Havet

[JuraFilth]

Soubor C:\PhysicalMBR.bin prosímtě otestuj na webové službě http://www.virustotal.com/ , vysledek dej vědět odkazem na něj, nebo zkopírováním nálezů co našly antiviráky

muze to byt ovlivneno kdyz si to hodim na flashku a vyskenuju to pres tento PC ?? na tom ntbuku neni internet vsechno delam pres flashku

[JuraFilth]

Tak tady mame ty logy


a odkaz zde : https://www.virustotal.com/file/563903d ... 331665720/

[JuraFilth]

neco je zlé :-/ po dokonceni otl jsem restartoval PC a do windowsu uz nejde najet tak jsem dal spustit jako oprava systemu nebo tak neco, tak se to ted opravuje

[JuraFilth]

po oprave to uz najelo do win. ( uff )

prvi log zde



========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2689210381-877661392-85660980-1000\Software\Microsoft\Windows\CurrentVersion\Run\\B69.exe deleted successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\B69.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2689210381-877661392-85660980-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
C:\Users\janiska\AppData\Local\Facebook\Update\FacebookUpdate.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2689210381-877661392-85660980-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Time deleted successfully.
C:\ProgramData\OccijzerKajd.dll moved successfully.
C:\Users\janiska\AppData\Roaming\04D0F\lvvm.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2689210381-877661392-85660980-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\janiska\AppData\Roaming\04D0F\lvvm.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2689210381-877661392-85660980-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\janiska\AppData\Local\f27c34b0\X deleted successfully.
C:\Users\janiska\AppData\Local\f27c34b0\X moved successfully.
File C:\ProgramData\OccijzerKajd.dll not found.
C:\Windows\SysNative\dds_log_trash.cmd moved successfully.
C:\Windows\SysNative\consrv.dll moved successfully.
C:\Windows\SysWOW64\cis-2.4.dll moved successfully.
C:\Users\janiska\AppData\Roaming\04D0F folder moved successfully.
Folder move failed. C:\Users\janiska\AppData\Roaming\28B04 scheduled to be moved on reboot.
C:\Users\janiska\AppData\Roaming\firefox.exe moved successfully.
File C:\Users\janiska\AppData\Roaming\04D0F\lvvm.exe not found.
C:\Users\janiska\AppData\Roaming\28B04\25B6E.exe moved successfully.
C:\Users\janiska\AppData\Roaming\28B04\6BD02.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\201D.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\35CE.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\3CB1.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\5CAF.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\6392.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\68DF.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\6BAD.exe moved successfully.
File C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\B69.exe not found.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\C0BF.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\C725.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\C88B.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\CC33.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\CC43.exe moved successfully.
C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\D22C.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Time not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\B69.exe not found.

OTL by OldTimer - Version 3.2.36.3 log created on 03132012_221742

[JuraFilth]

obavam se ze nejde udelat ten druhy test. ukaze to chybu ze nemuze vytvorit desktop a pak se to sekne

[JuraFilth]

normalně stáhnout combofix a spustit ? v normalnim rezimu ??

[JuraFilth]

no combofix nereaguje a kdyztak ti neco napisu do zpravy prijde mi to trapne

a co jeste zkusit nejakeho jineho radce aby na to koukl ? treba tam neco uvidi a dostane napad

[JuraFilth]

RogueKiller V7.3.1 [03/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v: Normální režim
Uživatel: janiska [Práva správce]
Mode: Kontrola -- Date: 03/14/2012 18:34:17

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 15 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : QIP Internet Guardian (C:\Users\janiska\AppData\Roaming\QipGuard\QipGuard.exe) -> FOUND
[BLACKLIST DLL] HKCU\[...]\Run : Windows Time (rundll32.exe "C:\ProgramData\OccijzerKajd.dll",EntryPoint) -> FOUND
[SUSP PATH] HKCU\[...]\Run : B69.exe (C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\B69.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2689210381-877661392-85660980-1000[...]\Run : QIP Internet Guardian (C:\Users\janiska\AppData\Roaming\QipGuard\QipGuard.exe) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-21-2689210381-877661392-85660980-1000[...]\Run : Windows Time (rundll32.exe "C:\ProgramData\OccijzerKajd.dll",EntryPoint) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2689210381-877661392-85660980-1000[...]\Run : B69.exe (C:\Users\janiska\AppData\Roaming\Microsoft\6EC2\B69.exe) -> FOUND
[SUSP PATH] HKCU\[...]\Windows : Load (C:\Users\janiska\AppData\Roaming\04D0F\lvvm.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2689210381-877661392-85660980-1000[...]\Windows : Load (C:\Users\janiska\AppData\Roaming\04D0F\lvvm.exe) -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:61556) -> FOUND
[PROXY FF] 0awq4xvr.default\ 127.0.0.1:61556 -> FOUND
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{E7D758D2-D006-4EE0-A622-B33A923B5CEB} : NameServer (62.129.50.20,85.135.32.100) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{E7D758D2-D006-4EE0-A622-B33A923B5CEB} : NameServer (62.129.50.20,85.135.32.100) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ZeroAccess ¤¤¤
[ZeroAccess] sys32\consrv.dll present!

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.
184.95.41.155 www.google-analytics.com.
184.95.41.155 ad-emea.doubleclick.net.
184.95.41.155 www.statcounter.com.


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS725050A9A364 +++++
--- User ---
[MBR] 0c1dd578d85fb9550daca0765f14ecce
[BSP] 760fbfe1c109a5ab2b227bca125b9867 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 463091 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 948819968 | Size: 13648 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB DISK 2.0 USB Device +++++
--- User ---
[MBR] 00c2f53eb1ac09be4ecb926b75ea4e6d
[BSP] 4d3b9263eddcbaad4a20cea867c63403 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 63 | Size: 3825 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt





po dokonceni testu to vyhodilo nejakou stranku jen na tom tnbuku neni internet tak nevim co to je tak jsem to radsi taky zkopiroval ( zde je )

http://tigzyrk.blogspot.com/2011/09/roo ... s-max.html

[JuraFilth]

proxy u majitele(majitelky) ověř jesztli musí být v pc nastavena, jak se to zjisti ??

jdu vypalit ten otl

[JuraFilth]

tak mam to vypalene jak mam postupovat ?

[JuraFilth]

no v biosu sem nastavil at to bere jako prvni cd mechaniku a nic se nedeje. Zadny reatogo. Normalne to najede do win jako by tam to cd nebylo

[JuraFilth]

hodil jsem do PC CD, spustil jsem to co jsem stahl bylo potvrdil jsem burning CD a vic jsem nedelal proste se to vypalilo

[vyosek]

Zdravim a pekny den preji

Kolega me poprosil o nahled a tzv., jak jste i chtel, nahled jineho radce...

Tahle havet, ZeroAccess, je opravdu problem. Reknu to uprimne a i kolegove na zahranicnich forech se shoduji - tahle mrcha je zrala na format - nabori tolik veci v systemu, ze davat je do kupy je fakt "zazitek" s nejistym koncem...

Co jsem prosel postupy a logy\skripty, chybu jsem nenasel...Kolega se snazil ale uz i ja zazil se ZA format pac to uzivateli odeslo do kytek...

[JuraFilth]

Tak tedy dobře Přistoupím na formátování

Jen kdyz uz jsme u toho tak zaroven kdyztak jestli by jste prosim mohli prohlednout muj log děkuji


Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2012-03-14 19:06:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 75 GB (50%) free of 150 GB
Total RAM: 2047 MB (61% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2000478354-854245398-839522115-1004Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2000478354-854245398-839522115-1004UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F2EC0F3A-4239-49BF-8268-E3D4710F87E6}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\lpq78l5i.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT30914 ... hSource=55"
prefs.js - "extensions.enabledItems" - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, jqs@sun.com:1.0, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
prefs.js - "keyword.URL" - "http://search.conduit.com/Results.aspx? ... ource=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
downloadhelper-4.7.4-fx+sm.xpi
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
downloadhelper-4.7.4-fx+sm.xpi
libdivx.dll
npBitCometAgent.dll
npdeployJava1.dll
npdivx32.dll
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ssldivx.dll

C:\Program Files\Mozilla Firefox\searchplugins\
downloadhelper-4.7.4-fx+sm.xpi
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\lpq78l5i.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\lpq78l5i.default\searchplugins\
conduit.xml
search-the-web.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-05 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-05 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2012-01-27 441016]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Disabled:Quiet Internet Pager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\Jirka\Plocha\World of Warcraft WOTLK\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="C:\Documents and Settings\Jirka\Plocha\World of Warcraft WOTLK\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.440\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.440\Agent.exe:*:Enabled:Blizzard Agent"
"C:\Documents and Settings\Jirka\Plocha\Diablo III Beta\Diablo III.exe"="C:\Documents and Settings\Jirka\Plocha\Diablo III Beta\Diablo III.exe:*:Enabled:Diablo III Retail"
"C:\Program Files\Electronic Arts\SHIFT 2 UNLEASHED\shift2u.exe"="C:\Program Files\Electronic Arts\SHIFT 2 UNLEASHED\shift2u.exe:*:Enabled:SHIFT 2 UNLEASHED™"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.LEAD"=LCODCCMP.DLL
"MSACM.msgsm6101"=MSGSM32.ACM
"msacm.siren"=sirenacm.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll

======List of files/folders created in the last 1 month======

2012-03-14 16:02:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-14 16:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-14 16:00:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2012-03-14 14:35:58 ----A---- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2012-03-14 14:35:58 ----A---- C:\Documents and Settings\Jirka\Data aplikací\PnkBstrK.sys
2012-03-14 14:35:36 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2012-03-14 14:35:32 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2012-03-14 14:32:05 ----D---- C:\Program Files\EA Games
2012-03-08 13:11:34 ----D---- C:\Program Files\Sony
2012-03-08 13:11:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2012-03-01 11:51:03 ----D---- C:\Documents and Settings\Jirka\Data aplikací\langmaster.com
2012-03-01 11:50:53 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-03-01 11:50:44 ----D---- C:\Program Files\Common Files\LANGMaster
2012-03-01 11:50:35 ----D---- C:\WINDOWS\speech
2012-03-01 11:50:10 ----A---- C:\WINDOWS\system32\VVRtkReg.dll
2012-03-01 11:50:10 ----A---- C:\WINDOWS\system32\vvrtkclients.dll
2012-03-01 11:50:10 ----A---- C:\WINDOWS\system32\viavoiceps.dll
2012-03-01 11:50:10 ----A---- C:\WINDOWS\system32\setresuk.dll
2012-03-01 11:50:10 ----A---- C:\WINDOWS\system32\roboex32.dll
2012-03-01 11:50:09 ----D---- C:\Program Files\ViaVoice
2012-02-29 18:10:45 ----RH---- C:\WINDOWS\system32\ttri.dat
2012-02-29 18:04:58 ----D---- C:\Documents and Settings\Jirka\Data aplikací\LANGMaster
2012-02-29 18:04:55 ----D---- C:\Program Files\LANGMaster
2012-02-29 18:04:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\LANGMaster
2012-02-23 17:08:41 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2012-02-23 17:08:39 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2012-02-23 14:59:32 ----D---- C:\Program Files\Lavalys
2012-02-21 20:03:36 ----HDC---- C:\WINDOWS\ie8
2012-02-15 20:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-02-15 20:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2647516$
2012-02-15 20:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-02-15 04:25:36 ----N---- C:\WINDOWS\system32\iacenc.dll

======List of files/folders modified in the last 1 month======

2012-03-14 19:04:13 ----D---- C:\WINDOWS\Prefetch
2012-03-14 18:02:48 ----D---- C:\WINDOWS\Temp
2012-03-14 17:33:18 ----D---- C:\WINDOWS\system32\CatRoot2
2012-03-14 16:16:33 ----HD---- C:\WINDOWS
2012-03-14 16:15:53 ----D---- C:\WINDOWS\system32
2012-03-14 16:02:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-03-14 16:02:12 ----HD---- C:\WINDOWS\inf
2012-03-14 16:02:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-14 16:02:08 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-14 16:00:20 ----A---- C:\WINDOWS\system32\MRT.exe
2012-03-14 16:00:15 ----A---- C:\WINDOWS\imsins.BAK
2012-03-14 16:00:14 ----D---- C:\WINDOWS\system32\drivers
2012-03-14 14:35:31 ----D---- C:\WINDOWS\system32\LogFiles
2012-03-14 14:32:05 ----RD---- C:\Program Files
2012-03-12 22:47:47 ----D---- C:\Documents and Settings\Jirka\Data aplikací\Mumble
2012-03-08 23:10:51 ----D---- C:\Documents and Settings\Jirka\Data aplikací\Skype
2012-03-08 22:11:44 ----SHD---- C:\WINDOWS\Installer
2012-03-08 22:11:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-03-08 13:11:34 ----HD---- C:\Program Files\InstallShield Installation Information
2012-03-01 12:02:38 ----A---- C:\WINDOWS\NeroDigital.ini
2012-03-01 11:50:44 ----D---- C:\Program Files\Common Files
2012-02-29 04:20:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-02-27 10:36:53 ----SD---- C:\WINDOWS\Tasks
2012-02-26 18:50:23 ----D---- C:\WINDOWS\A5W_DATA
2012-02-26 18:50:23 ----A---- C:\WINDOWS\A5W.INI
2012-02-25 01:42:07 ----D---- C:\Program Files\Mozilla Firefox
2012-02-22 11:03:18 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-22 11:03:10 ----D---- C:\WINDOWS\ie8updates
2012-02-21 20:58:22 ----D---- C:\WINDOWS\system32\cs-cz
2012-02-21 20:58:22 ----D---- C:\WINDOWS\Help
2012-02-21 20:58:22 ----D---- C:\Program Files\Internet Explorer
2012-02-21 20:03:59 ----D---- C:\WINDOWS\WBEM
2012-02-21 20:03:54 ----D---- C:\WINDOWS\Media
2012-02-17 19:05:39 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-17 19:05:31 ----RSD---- C:\WINDOWS\assembly
2012-02-16 13:55:13 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-15 20:07:26 ----D---- C:\Config.Msi
2012-02-15 20:07:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2012-02-15 20:06:53 ----D---- C:\WINDOWS\WinSxS
2012-02-15 20:02:23 ----D---- C:\WINDOWS\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-08-21 105344]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-12-05 436792]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-02 4394496]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-11-14 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-03-14 75136]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe [2011-07-24 79360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[JuraFilth]

Dobry ja dekuju za velkou trpelivost semnou a pevne nervy
I v tomto pripade ze se leceni nezdarilo jste proste sikovni

Nashledanou Jura