hkey= - key= - C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vykreslování vektorové grafiky (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Datové vazby jazyka DHTML pro jazyk Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Vylepšené vytváření obsahu
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Třídy DirectAnimation jazyka Java
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Aktualizace zabezpečení systému Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Plánovač úloh
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010.08.05 21:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.08.05 16:20:22 | 001,204,586 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\UsbFix.exe
[2010.08.04 23:34:07 | 000,000,000 | ---D | C] -- C:\Intel
[2010.08.04 23:03:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.08.04 22:52:52 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.08.04 22:36:06 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.08.04 22:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.08.04 22:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.08.04 22:21:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.08.04 22:14:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.08.04 19:53:07 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.08.04 19:53:06 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.08.04 19:53:04 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.08.04 19:53:02 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2010.08.04 19:53:02 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2010.08.04 19:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.08.04 19:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.08.04 19:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\GRETECH
[2010.08.04 19:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\Adobe
[2010.08.04 19:06:25 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.08.04 19:06:25 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.08.04 19:06:25 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.08.04 19:06:25 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe.mwt
[2010.08.04 19:06:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.08.04 19:05:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.08.04 18:24:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.08.04 18:23:22 | 000,000,000 | ---D | C] -- C:\ComboFix23459C
[2010.08.04 18:21:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\PrivacIE
[2010.08.04 18:15:39 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010.08.04 18:08:26 | 000,000,000 | ---D | C] -- C:\ComboFix2
[2010.08.04 17:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\Malwarebytes
[2010.08.04 17:59:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.04 17:59:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.04 17:59:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.08.04 17:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2010.08.04 16:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.08.04 08:32:47 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\IETldCache
[2010.08.04 08:32:25 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací\Microsoft
[2010.08.04 08:32:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\SendTo
[2010.08.04 08:32:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Data aplikací
[2010.08.04 08:32:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Nabídka Start
[2010.08.04 08:32:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Cookies
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Šablony
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Recent
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Okolní tiskárny
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Okolní síť
[2010.08.04 08:32:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Local Settings
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Oblíbené položky
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Local Settings\Data aplikací\Microsoft
[2010.08.04 08:32:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.LENOVO3000N200\Dokumenty
[2010.08.02 22:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2010.08.02 21:20:31 | 000,000,000 | ---D | C] -- C:\found.001
[2010.08.02 21:16:41 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\mp3fhg.acm
[2010.08.02 21:16:41 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010.08.02 21:16:41 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010.08.02 21:16:40 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010.08.02 21:16:40 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010.08.02 21:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010.07.22 18:56:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2010.07.22 18:56:27 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2010.07.15 12:38:00 | 000,000,000 | ---D | C] -- C:\Program Files\Trans
[2009.01.13 13:40:32 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2009.01.13 13:40:32 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2008.04.02 13:31:36 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.08.05 22:11:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.05 22:11:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.05 22:11:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010.08.05 22:11:26 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.exe
[2010.08.05 22:08:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{752B43E6-B86D-40EC-A2D7-1CADB49EE03A}.job
[2010.08.05 21:56:46 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.08.05 21:56:34 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.05 21:54:06 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.05 21:51:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.05 21:44:25 | 000,017,408 | ---- | M] () -- C:\WINDOWS\System32\rpcnetp.dll
[2010.08.05 21:39:17 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\NTUSER.DAT
[2010.08.05 21:39:17 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\ntuser.ini
[2010.08.05 21:39:16 | 004,240,656 | -H-- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Local Settings\Data aplikací\IconCache.db
[2010.08.05 21:36:16 | 000,442,873 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2010.08.05 08:45:02 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.08.05 08:44:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\agremove.exe
[2010.08.04 22:48:40 | 001,204,586 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\UsbFix.exe
[2010.08.04 22:36:08 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.08.04 22:36:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.08.04 22:32:52 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.08.04 22:25:56 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.04 22:24:48 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.08.04 22:24:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.08.04 21:44:08 | 000,000,569 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.04 19:53:22 | 000,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.08.04 19:53:06 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.08.04 19:53:05 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.08.04 19:53:03 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.08.04 19:25:17 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.04 18:04:28 | 003,749,693 | R--- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\ComboFix2.exe
[2010.08.04 17:03:52 | 005,153,350 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2010.08.04 16:28:24 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\HijackThis.lnk
[2010.08.03 11:30:13 | 000,000,156 | ---- | M] () -- C:\WINDOWS\z.reg
[2010.08.02 22:02:02 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\GOM Player.lnk
[2010.08.02 21:44:00 | 000,002,557 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Connect.lnk
[2010.08.02 12:25:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Vyčištění disku.job
[2010.07.29 14:56:15 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.07.27 08:30:31 | 008,466,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010.07.25 21:03:41 | 000,002,511 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vodafone SMS.lnk
[2010.07.15 11:48:46 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.07.15 10:06:05 | 000,000,642 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010.07.14 10:00:00 | 000,108,032 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.07.14 10:00:00 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.05 08:41:13 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.dll
[2010.08.05 08:40:31 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\rpcnetp.exe
[2010.08.04 22:36:08 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.08.04 22:25:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.04 19:53:22 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.08.04 19:06:25 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.08.04 19:06:25 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.08.04 19:06:25 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.08.04 19:06:25 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.08.04 19:06:25 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.08.04 18:24:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.08.04 18:24:16 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.08.04 18:16:59 | 003,749,693 | R--- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\ComboFix2.exe
[2010.08.04 17:03:21 | 005,153,350 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2010.08.04 16:55:49 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.08.04 16:28:24 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\Plocha\HijackThis.lnk
[2010.08.04 08:32:28 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\ntuser.ini
[2010.08.04 08:32:25 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\NTUSER.DAT
[2010.08.04 08:32:25 | 000,139,264 | -H-- | C] () -- C:\Documents and Settings\Administrator.LENOVO3000N200\NtUser.dat.LOG
[2010.08.03 11:30:03 | 000,000,156 | ---- | C] () -- C:\WINDOWS\z.reg
[2010.08.02 22:02:02 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\GOM Player.lnk
[2010.08.02 21:16:43 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.08.02 21:16:42 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.08.02 21:16:40 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.08.02 21:16:40 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.08.02 21:16:39 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.08.02 21:16:39 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.07.22 18:56:33 | 000,002,557 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Connect.lnk
[2010.07.22 18:56:33 | 000,002,511 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vodafone SMS.lnk
[2008.04.30 09:36:16 | 000,000,641 | ---- | C] () -- C:\WINDOWS\SESTDLL.INI
[2008.04.03 09:41:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbfvs.dll
[2008.04.03 09:41:07 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\lxbfcoin.ini
[2008.04.03 09:35:40 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBFLCNP.DLL
[2008.04.02 13:46:47 | 000,000,642 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2008.04.02 13:33:04 | 000,000,507 | ---- | C] () -- C:\WINDOWS\LMABB2DD.ini
[2008.04.02 13:31:12 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\LMabusb1.dll
[2008.04.02 13:31:12 | 000,630,784 | ---- | C] () -- C:\WINDOWS\System32\LMabpmui.dll
[2008.04.02 13:31:11 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\LMabserv.dll
[2008.04.02 13:31:10 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\LMabpar1.dll
[2008.04.02 13:31:10 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\LMablmpm.dll
[2008.04.02 13:31:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LMabprox.dll
[2008.04.02 13:31:10 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\LMabpplc.dll
[2008.04.02 13:31:09 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\LMabip1.dll
[2008.04.02 13:31:09 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\LMabcomm.dll
[2008.04.02 13:31:08 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\LMabcomc.dll
[2008.03.29 18:41:23 | 000,000,101 | ---- | C] () -- C:\WINDOWS\DVDIdlePro.INI
[2008.03.29 16:35:13 | 000,000,140 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.03.29 15:55:22 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.03.29 15:33:23 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.03.29 11:46:13 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.03.25 16:58:41 | 000,004,672 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.03.25 16:46:18 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007.03.21 23:31:34 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.03.21 23:31:34 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.03.21 23:31:32 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.03.21 23:31:32 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007.03.21 23:31:32 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.03.21 23:31:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.11.11 22:50:38 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006.03.02 13:00:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\syscvchk.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2010.02.07 22:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.08.04 22:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.04.12 17:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DivoGames
[2010.04.12 10:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2008.06.09 11:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2009.10.26 18:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.01.03 12:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2008.06.20 08:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.08.04 19:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2008.04.04 11:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.03.25 18:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC-Doctor
[2008.03.29 15:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.01.03 12:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TurboFLOORPLAN Dum & Interiér & Zahrada Pro
[2010.07.22 18:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2008.03.30 12:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Elaborate Bytes
[2010.02.15 13:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\MAXON
[2008.04.04 11:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Nokia
[2008.04.04 11:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\PC Suite
[2010.08.03 14:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\RST
[2008.03.29 15:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\TuneUp Software
[2010.06.16 19:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Vodafone
[2010.04.27 19:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2008.10.05 13:23:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\AVGTOOLBAR
[2010.08.04 22:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\DAEMON Tools Lite
[2009.10.26 18:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\ICQ
[2009.11.13 15:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\LG Electronics
[2009.02.20 17:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\Nokia
[2009.02.20 17:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\PC Suite
[2010.04.12 17:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\Retriever
[2010.07.15 12:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\RST
[2009.11.26 21:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\TMInc
[2008.11.04 16:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\TuneUp Software
[2010.04.27 19:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veronika\Data aplikací\Vodafone
[2009.11.13 15:34:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Veronika\Data aplikací\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2010.01.01 18:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.08.05 22:08:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{752B43E6-B86D-40EC-A2D7-1CADB49EE03A}.job
[2010.08.02 12:25:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\Tasks\Vyčištění disku.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008.04.14 16:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 16:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.03.25 10:16:05 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\NLDRV\001\atapi.sys
[2008.03.25 10:22:14 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\NLDRV\002\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 16:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 16:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 16:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >
[2008.03.25 10:22:14 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\NLDRV\002\iastor.sys
[2009.05.14 18:12:45 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\NLDRV\001\iastor.sys
[2009.05.14 18:12:45 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 16:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 16:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 16:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 16:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 16:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 16:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.05.15 11:27:06 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.06 05:41:06 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2009.05.15 11:27:06 | 018,087,936 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.15 11:27:06 | 007,077,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010.08.04 22:36:06 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\system32\drivers\sptd.sys
< End of report >

Re: Prosim o radu a omrknuti logu... diky

Napsal: 06 srp 2010 07:54
od stell
Spust OTL-do okna zkopiruj zeleny text a klik-OPRAVIT-log vloz sem

Kód: Vybrat vše

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\lmimirr.sys -- (lmimirr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\INSTB32.SYS -- (INSTB32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1.LEN\LOCALS~1\Temp\EverestDriver.sys -- (EverestDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Veronika\LOCALS~1\Temp\catchme.sys -- (catchme)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1202660629-1844823847-839522115-500\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1202660629-1844823847-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll File not found
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe File not found
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.08.04 19:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.08.04 19:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.08.04 19:53:02 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2010.08.04 19:53:02 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2010.08.04 19:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.08.04 19:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.08.02 21:20:31 | 000,000,000 | ---D | C] -- C:\found.001
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
:commands
[purity]
[emptytemp]
[emptyflash]
[ClearAllRestorePoints]
[resethosts]
[start explorer]
[Reboot]

Re: Prosim o radu a omrknuti logu... diky

Napsal: 06 srp 2010 15:13
od ray204
All processes killed
========== OTL ==========
Service PcdrNdisuio stopped successfully!
Service PcdrNdisuio deleted successfully!
File C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys not found.
Service lmimirr stopped successfully!
Service lmimirr deleted successfully!
File C:\WINDOWS\System32\DRIVERS\lmimirr.sys not found.
Service INSTB32 stopped successfully!
Service INSTB32 deleted successfully!
File C:\WINDOWS\TEMP\INSTB32.SYS not found.
Service EverestDriver stopped successfully!
Service EverestDriver deleted successfully!
File C:\DOCUME~1\ADMINI~1.LEN\LOCALS~1\Temp\EverestDriver.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\Veronika\LOCALS~1\Temp\catchme.sys not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1202660629-1844823847-839522115-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKU\S-1-5-21-1202660629-1844823847-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AzMixerSel deleted successfully.
C:\WINDOWS\VDLL.DLL folder moved successfully.
C:\WINDOWS\RUNDL132.EXE folder moved successfully.
C:\WINDOWS\logo1_.exe folder moved successfully.
C:\WINDOWS\System32\runouce.exe folder moved successfully.
C:\WINDOWS\rundll16.exe folder moved successfully.
C:\WINDOWS\logo_1.exe folder moved successfully.
C:\WINDOWS\R.COM moved successfully.
C:\WINDOWS\system32\T.COM moved successfully.
C:\Program Files\Common Files\MicroWorld folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\MicroWorld\MWAV folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\MicroWorld\eScanBD folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\MicroWorld folder moved successfully.
C:\found.001 folder moved successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET30.tmp deleted successfully.
C:\WINDOWS\System32\SET31.tmp deleted successfully.
C:\WINDOWS\System32\SET37.tmp deleted successfully.
C:\WINDOWS\System32\SET5E.tmp deleted successfully.
C:\WINDOWS\System32\SET5F.tmp deleted successfully.
C:\WINDOWS\002858_.tmp deleted successfully.
C:\WINDOWS\S3646007D.tmp deleted successfully.
C:\WINDOWS\SET81.tmp deleted successfully.
C:\WINDOWS\SET84.tmp deleted successfully.
C:\WINDOWS\SET90.tmp deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Administrator.LENOVO3000N200
->Temp folder emptied: 293376 bytes
->Temporary Internet Files folder emptied: 35646 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Honza
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5654142 bytes
->Java cache emptied: 8186449 bytes
->FireFox cache emptied: 3526166 bytes
->Flash cache emptied: 1325 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Supervisor
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 111826 bytes

User: Veronika
->Temp folder emptied: 2761600 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36159115 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1983 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 312259 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 55,00 mb


[EMPTYFLASH]

User: Administrator

User: Administrator.LENOVO3000N200

User: All Users

User: Default User

User: Honza
->Flash cache emptied: 0 bytes

User: LocalService

User: LogMeInRemoteUser

User: NetworkService

User: Supervisor

User: Veronika
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.9.1 log created on 08062010_160151

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Re: Prosim o radu a omrknuti logu... diky

Napsal: 06 srp 2010 17:47
od stell
Ako to vyzera s pc??

Re: Prosim o radu a omrknuti logu... diky

Napsal: 07 srp 2010 09:12
od ray204
Stacilo kdyz jsem si otevrel Tento Pocitac, Dokumenty a nasledovala behem 3s modra smrt :

Proces nebo podproces kriticky pro praci systemu byl neocekavane zastaven nebo ukoncen.
*** STOP: 0x000000F4 (0x00000003, 0x85FBE020, 0x85FBE194, 0x8060577E)

Re: Prosim o radu a omrknuti logu... diky

Napsal: 07 srp 2010 11:59
od motji
Hezké odpoledne, záskok za kolegu :)
Podívejte se do složky C:\WINDOWS\minidump, jestli se Vám tam při pádu systému nevytvořil dmp soubor. Pokud ano, vložte ho do raru a dejte sem jako přílohu.
měl by nám prozradit, co se se systémem dělo. :)

Re: Prosim o radu a omrknuti logu... diky

Napsal: 07 srp 2010 13:05
od ray204
Dobry den :)
Pokusil jsem se BSOD vyvolat opetovnym otevrenim polozek "Tento Pocitac" a "Dokumenty". Zjistil jsem, ze je problem pouze s "Dokumenty". S "Tento Pocitac" mohu normalne pracovat. Asi po vterine se PC zasekne a po dalsich dvou vyskoci modra smrt. Tentokrat to byla KERNEL_STACK_INPAGE_ERROR. Rekl bych, ze tam budu mit nejaky nakazeny soubor. Z prvni BSOD bohuzel DMP soubor nemam, ale podruhe se vytvoril. Prikladam...

Re: Prosim o radu a omrknuti logu... diky

Napsal: 07 srp 2010 17:41
od motji
Poprosím kolegu, at na to koukne, z tohohle nic nevyčtu :( .
Pokud jste nedělali Avptool s kolegou, udělejte ho.

:arrow: Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Re: Prosim o radu a omrknuti logu... diky

Napsal: 08 srp 2010 00:02
od ray204
Kdyz probiha test, tak je vse v poradku do chvile, nez najede na Dokumenty. Okamzite naskoci modra smrt. Zkusil jsem se tam dostal pres konzoli pro zotaveni, ale nepusti me do slozky "Documents and Settings". Myslim si, ze tam bude nejaky soubor, ktery to zpusobuje. Napada vas neco?

Re: Prosim o radu a omrknuti logu... diky

Napsal: 08 srp 2010 00:59
od MiliNess
Kolegyně už odpočívá :) , tak na chvilku s dovolením zaskočím
V první řadě si na plochu stáhněte mbr.exe http://www2.gmer.net/mbr/mbr.exe
spusťte ho a log, který se vám vytvoří zkopírujte sem.
Spusťte též chkdsk /r (nejlépe z konzoly pro zotavení) ,zkontroluje se integrita FS a prověří clustery
Taky si stáhněte a nainstalujte Intel(R) Rapid Storage
http://downloadcenter.intel.com/Detail_ ... 9&lang=eng
Obsahuje mnohem novější verzi ovladače miniportu řadiče disku IaStor.sys

Re: Prosim o radu a omrknuti logu... diky

Napsal: 08 srp 2010 01:29
od ray204
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 61 !
copy of MBR has been found in sector 62 !



CheckDisk mi vytuhnul na 52%... 2x

Re: Prosim o radu a omrknuti logu... diky

Napsal: 08 srp 2010 02:06
od MiliNess
Zkuste najít v BIOSu mód řadiče disku (bude nastaven na AHCI) a přenastavte ho na IDE a pak zopakovat chkdsk
Pokud byste to nedokázal najít, napište mi co je to za typ NB

Re: Prosim o radu a omrknuti logu... diky

Napsal: 08 srp 2010 09:58
od ray204
Disk jsem z notebooku vyndal a chkdsk /r se (ve W7 pres cmd) zasekl na 96%. Jedna se o Lenovo 3000 N200 (Model Name : 0769).
Je to celkem zvlastni. Kdyz v systemu vlezu do "Dokumenty", tak okamzite naskoci modra smrt. Disk jsem pripojil do jineho PC a pri prochazeni "Dokumenty" nenastal zadny problem. Zkusil jsem celou slozku "Dokumenty" prekopirovat jinam a nenaskocila zadna chybova hlaska. Tim bych asi vyloucil HW vadu disku, protoze v opacnem pripade by se mela vyskytnout chyba pri cteni. Zkousim udelat Surface Test, ale asi to bude bez vysledku. Mozna by stalo za to, slozku "Dokumenty" zcela vymazat a nahrat ji zpet z druheho disku, kde jsem si ji zazalohoval.
Všechny časy jsou v UTC+01:00
Stránka 3 z 5

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz