infekční flash disk a možná i PC- conficker.Z30, recycler?

[Mahulka]

Dobrý večer, prosím o pomoc: Avira mi našla na kamarádky flash disku TR/systemhijack.1689
a ještě nějaký autorun.inf a recycler? Dnes jsem si do PC dala svojí flashku a hlásilo to
conficker.Z30. Teď nevím čí flash nebo PC to přenáší . Tu kamarádky flashku uz si do PC
strkat nebudu (kdyby chtěla pomoc nasměruju jí sem na forum),ztrácejí se na ní data,tvoří
se tam z většiny souborů dokumenty o velikosti 8 kB a jsou nefunkční, ani recuva nic neobnovila tak aby to bylo funkční.
Pro doplnění anamnézy: svojí flashku používám i ve škole a zde jsou PC asi v hrozném stavu.
Který log mám zaslat? děkuju

[Caroprd111]

Zdravím

Poprosím o log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=82743

[Mahulka]

Logfile of random's system information tool 1.06 (written by random/random)
Run by x at 2010-04-21 20:20:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (21%) free of 38 GB
Total RAM: 1023 MB (51% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\BMMTask.job
C:\WINDOWS\tasks\Připomenutí registrace 1.job
C:\WINDOWS\tasks\Připomenutí registrace 2.job
C:\WINDOWS\tasks\Připomenutí registrace 3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"S3TRAY2"=C:\WINDOWS\system32\S3Tray2.exe [2001-10-11 69632]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2007-12-05 122880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-05 524288]
"BluetoothAuthenticationAgent"=irprops.cpl,,BluetoothAuthenticationAgent []
"TPHOTKEY"=C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [2006-10-02 94208]
"BMMGAG"=RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor []
"BMMLREF"=C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE [2003-01-17 20480]
"TPKMAPMN"=C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe [2007-09-21 49152]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-06-05 242976]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2002-10-18 87751]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2007-02-06 344064]
"UC_SMB"= []
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\ibmmessages.exe [2003-01-07 495616]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
""= []
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2008-06-06 181536]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-09-23 860160]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
"WinampAgent"=C:\Program Files\Winamp\Winampa.exe [2002-04-24 12288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ibmmessages"=C:\Program Files\IBM\Messages By IBM\ibmmessages.exe [2003-01-07 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\Winampa.exe [2002-04-24 12288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]
C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2008-07-05 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-06 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
C:\WINDOWS\system32\notifyf2.dll [2005-07-05 28672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\WINDOWS\system32\tphklock.dll [2005-11-30 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-21 20:20:10 ----D---- C:\Program Files\trend micro
2010-04-21 20:20:09 ----D---- C:\rsit
2010-04-21 20:09:28 ----RASHD---- C:\autorun.inf
2010-04-21 20:05:27 ----A---- C:\UsbFix.txt
2010-04-21 19:21:19 ----D---- C:\UsbFix
2010-04-21 14:20:42 ----D---- C:\Program Files\Recuva
2010-04-21 10:54:40 ----A---- C:\WINDOWS\system32\vxdblock.exe
2010-04-21 10:54:26 ----D---- C:\Program Files\Evolution Labs
2010-04-21 10:51:14 ----D---- C:\Program Files\DiskInternals
2010-04-20 18:20:25 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-04-20 16:36:31 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-20 16:35:31 ----D---- C:\Program Files\Lavasoft
2010-04-20 16:35:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-04-20 13:39:57 ----SHD---- C:\found.000
2010-04-15 08:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 08:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 08:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 08:56:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 08:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 14:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 14:55:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-01 20:51:25 ----D---- C:\Program Files\Common Files\Skype
2010-04-01 20:41:34 ----A---- C:\WINDOWS\setup.ini
2010-04-01 17:39:13 ----A---- C:\WINDOWS\system32\camera.ini
2010-04-01 17:39:00 ----R---- C:\WINDOWS\system32\CoUninstall.dll
2010-04-01 17:38:45 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2010-04-01 17:30:52 ----D---- C:\Program Files\Microsoft ActiveSync
2010-03-24 14:04:18 ----D---- C:\Documents and Settings\x\Data aplikací\LangSoft
2010-03-24 14:04:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-03-23 12:24:54 ----D---- C:\Program Files\Axis Communications

======List of files/folders modified in the last 1 months======

2010-04-21 20:20:10 ----RD---- C:\Program Files
2010-04-21 20:19:50 ----D---- C:\WINDOWS\Internet Logs
2010-04-21 20:09:51 ----SD---- C:\WINDOWS\Tasks
2010-04-21 20:09:50 ----D---- C:\WINDOWS\Temp
2010-04-21 20:09:02 ----AD---- C:\WINDOWS
2010-04-21 20:07:49 ----SHD---- C:\RECYCLER
2010-04-21 20:05:27 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 20:04:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-21 17:00:43 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-21 17:00:00 ----D---- C:\WINDOWS\Prefetch
2010-04-21 14:13:06 ----D---- C:\Documents and Settings\x\Data aplikací\Skype
2010-04-21 11:53:39 ----D---- C:\Documents and Settings\x\Data aplikací\skypePM
2010-04-21 11:00:13 ----D---- C:\WINDOWS\system32
2010-04-21 09:50:27 ----A---- C:\WINDOWS\wincmd.ini
2010-04-21 08:12:16 ----D---- C:\WINDOWS\SxsCaPendDel
2010-04-20 19:41:23 ----D---- C:\WINDOWS\Debug
2010-04-20 16:51:54 ----SHD---- C:\WINDOWS\Installer
2010-04-20 16:50:29 ----SHD---- C:\Config.Msi
2010-04-20 16:47:40 ----HD---- C:\WINDOWS\inf
2010-04-20 16:43:31 ----D---- C:\WINDOWS\system32\drivers
2010-04-20 16:42:38 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-20 16:36:41 ----D---- C:\WINDOWS\WinSxS
2010-04-15 08:59:44 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-04-15 08:59:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-09 21:52:05 ----A---- C:\WINDOWS\winamp.ini
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-01 20:51:25 ----D---- C:\Program Files\Common Files
2010-04-01 20:41:29 ----D---- C:\WINDOWS\OvtCam
2010-04-01 20:01:31 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-01 17:34:30 ----D---- C:\WINDOWS\Help
2010-04-01 17:30:53 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-01 16:50:14 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-03-31 08:17:04 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-31 08:17:03 ----D---- C:\Program Files\Internet Explorer
2010-03-31 08:16:30 ----D---- C:\WINDOWS\ie7updates
2010-03-28 19:56:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-23 14:49:33 ----D---- C:\Program Files\GuildFTPd
2010-03-23 14:46:35 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-03-23 12:24:56 ----SD---- C:\WINDOWS\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2008-07-02 11520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-10-02 14848]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-10-02 9343]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-07-05 17699]
R1 TPPWR;TPPWR; C:\WINDOWS\System32\drivers\Tppwr.sys [2003-01-17 15360]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2007-03-09 7168]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-16 353672]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-29 21275]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-08 56816]
R2 irda;Protokol IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-07 11354]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-11-29 44384]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-02-06 1133568]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-08-28 990592]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2006-08-28 247808]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys [2007-11-02 21808]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2007-12-05 177664]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2006-01-17 3325312]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-08-28 728576]
S1 P3;Ovladač procesoru Intel PentiumIII; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46592]
S2 FileDisk;Filedisk; C:\WINDOWS\SYSTEM32\DRIVERS\filedisk.sys []
S3 ac97intc;Služba instalace zvukového ovladače Intel(r) (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2002-10-18 1156672]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 472224]
S3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2006-10-24 170392]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-11-13 140800]
S3 gv3;Ovladač procesoru Intel GV3; C:\WINDOWS\System32\DRIVERS\gv3.sys [2002-11-20 33408]
S3 LucentSoftModem;Lucent Technologies Soft Modem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [2001-08-17 802683]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCANDIS5.SYS []
S3 PCDRDRV;Pcdr Helper Driver; \??\C:\PROGRA~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys []
S3 PcdrNt;PcdrNt; C:\WINDOWS\System32\drivers\PcdrNt.sys []
S3 S3SSavage;S3SSavage; C:\WINDOWS\System32\DRIVERS\s3ssavm.sys [2001-11-01 95104]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2007-08-14 47376]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 TwoTrack;IBM PS/2 TrackPoint Filter Driver; C:\WINDOWS\System32\DRIVERS\TwoTrack.sys [2001-08-17 11520]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbcamcl;Driver for video Device; C:\WINDOWS\system32\DRIVERS\usbcamcl.sys [2009-10-31 31104]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 w70n51;Intel(R) PRO/Wireless 7100 Adapter Driver; C:\WINDOWS\System32\DRIVERS\w70n51.sys [2003-03-12 2390528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2008-07-05 90112]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2008-07-05 212992]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-06 364544]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-02-06 86016]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2007-11-02 36136]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-04-20 1265264]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-02-06 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-02-06 372809]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2008-05-16 32768]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2008-05-14 37416]
R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2006-06-29 32768]
R2 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
S3 ACS;ACU Configuration Service; C:\WINDOWS\system32\acs.exe [2005-11-22 36864]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mahulka]

pred tim jsem pouzila usb fix snad to nevadi, tady je log
############################## | UsbFix V6.106 |

User : x (Administrators) # MAGDYPC
Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 20:05:45 | 21.4.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) M processor 1.70GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
FW : ZoneAlarm Firewall[ Enabled ]8.0.298.000

C:\ -> Místní pevný disk # 37,26 Go (7,82 Go free) [IBM_PRELOAD] # NTFS
D:\ -> Disk CD-ROM

################## | Files # Infected Folders |

Deleted ! C:\Recycler\S-1-5-21-1578003675-4267738357-3058202713-1004

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{41f82ca3-a74d-11de-8380-0013ce8dea9f}\Shell\AutoRun\Command

################## | Listing of the present files |

[21.04.2010 20:05|--a------|2236] C:\aaw7boot.log
[27.11.2007 14:23|--a------|134] C:\AIBM_ALM.DBG
[27.11.2007 14:23|--ah-----|0] C:\AUTOEXEC.BAT
[07.11.2009 19:08|-rahs----|211] C:\BOOT.INI
[23.09.2002 06:00|-rahs----|4952] C:\Bootfont.bin
[27.11.2007 14:06|--ah-----|0] C:\BOOTLOG.PRV
[27.11.2007 14:10|--ah-----|0] C:\BOOTLOG.TXT
[22.10.2002 17:19|--ahs----|512] C:\BOOTSECT.DOS
[27.11.2007 14:23|--ah-----|0] C:\CONFIG.SYS
[27.11.2007 14:05|--a------|1125] C:\drivez.log
[29.11.2007 11:31|--a------|0] C:\hb_1C.tmp
[?|?|?] C:\hiberfil.sys
[27.11.2007 14:23|--ah-----|0] C:\IO.SYS
[27.11.2007 14:03|--a------|155] C:\LOGFILE.txt
[13.08.2008 12:42|-rahs----|0] C:\MSDOS.SYS
[27.11.2007 15:50|-rahs----|47564] C:\NTDETECT.COM
[13.08.2008 17:09|-rahs----|250576] C:\ntldr
[?|?|?] C:\pagefile.sys
[27.11.2007 14:49|--a------|870] C:\SYSLEVEL.IBM
[27.11.2007 14:48|--a------|43] C:\TCPACHIP.LOG
[08.04.2010 10:30|---h-----|114691] C:\treeinfo.wc
[21.04.2010 20:09|--a------|2013] C:\UsbFix.txt

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_MAGDYPC.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

[Caroprd111]

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

[Mahulka]

hotovo zde je log:
ComboFix 10-04-21.01 - x 21.04.2010 21:07:22.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.566 [GMT 2:00]
Spuštěný z: c:\documents and settings\x\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\hb_1C.tmp
c:\windows\x
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-21 do 2010-04-21 )))))))))))))))))))))))))))))))
.

2010-04-21 18:20 . 2010-04-21 18:20 -------- d-----w- c:\program files\trend micro
2010-04-21 18:20 . 2010-04-21 18:20 -------- d-----w- C:\rsit
2010-04-21 18:09 . 2010-04-21 18:09 1410 ----a-w- C:\UsbFix_Upload_Me_MAGDYPC.zip
2010-04-21 17:21 . 2010-04-21 18:09 -------- d-----w- C:\UsbFix
2010-04-21 12:20 . 2010-04-21 12:20 -------- d-----w- c:\program files\Recuva
2010-04-21 08:54 . 2010-04-21 08:54 8192 ----a-w- c:\windows\system32\vxdblock.exe
2010-04-21 08:54 . 2010-04-21 09:00 -------- d-----w- c:\program files\Evolution Labs
2010-04-21 08:51 . 2010-04-21 08:53 -------- d-----w- c:\program files\DiskInternals
2010-04-20 16:20 . 2010-04-20 14:41 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-20 14:55 . 2010-04-20 14:55 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-04-20 14:42 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-04-20 14:42 . 2010-04-20 14:41 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-04-20 14:35 . 2010-04-20 14:50 -------- d-----w- c:\program files\Lavasoft
2010-04-20 11:39 . 2010-04-20 11:39 -------- d-----w- C:\found.000
2010-04-01 18:51 . 2010-04-01 18:51 -------- d-----w- c:\program files\Common Files\Skype
2010-04-01 15:39 . 2009-10-31 06:21 31104 ------r- c:\windows\system32\drivers\usbcamcl.sys
2010-04-01 15:39 . 2008-06-18 02:28 19968 ------r- c:\windows\system32\drivers\usbDecode.sys
2010-04-01 15:39 . 2009-09-24 07:12 8643584 ------r- c:\windows\system32\drivers\PictureDll.sys
2010-04-01 15:39 . 2007-11-15 06:03 5632 ------r- c:\windows\system32\drivers\FilterDll.sys
2010-04-01 15:39 . 2009-05-25 02:57 496640 ------r- c:\windows\system32\drivers\FaceDll.sys
2010-04-01 15:39 . 2009-11-13 08:51 40960 ------r- c:\windows\system32\CoUninstall.dll
2010-04-01 15:38 . 2001-05-11 11:18 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2010-04-01 15:30 . 2010-04-01 15:34 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-04-01 14:36 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2010-04-01 14:36 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-04-01 14:35 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-04-01 14:35 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-03-23 10:24 . 2010-03-23 10:24 -------- d-----w- c:\program files\Axis Communications

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-21 15:00 . 2007-11-27 11:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-01 18:01 . 2010-02-24 17:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-28 17:56 . 1979-12-31 23:00 78228 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 17:56 . 1979-12-31 23:00 429256 ----a-w- c:\windows\system32\perfh005.dat
2010-03-23 12:49 . 2009-12-08 16:09 -------- d-----w- c:\program files\GuildFTPd
2010-03-11 12:36 . 2006-06-23 12:27 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2004-08-17 22:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 1979-12-31 23:00 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:11 . 1979-12-31 23:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-03-07 17:50 . 2010-03-07 17:49 -------- d-----w- c:\program files\Winamp
2010-03-02 20:01 . 2010-03-02 17:51 -------- d-----w- c:\program files\AlphaChess
2010-02-28 10:01 . 2010-02-28 10:01 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-02-28 10:01 . 2010-02-28 10:01 -------- d-----w- c:\program files\DVDVideoSoft
2010-02-28 09:57 . 2010-02-28 09:54 -------- d-----w- c:\program files\Ipod Video Converter
2010-02-24 18:01 . 2010-02-24 18:01 -------- d-----w- c:\program files\Common Files\ResearchSoft
2010-02-24 18:01 . 2010-02-24 18:00 -------- d-----w- c:\program files\EndNote X3
2010-02-24 13:11 . 1979-12-31 23:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 1979-12-31 23:00 2192128 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2002-09-20 16:12 2068992 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:03 . 2010-03-08 07:18 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:35 . 2006-08-16 12:16 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 1979-12-31 23:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ibmmessages"="c:\program files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"S3TRAY2"="S3Tray2.exe" [2001-10-11 69632]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2007-12-05 122880]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-05 524288]
"BluetoothAuthenticationAgent"="irprops.cpl" [2008-04-14 380928]
"TPHOTKEY"="c:\progra~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-10-02 94208]
"BMMGAG"="c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll" [2003-01-17 64000]
"BMMLREF"="c:\program files\ThinkPad\Utilities\BMMLREF.EXE" [2003-01-17 20480]
"TPKMAPMN"="c:\program files\ThinkPad\Utilities\TpKmapMn.exe" [2007-09-21 49152]
"TP4EX"="tp4ex.exe" [2005-10-16 65536]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2008-06-05 242976]
"AGRSMMSG"="AGRSMMSG.exe" [2002-10-18 87751]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2007-02-06 344064]
"ibmmessages"="c:\program files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 495616]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"TpShocks"="TpShocks.exe" [2008-06-06 181536]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"WinampAgent"="c:\program files\Winamp\Winampa.exe" [2002-04-24 12288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2009-9-20 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2005-07-05 21:45 28672 ----a-w- c:\windows\system32\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-11-30 18:16 24576 ----a-w- c:\windows\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-14 09:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 15:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2002-04-24 03:02 12288 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [20.4.2010 16:42 64288]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [14.5.2008 16:21 19496]
R1 TPPWR;TPPWR;c:\windows\system32\drivers\TPPWR.SYS [27.11.2007 13:57 15360]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6.10.2009 11:08 108289]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1265264]
S3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [22.10.2002 17:29 802683]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\progra~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys --> c:\progra~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys [?]
S3 usbcamcl;Driver for video Device;c:\windows\system32\drivers\usbcamcl.sys [1.4.2010 17:39 31104]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 14:41]

2010-04-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-09-19 c:\windows\Tasks\BMMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2007-11-27 00:32]

2007-11-27 c:\windows\Tasks\Připomenutí registrace 1.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-10-22 03:22]

2007-11-27 c:\windows\Tasks\Připomenutí registrace 2.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-10-22 03:22]

2007-11-27 c:\windows\Tasks\Připomenutí registrace 3.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-10-22 03:22]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: {92D42B2B-CD55-4BD2-8B19-9BF0E24E3C1A} = 160.217.161.1
TCP: {A37887FA-4BFE-4F96-9186-834A8826B73B} = 160.217.161.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-UC_SMB - (no file)
Notify-ACNotify - ACNotify.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-21 21:15
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1578003675-4267738357-3058202713-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8CB206CF-ABA3-0157-00CE-883B43D09B93}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(768)
c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\tphklock.dll

- - - - - - - > 'explorer.exe'(2640)
c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\System32\TPHDEXLG.exe
c:\windows\system32\TpKmpSVC.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\program files\ThinkPad\ConnectUtilities\AcMurocHlpr.exe
c:\windows\system32\RunDll32.exe
c:\program files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
c:\program files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
c:\windows\AGRSMMSG.exe
c:\windows\system32\TpShocks.exe
c:\program files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-04-21 21:32:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-21 19:31

Před spuštěním: 8 271 196 160
Po spuštění: 8 227 872 768

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 967D12E28AAD7DDCD375E3E63242F19A

[Mahulka]

Preju dobrou noc zitra se zas prihlasim a snad tu havet znicime.

[Mahulka]

Tak se hlasim ze skoly, na moji druhe flashce mi to naslo taky ten confickerZ30, smazala jsem ho Avirou (na skolnim PC do ntb jsem si ji nedavala), ale nevim jestli to staci...

[Caroprd111]

Vložte do PC všechny flash disky, které používáte.

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

• Spusťte, poté zvolte jazyk E - Enter
• Zvolte 1 - Enter
• Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

[Mahulka]

############################## | UsbFix V6.106 |

User : x (Administrators) # MAGDYPC
Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:19:00 | 22.4.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) M processor 1.70GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Disabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
FW : ZoneAlarm Firewall[ Enabled ]8.0.298.000

C:\ -> Místní pevný disk # 37,26 Go (7,99 Go free) [IBM_PRELOAD] # NTFS
D:\ -> Disk CD-ROM
E:\ -> Vyměnitelný disk # 7,49 Go (373,22 Mo free) [CORSAIR] # FAT32
F:\ -> Vyměnitelný disk # 124,47 Mo (90,4 Mo free) # FAT

################## | Files # Infected Folders |


################## | Registry |

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |


################## | Vaccin |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | ! End of report # UsbFix V6.106 ! |

[Caroprd111]

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte program, poté klikněte na Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[Mahulka]

OTL logfile created on: 22.4.2010 16:41:12 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\x\Dokumenty\MAGDA\PROGRAMY\viry cz
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 412,00 Mb Available Physical Memory | 40,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 7,98 Gb Free Space | 21,42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAGDYPC
Current User Name: x
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.22 16:40:01 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\x\Dokumenty\MAGDA\PROGRAMY\viry cz\OTL.exe
PRC - [2010.04.20 16:41:41 | 000,818,256 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010.04.20 16:41:40 | 001,265,264 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.02.26 10:49:18 | 000,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009.02.16 00:10:22 | 002,402,184 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009.02.16 00:10:22 | 000,981,384 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2008.09.03 21:35:48 | 000,557,666 | ---- | M] ( ) -- C:\Program Files\Mahulky Miranda\miranda32.exe
PRC - [2008.07.05 01:06:50 | 000,090,112 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2008.07.05 01:06:10 | 000,126,976 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2008.07.05 01:05:16 | 000,212,992 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2008.07.05 01:05:04 | 000,172,032 | ---- | M] (Lenovo ) -- C:\Program Files\ThinkPad\ConnectUtilities\AcMurocHlpr.exe
PRC - [2008.06.06 18:21:04 | 000,181,536 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TpShocks.exe
PRC - [2008.06.05 02:36:00 | 000,242,976 | ---- | M] (Lenovo Group Ltd.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
PRC - [2008.05.16 10:52:12 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2008.05.14 16:21:16 | 000,037,416 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
PRC - [2007.12.05 16:14:34 | 000,122,880 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2007.11.02 15:51:02 | 000,036,136 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2007.09.26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007.09.21 15:45:36 | 000,049,152 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
PRC - [2006.10.02 10:19:48 | 000,094,208 | ---- | M] () -- C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
PRC - [2006.07.04 03:05:00 | 000,225,280 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe
PRC - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
PRC - [2006.05.30 15:05:42 | 000,086,016 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
PRC - [2006.02.06 21:26:34 | 000,372,809 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006.02.06 21:23:06 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006.02.06 21:22:26 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2005.07.05 14:57:12 | 000,077,824 | ---- | M] () -- C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
PRC - [2004.12.14 11:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2004.10.14 09:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003.01.07 15:52:16 | 000,495,616 | ---- | M] (IBM) -- C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
PRC - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2002.04.24 05:02:03 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe


========== Modules (SafeList) ==========

MOD - [2010.04.22 16:40:01 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\x\Dokumenty\MAGDA\PROGRAMY\viry cz\OTL.exe
MOD - [2008.01.27 00:52:54 | 000,077,927 | ---- | M] () -- C:\Program Files\Mahulky Miranda\Plugins\AdvancedAutoAway.dll
MOD - [2007.12.05 16:14:30 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.04.20 16:41:40 | 001,265,264 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.02.16 00:10:22 | 002,402,184 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.05 01:06:50 | 000,090,112 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2008.07.05 01:05:16 | 000,212,992 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2008.05.16 10:52:12 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2008.05.14 16:21:16 | 000,037,416 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007.11.02 15:51:02 | 000,036,136 | ---- | M] (Lenovo) [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007.09.26 17:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2006.06.29 21:57:50 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
SRV - [2006.02.06 21:26:34 | 000,372,809 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2006.02.06 21:23:06 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2006.02.06 21:22:26 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
SRV - [2005.11.22 17:20:28 | 000,036,864 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2010.02.04 17:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009.12.08 10:32:19 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.10.31 08:21:48 | 000,031,104 | R--- | M] (usb camera) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbcamcl.sys -- (usbcamcl)
DRV - [2009.05.11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.16 00:10:26 | 000,353,672 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009.02.13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.11.17 02:24:00 | 000,051,688 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2008.07.02 00:22:06 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2008.07.02 00:22:04 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2008.05.14 16:21:16 | 000,114,728 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2008.05.14 16:21:16 | 000,019,496 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2008.04.13 20:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 20:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008.04.13 20:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007.12.05 16:11:56 | 000,177,664 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.11.29 16:04:50 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2007.11.29 16:04:50 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2007.11.02 15:50:30 | 000,021,808 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007.08.14 15:25:52 | 000,047,376 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007.05.02 10:54:08 | 000,472,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.03.09 02:57:02 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007.02.19 07:56:46 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007.02.06 23:38:32 | 001,133,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.10.02 01:55:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint)
DRV - [2006.10.02 01:55:00 | 000,009,343 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI)
DRV - [2006.08.28 23:12:00 | 000,990,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006.08.28 23:11:00 | 000,247,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2006.08.28 23:10:00 | 000,728,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006.01.17 17:32:44 | 003,325,312 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2005.11.07 05:58:30 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005.07.05 14:57:06 | 000,017,699 | ---- | M] (IBM Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2005.05.17 10:20:06 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)
DRV - [2003.03.12 15:16:44 | 002,390,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w70n51.sys -- (w70n51) Intel(R)
DRV - [2003.01.17 02:32:00 | 000,015,360 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWR.SYS -- (TPPWR)
DRV - [2002.11.20 15:54:42 | 000,033,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gv3.sys -- (gv3)
DRV - [2002.10.18 12:07:34 | 001,156,672 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002.09.19 19:41:28 | 000,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2001.11.01 03:57:14 | 000,095,104 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3ssavm.sys -- (S3SSavage)
DRV - [2001.10.24 12:54:40 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.09.18 13:00:00 | 000,167,816 | R--- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\omcamvid.sys -- (OVT511Plus)
DRV - [2001.09.13 07:58:02 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PMEMNT.SYS -- (PMEM)
DRV - [2001.08.17 23:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 23:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 23:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 23:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 23:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 22:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 22:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 22:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 22:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 22:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 22:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 22:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 22:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 22:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001.08.17 22:48:14 | 000,011,520 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TwoTrack.sys -- (TwoTrack)
DRV - [2001.08.17 22:28:10 | 000,802,683 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LTSM.sys -- (LucentSoftModem)
DRV - [2001.08.17 21:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Služba instalace zvukového ovladače Intel(r) (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2002.09.23 06:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\irprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [BMMGAG] C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL (IBM Corp.)
O4 - HKLM..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE ()
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
O4 - HKLM..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
O4 - HKLM..\Run: [S3TRAY2] C:\WINDOWS\System32\S3Tray2.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe ()
O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\Winampa.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe (IBM)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://www-307.ibm.com/pc/support/acpir.cab (IASRunner Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 6167230709 (WUWebControl Class)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://kam-cam10.cam.jcu.cz/activex/AMC.cab (AxisMediaControl Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.108.10.108 10.108.10.109
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\System32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\System32\tphklock.dll ()
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.11.27 14:23:46 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.04.21 20:09:28 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.22 10:04:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.04.21 21:32:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.04.21 21:04:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.04.21 21:03:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.04.21 21:03:23 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.04.21 21:03:23 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.04.21 21:03:23 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.04.21 21:03:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.04.21 21:02:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.04.21 20:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.21 20:20:09 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.21 20:09:28 | 000,000,000 | R--D | C] -- C:\autorun.inf
[2010.04.21 19:21:19 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.04.21 17:01:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\x\Recent
[2010.04.21 14:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010.04.21 10:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Evolution Labs
[2010.04.21 10:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\DiskInternals
[2010.04.20 16:42:38 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010.04.20 16:42:00 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.04.20 16:36:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.04.20 16:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010.04.20 16:35:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2010.04.20 13:39:57 | 000,000,000 | ---D | C] -- C:\found.000
[2010.04.01 20:51:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.04.01 17:39:13 | 000,031,104 | R--- | C] (usb camera) -- C:\WINDOWS\System32\drivers\usbcamcl.sys
[2010.04.01 17:39:13 | 000,019,968 | R--- | C] (usb camera) -- C:\WINDOWS\System32\drivers\usbDecode.sys
[2010.04.01 17:39:03 | 008,643,584 | R--- | C] (ark) -- C:\WINDOWS\System32\drivers\PictureDll.sys
[2010.04.01 17:39:03 | 000,005,632 | R--- | C] (ark) -- C:\WINDOWS\System32\drivers\FilterDll.sys
[2010.04.01 17:39:02 | 000,496,640 | R--- | C] (ark) -- C:\WINDOWS\System32\drivers\FaceDll.sys
[2010.04.01 17:38:45 | 000,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2010.04.01 17:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2010.04.01 16:36:09 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2010.04.01 16:36:09 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010.04.01 16:36:02 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2010.04.01 16:36:02 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010.04.01 16:35:55 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010.03.24 14:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\x\Data aplikací\LangSoft
[2010.03.24 14:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.22 12:58:32 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.04.22 12:57:51 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
[2010.04.22 12:56:59 | 000,350,192 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.04.22 12:56:42 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.22 12:56:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.22 12:56:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.22 12:56:16 | 1072,680,960 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.22 11:03:55 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\x\NTUSER.DAT
[2010.04.22 11:03:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\x\ntuser.ini
[2010.04.22 10:03:20 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\iTunes.lnk
[2010.04.22 08:57:36 | 000,001,336 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.04.21 21:15:27 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.21 21:13:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\lmhosts
[2010.04.21 21:05:01 | 000,000,281 | RHS- | M] () -- C:\BOOT.INI
[2010.04.21 20:50:24 | 003,923,062 | R--- | M] () -- C:\Documents and Settings\x\Plocha\ComboFix.exe
[2010.04.21 17:20:33 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.04.21 14:20:45 | 000,001,523 | ---- | M] () -- C:\Documents and Settings\x\Plocha\Recuva.lnk
[2010.04.21 14:09:37 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.04.21 14:02:27 | 000,192,986 | ---- | M] () -- C:\Documents and Settings\x\Dokumenty\My EndNote Library.enl
[2010.04.21 10:54:40 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\vxdblock.exe
[2010.04.21 09:40:42 | 003,634,512 | -H-- | M] () -- C:\Documents and Settings\x\Local Settings\Data aplikací\IconCache.db
[2010.04.20 16:41:58 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.04.20 16:41:56 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010.04.20 16:36:25 | 000,000,878 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
[2010.04.20 09:19:03 | 000,449,024 | ---- | M] () -- C:\Documents and Settings\x\Plocha\PROTOKOL MLEKO POSLEDNI.xls
[2010.04.20 08:28:04 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\x\Data aplikací\WWB7_32.DAT
[2010.04.16 18:46:31 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\x\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.09 21:52:05 | 000,001,065 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2010.04.08 10:30:16 | 000,114,691 | -H-- | M] () -- C:\treeinfo.wc
[2010.04.01 17:39:13 | 000,000,020 | ---- | M] () -- C:\WINDOWS\System32\camera.ini
[2010.04.01 17:31:33 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\x\Data aplikací\$_hpcst$.hpc
[2010.03.29 11:30:32 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.03.28 19:56:11 | 001,020,120 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 19:56:11 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 19:56:11 | 000,429,256 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 19:56:11 | 000,078,228 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 19:56:11 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.21 21:05:01 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.04.21 21:04:58 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.04.21 21:03:23 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.04.21 21:03:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.04.21 21:03:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.04.21 21:03:23 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.04.21 21:03:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.04.21 20:50:03 | 003,923,062 | R--- | C] () -- C:\Documents and Settings\x\Plocha\ComboFix.exe
[2010.04.21 14:20:45 | 000,001,523 | ---- | C] () -- C:\Documents and Settings\x\Plocha\Recuva.lnk
[2010.04.21 10:54:40 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\vxdblock.exe
[2010.04.20 18:20:25 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010.04.20 16:43:16 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.04.20 16:36:25 | 000,000,878 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
[2010.04.01 17:39:13 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\camera.ini
[2010.04.01 17:39:00 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\face.ax
[2010.04.01 17:39:00 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\CoUninstall.dll
[2010.04.01 17:31:33 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\x\Data aplikací\$_hpcst$.hpc
[2010.03.24 14:06:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\XXLGSC
[2009.11.28 20:19:21 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\bmpproc.dll
[2009.11.18 19:27:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[2009.11.11 21:28:55 | 000,000,081 | ---- | C] () -- C:\WINDOWS\PISKVORY.INI
[2009.09.20 20:59:35 | 000,000,374 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.09.20 17:24:30 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.09.19 08:30:33 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009.09.19 08:24:08 | 000,001,336 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.08.13 13:05:12 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2007.11.29 09:56:00 | 002,115,816 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007.11.29 09:38:27 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007.11.29 09:38:27 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2007.11.27 14:49:28 | 000,002,289 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007.11.27 14:10:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.11.27 14:03:37 | 000,000,222 | ---- | C] () -- C:\WINDOWS\Welcome.ini
[2007.11.27 13:59:33 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2007.11.27 13:59:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2007.11.27 13:58:52 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2007.11.27 13:58:25 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2005.11.30 20:16:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.07.05 23:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2002.11.15 02:14:28 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\AIBMRUNL.dll
[1980.01.01 01:00:00 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[1980.01.01 01:00:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
< End of report >

[Mahulka]

OTL Extras logfile created on: 22.4.2010 16:41:12 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\x\Dokumenty\MAGDA\PROGRAMY\viry cz
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 412,00 Mb Available Physical Memory | 40,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 7,98 Gb Free Space | 21,42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAGDYPC
Current User Name: x
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = LizardTech DjVu Control
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.6.0.198
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = ThinkPad Keyboard Customizer Utility
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B7B3B4A-AF8C-4671-A92E-3E7E9ABCB22B}" = IBM Rapid Restore PC Setup
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{58D4FB3A-98E9-4B9B-B01E-7F005AEFE019}" = PC Camera
"{5ED69AF4-C38E-11D3-B10A-00500406C16C}" = STATISTICA Cz 7
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{710C0BB2-FE39-484E-BB23-C9B96835A14A}" = Access IBM Message Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad UltraNav Wizard
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}" = EndNote X3
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8745DEAB-1126-42F5-9585-C66D5497B47B}" = EMEA Wallpaper
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{AC76BA86-7AD7-1029-7B44-A80000000000}" = Adobe Reader 8 - Czech
"{B5599ECB-DA72-43EE-8A30-2C80396FF8BB}" = Access IBM
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF44C7A5-5705-41E4-BE84-A9A42977AB05}" = alm
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{EA664480-3844-11D5-8C25-444553540000}" = TrackPoint Accessibility Features
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad Configuration
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Access IBM Tools" = Access IBM Tools
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 7.0 Professional - Czech, Polish, Greek - V" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"All ATI Software" = ATI - Software Uninstall Utility
"AlphaChess" = AlphaChess 3
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AXIS Media Control" = AXIS Media Control
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_05591014" = ThinkPad Integrated 56K Modem
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Counter Strike 1.6 " = Counter Strike 1.6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 2.4
"GuildFTPd" = GuildFTPd FTP Deamon
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IsoBuster_is1" = IsoBuster 1.5
"Jídelníček" = Jídelníček
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Power Features" = IBM ThinkPad Battery MaxiMiser and Power Management Features
"Power Management Driver" = ThinkPad Power Management Driver
"Presentation Director" = ThinkPad Presentation Director
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Recuva" = Recuva
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"ThinkPadSoftwareInstaller" = ThinkPad Software Installer
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 0.9.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13.4.2010 5:49:41 | Computer Name = MAGDYPC | Source = Application Error | ID = 1000
Description = Chybující aplikace statist.exe, verze 7.0.61.0, chybující modul stl_cbar.dll,
verze 7.0.61.0, adresa chyby 0x0002c6a0.

Error - 14.4.2010 2:11:36 | Computer Name = MAGDYPC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 15.4.2010 2:17:47 | Computer Name = MAGDYPC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 15.4.2010 3:03:00 | Computer Name = MAGDYPC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 16.4.2010 8:47:57 | Computer Name = MAGDYPC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 19.4.2010 2:18:26 | Computer Name = MAGDYPC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 19.4.2010 3:22:40 | Computer Name = MAGDYPC | Source = Application Error | ID = 1000
Description = Chybující aplikace statist.exe, verze 7.0.61.0, chybující modul stl_cbar.dll,
verze 7.0.61.0, adresa chyby 0x0002c6a0.

Error - 19.4.2010 3:28:14 | Computer Name = MAGDYPC | Source = Application Error | ID = 1000
Description = Chybující aplikace statist.exe, verze 7.0.61.0, chybující modul stl_cbar.dll,
verze 7.0.61.0, adresa chyby 0x0002c6a0.

Error - 20.4.2010 7:49:20 | Computer Name = MAGDYPC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 20.4.2010 10:39:45 | Computer Name = MAGDYPC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ OSession Events ]
Error - 1.1.2010 14:19:12 | Computer Name = MAGDYPC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1094
seconds with 780 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.4.2010 15:13:38 | Computer Name = MAGDYPC | Source = Service Control Manager | ID = 7000
Description = Služba FileDisk neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 21.4.2010 15:16:44 | Computer Name = MAGDYPC | Source = Service Control Manager | ID = 7023
Description = Služba iPod Service byla ukončena s následující chybou: %%2147549465

Error - 21.4.2010 15:17:07 | Computer Name = MAGDYPC | Source = DCOM | ID = 10010
Description = Server {063D34A4-BF84-4B8D-B699-E8CA06504DDE} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 21.4.2010 15:17:13 | Computer Name = MAGDYPC | Source = Service Control Manager | ID = 7023
Description = Služba iPod Service byla ukončena s následující chybou: %%2147549465

Error - 21.4.2010 15:17:37 | Computer Name = MAGDYPC | Source = DCOM | ID = 10010
Description = Server {063D34A4-BF84-4B8D-B699-E8CA06504DDE} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 22.4.2010 2:19:52 | Computer Name = MAGDYPC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.100 pro síťovou kartu s adresou 0013CE8DEA9F
byla serverem DHCP 160.217.1.10 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 22.4.2010 2:20:02 | Computer Name = MAGDYPC | Source = Service Control Manager | ID = 7000
Description = Služba FileDisk neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 22.4.2010 2:38:42 | Computer Name = MAGDYPC | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače DANA-PC, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C35C0408-028A-4389-8.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 22.4.2010 6:56:27 | Computer Name = MAGDYPC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 160.217.132.30 pro síťovou kartu s adresou 0013CE8DEA9F
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 22.4.2010 6:56:36 | Computer Name = MAGDYPC | Source = Service Control Manager | ID = 7000
Description = Služba FileDisk neuspěla při spuštění v důsledku následující chyby:
%%2


< End of report >

[Caroprd111]

Doporučuji odinstalovat Ad-Aware.


Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

:Commands
[PURITY] 
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

[Mahulka]

Uz je to dobre? Co mam dat misto toho adwaru, ja ho tam pridala teprve nedavno, uz je pryc.

All processes killed
========== OTL ==========
C:\WINDOWS\002200_.tmp deleted successfully.
C:\WINDOWS\005618_.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: x
->Temp folder emptied: 296330 bytes
->Temporary Internet Files folder emptied: 34387 bytes
->Opera cache emptied: 53596510 bytes
->Flash cache emptied: 535 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17151 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 52,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: x
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.2.0 log created on 04222010_170111

Files\Folders moved on Reboot...
C:\Documents and Settings\x\Local Settings\Temp\~DFD3D1.tmp moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_b94.dat moved successfully.
File\Folder C:\WINDOWS\temp\ZLT06a3a.TMP not found!

Registry entries deleted on Reboot...