nespravne pracujuci internet

Zpráva

#16 Příspěvek od **Márty84** » 19 říj 2013 08:14

OK, ale odpoledne u pc asi nebudu, takze na to kouknu zrejme az vecer

motoracek · #17 Příspěvek od **motoracek** » 19 říj 2013 15:16

Zdravím,
tak to vypadá dobře. Pdruhé už to nenašlo nic. ta okna dala pokoj také. Tak snad jsme havěť vymetli z chléva. Předpokládám, že ten malware odinstalovat, neb jsem se dočetl, že bude jen 13 dnů fungovat zkušení verze. Díky za spolupráci a pochopení.

#18 Příspěvek od **Márty84** » 19 říj 2013 22:23

MBAM odinstalujte, ale jeste nekoncime, je treba to docistit. Nebo jako nutit vas nebudu, ale bylo by to lepsi

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

motoracek · #19 Příspěvek od **motoracek** » 20 říj 2013 08:22

Tak provedeno, tady to je. Zase to cosi nalezlo.

RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Olda [Práva správce]
Mód : Kontrola -- Datum : 10/20/2013 09:20:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{8E0F044C-B76A-42E4-9E04-2843A5972F54} : NameServer (213.192.60.6,213.192.60.5) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{8E0F044C-B76A-42E4-9E04-2843A5972F54} : NameServer (213.192.60.6,213.192.60.5) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{8E0F044C-B76A-42E4-9E04-2843A5972F54} : NameServer (213.192.60.6,213.192.60.5) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : H:\WINDOWS\TEMP\{86776D28-1027-4F97-967B-560593D362DC}.exe - --uninstall=1 [x] -> NALEZENO

¤¤¤ spuštění položky : 2 ¤¤¤
[LocalService][SUSP UNIC] ccsetup226.exe : H:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\ccsetup226.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] ccsetup226.exe : H:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\ccsetup226.exe [x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD3200AAJS-00L7A0 +++++
--- User ---
[MBR] ab3ba9243a571fa399de4c6feaf48a29
[BSP] 3e47279d6b22951ea8a852a45f1bdb81 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 32773 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 67119570 | Size: 272461 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10202013_092054.txt >>

#20 Příspěvek od **Márty84** » 20 říj 2013 08:28

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

motoracek · #21 Příspěvek od **motoracek** » 20 říj 2013 08:41

prní log

RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Olda [Práva správce]
Mód : Odebrat -- Datum : 10/20/2013 09:40:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[LocalService][SUSP UNIC] ccsetup226.exe : H:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\ccsetup226.exe [x] ->
[NetworkService][SUSP UNIC] ccsetup226.exe : H:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\ccsetup226.exe [x] ->

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @iexplore.exe (?_Clocptr@_Locimp@locale@std@@0PAV123@A) : MSVCP90.dll -> HOOKED (Unknown @ 0x7B5135B6)
[Inline] EAT @iexplore.exe (pfnUnmarshallRoutines) : RPCRT4.dll -> HOOKED (Unknown @ 0x78F4C2B2)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD3200AAJS-00L7A0 +++++
--- User ---
[MBR] ab3ba9243a571fa399de4c6feaf48a29
[BSP] 3e47279d6b22951ea8a852a45f1bdb81 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 32773 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 67119570 | Size: 272461 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10202013_094019.txt >>
RKreport[0]_D_10202013_093854.txt;RKreport[0]_S_10202013_092054.txt;RKreport[0]_S_10202013_093948.txt

motoracek · #22 Příspěvek od **motoracek** » 20 říj 2013 08:42

A druhý log

RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Olda [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/20/2013 09:41:26
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_10202013_094126.txt >>
RKreport[0]_D_10202013_093854.txt;RKreport[0]_D_10202013_094019.txt;RKreport[0]_S_10202013_092054.txt
RKreport[0]_S_10202013_093948.txt

#23 Příspěvek od **Márty84** » 20 říj 2013 08:47

Dejte mi sem novy log z RSIT

a k tomu

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

motoracek · #24 Příspěvek od **motoracek** » 20 říj 2013 09:01

Ještě nějaké dvě věci v registrech...

RogueKiller V8.7.4 [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Olda [Práva správce]
Mód : Kontrola -- Datum : 10/20/2013 10:00:40
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{8E0F044C-B76A-42E4-9E04-2843A5972F54} : NameServer (213.192.60.6,213.192.60.5) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{8E0F044C-B76A-42E4-9E04-2843A5972F54} : NameServer (213.192.60.6,213.192.60.5) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{8E0F044C-B76A-42E4-9E04-2843A5972F54} : NameServer (213.192.60.6,213.192.60.5) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[LocalService][SUSP UNIC] ccsetup226.exe : H:\Documents and Settings\LocalService\Nabídka Start\Programy\Po spuštění\ccsetup226.exe [x] -> NALEZENO
[NetworkService][SUSP UNIC] ccsetup226.exe : H:\Documents and Settings\NetworkService\Nabídka Start\Programy\Po spuštění\ccsetup226.exe [x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @iexplore.exe (?_Clocptr@_Locimp@locale@std@@0PAV123@A) : MSVCP90.dll -> HOOKED (Unknown @ 0x7B5135B6)
[Inline] EAT @iexplore.exe (pfnUnmarshallRoutines) : RPCRT4.dll -> HOOKED (Unknown @ 0x7999C2B2)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - WDC WD3200AAJS-00L7A0 +++++
--- User ---
[MBR] ab3ba9243a571fa399de4c6feaf48a29
[BSP] 3e47279d6b22951ea8a852a45f1bdb81 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 32773 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 67119570 | Size: 272461 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10202013_100040.txt >>
RKreport[0]_D_10202013_093854.txt;RKreport[0]_D_10202013_094019.txt;RKreport[0]_H_10202013_094126.txt
RKreport[0]_S_10202013_092054.txt;RKreport[0]_S_10202013_093948.txt;RKreport[0]_S_10202013_095912.txt

#25 Příspěvek od **Márty84** » 20 říj 2013 09:18

To kdyztak opravim pres OTL a navic ne vsechno co najde se odstranuje

Je to jen info, nemusi to byt skodlive

motoracek · #26 Příspěvek od **motoracek** » 20 říj 2013 09:54

Tak tady je jeden report

OTL Extras logfile created on: 20.10.2013 10:27:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = I:\install
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,52% Memory free
3,85 Gb Paging File | 2,93 Gb Available in Paging File | 76,13% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive G: | 633,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 32,01 Gb Total Space | 16,49 Gb Free Space | 51,53% Space Free | Partition Type: NTFS
Drive I: | 266,08 Gb Total Space | 165,89 Gb Free Space | 62,35% Space Free | Partition Type: NTFS

Computer Name: MOTORACEK | User Name: Olda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [ACDBrowse] -- H:\Program Files\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [AddToPlaylistVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "H:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "H:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "H:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"H:\Program Files\AVG\AVG8\avgam.exe" = H:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe
"H:\Program Files\AVG\AVG8\avgdiag.exe" = H:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe
"H:\Program Files\AVG\AVG8\avgdiagex.exe" = H:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe
"H:\Program Files\AVG\AVG8\avgemc.exe" = H:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
"H:\Program Files\AVG\AVG8\avgupd.exe" = H:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"H:\Program Files\AVG\AVG8\avgnsx.exe" = H:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"H:\Program Files\Common Files\soft602\langserv.exe" = H:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker -- ()
"H:\Program Files\Winamp\winamp.exe" = H:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"H:\Program Files\AVG\AVG2012\avgmfapx.exe" = H:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"H:\Program Files\AVG\AVG2012\avgnsx.exe" = H:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"H:\Program Files\AVG\AVG2012\avgdiagex.exe" = H:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012 -- (AVG Technologies CZ, s.r.o.)
"H:\Program Files\AVG\AVG2012\avgemcx.exe" = H:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)
"I:\Winrar_SoftangoDownloader.exe" = I:\Winrar_SoftangoDownloader.exe:*:Enabled:Winrar_SoftangoDownloader.exe (in) -- ()
"H:\WINDOWS\Temp\avgcu_mDNSResponder.exe" = H:\WINDOWS\Temp\avgcu_mDNSResponder.exe:*:Disabled:Bonjour
"H:\Documents and Settings\Olda\Local Settings\Temp\Softango Downloader213706.exe" = H:\Documents and Settings\Olda\Local Settings\Temp\Softango Downloader213706.exe:*:Disabled:Softango Downloader213706.exe (in)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805" = CanoScan 8800F
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{199624B4-6BC0-48C2-AB7E-9AB90B249CD7}" = pdfforge Toolbar v7.6
"{1B602410-D983-4947-98FE-EE749073D15E}" = GamingHarbor Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C679F14-CF4A-46E1-BDE9-2571E61C5FEB}" = Software602 Form Filler
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{B1A8A5D7-0613-4373-BB0C-2AA428C935BD}" = NWZ-B160 WALKMAN Guide
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE0F178A-9F6D-4186-9EBB-49C4D3BBBEA6}" = AVG 2012
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8CD8BBE-81F6-49CB-84D2-A1E616875792}" = AVG 2012
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"ACDSee 32" = ACDSee 32
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2012
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"icaroot" = Kořenové certifikáty I.CA
"ie8" = Windows Internet Explorer 8
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.7.0
"Registrace uživatele zařízení Canon iP4600 series" = Registrace uživatele zařízení Canon iP4600 series
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0297
"VLC media player" = VLC media player 1.0.1
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.10.2013 11:20:15 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.10.2013 12:04:01 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.10.2013 9:53:01 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.10.2013 8:57:20 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.10.2013 15:20:34 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.10.2013 12:02:48 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.10.2013 15:40:38 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.10.2013 2:54:51 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.10.2013 4:24:07 | Computer Name = MOTORACEK | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.6.2.3188, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x00019af2.

Error - 20.10.2013 3:33:16 | Computer Name = MOTORACEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 11.0.5721.5145, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 5.7.2013 2:52:59 | Computer Name = MOTORACEK | Source = acvpndownloader | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: ..\Common\Xml\MSSaxErrorHandlerImpl.cpp
Line:
41 Invoked Function: ISAXXMLReader::parse Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Ov

Error - 5.7.2013 2:52:59 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
41 Invoked Function: ISAXXMLReader::parse Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Ověření se nezdařilo.

Error - 5.7.2013 2:52:59 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertificate::verifyChainPolicy File: .\Certificates\CapiCertificate.cpp
Line:
2033 Invoked Function: CertVerifyCertificateChainPolicy Return Code: -2146762487
(0x800B0109) Description: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém
certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.

Error - 5.7.2013 2:52:59 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67108866
Description = Function: CCapiCertificate::verifyChainPolicy File: .\Certificates\CapiCertificate.cpp
Line:
2033 Invoked Function: CertVerifyCertificateChainPolicy Return Code: -2146762487
(0x800B0109) Description: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém
certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.

Error - 5.7.2013 2:52:59 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67108866
Description = Function: CCvcConfig::setConfig File: .\vpnconfig.cpp Line: 1275 Invoked
Function: CCvcConfig::writeConfigParamToFile Return Code: -33030098 (0xFE08002E)
Description:
CVCCONFIG_ERROR_FAILED_TO_DELETE_CONFIG_PARAM_FILE

Error - 5.7.2013 2:53:02 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67110872
Description = Failed Route change: Action: AddRoute Destination: 192.168.219.255

Netmask: 255.255.255.255 Gateway: 10.0.0.1 Interface: 10.4.217.56 Metric: 1

Error - 5.7.2013 2:53:02 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67108866
Description = Function: CChangeRouteHelper::SetRouteTable File: .\ChangeRouteHelper.cpp
Line:
223 Invoked Function: AddRouteChange Return Code: -33095667 (0xFE07000D) Description:
ROUTETABLE_ERROR_CREATEIPFORWARDENTRY_FAILED

Error - 5.7.2013 2:53:03 | Computer Name = MOTORACEK | Source = acvpnui | ID = 67108866
Description = Function: MSSaxErrorHandlerImpl::fatalError File: .\Xml\MSSaxErrorHandlerImpl.cpp
Line:
41 Invoked Function: ISAXXMLReader::parse Return Code: -1072897499 (0xC00CE225) Description:
WINDOWS_ERROR_CODE XML Parser fatal error: Ověření se nezdařilo.

Error - 5.7.2013 2:55:38 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67108866
Description = Function: RestoreProxySettingsToBrowser File: .\Proxy\BrowserProxy.cpp
Line:
1026 Invoked Function: DeleteFile Return Code: 2 (0x00000002) Description: Systém
nemůže nalézt uvedený soubor.

Error - 5.7.2013 3:01:41 | Computer Name = MOTORACEK | Source = acvpnagent | ID = 67110873
Description = Termination reason code 7: The agent has been stopped.

[ System Events ]
Error - 18.10.2013 11:57:11 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater17.0.12 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 18.10.2013 16:00:42 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater17.0.12 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.10.2013 2:20:12 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater17.0.12 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.10.2013 2:30:31 | Computer Name = MOTORACEK | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.

Error - 19.10.2013 2:30:40 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater17.0.12 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.10.2013 2:30:43 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Fdc ini910u PCIIde ViaIde

Error - 19.10.2013 8:29:36 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater17.0.12 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.10.2013 9:48:29 | Computer Name = MOTORACEK | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.

Error - 19.10.2013 9:48:38 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater17.0.12 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.10.2013 9:48:39 | Computer Name = MOTORACEK | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Fdc ini910u PCIIde ViaIde

< End of report >

motoracek · #27 Příspěvek od **motoracek** » 20 říj 2013 09:55

První část OTL

OTL by OldTimer - Version 3.2.69.0 Folder = I:\install
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,19% Memory free
3,85 Gb Paging File | 2,91 Gb Available in Paging File | 75,59% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive G: | 633,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 32,01 Gb Total Space | 16,44 Gb Free Space | 51,38% Space Free | Partition Type: NTFS
Drive I: | 266,08 Gb Total Space | 165,89 Gb Free Space | 62,35% Space Free | Partition Type: NTFS

Computer Name: MOTORACEK | User Name: Olda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.10.20 10:44:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- I:\install\OTL.exe
PRC - [2013.02.27 17:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012.11.19 18:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012.11.08 04:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012.11.02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012.03.19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.02.14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.10.25 18:54:46 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- H:\Program Files\Winamp\winampa.exe
PRC - [2011.04.12 10:58:04 | 000,222,776 | ---- | M] (Software602) -- H:\Program Files\Software602\Print2PDF\Print2PDF.exe
PRC - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) -- H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2008.04.14 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- H:\Program Files\Outlook Express\msimn.exe
PRC - [2008.03.18 03:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- H:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- H:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2006.11.16 23:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\soundman.exe

========== Modules (No Company Name) ==========

MOD - [2010.12.02 02:13:18 | 000,214,528 | ---- | M] () -- H:\WINDOWS\system32\spool\drivers\w32x86\3\Software602.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- H:\WINDOWS\system32\pdfcmnnt.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.10.09 06:51:50 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) [Auto | Running] -- H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2008.01.22 19:35:52 | 000,103,808 | ---- | M] () [On_Demand | Stopped] -- H:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vpnva.sys -- (vpnva)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a1fpqrb5)
DRV - [2013.10.02 05:48:19 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013.04.11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.12.10 04:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.11.08 04:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- H:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- H:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.10.18 03:43:42 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2009.06.10 21:26:59 | 000,611,064 | ---- | M] () [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.14 00:04:18 | 000,104,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2008.04.14 00:04:18 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2007.03.08 08:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2006.10.18 11:39:58 | 000,017,920 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt)
DRV - [2006.10.17 14:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.02.21 21:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002.09.16 18:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}: "URL" = http://search.tb.ask.com/search/GGmain. ... earchTerms}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{6D22F43A-8649-400E-BB11-F9BB26AA96CE}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{74B8363E-36AE-4795-B877-8B7F2C57D4E4}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}: "URL" = http://search.tb.ask.com/search/GGmain. ... earchTerms}
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebsearch.com/mywebsear ... earchTerms}
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: H:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: H:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: H:\Program Files\VideoDownloadConverter_4z\bar\2.bin\NP4zStub.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: H:\Program Files\AVG\AVG2012\Firefox4\ [2013.05.15 08:15:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: H:\Program Files\VideoDownloadConverter_4z\bar\2.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\zulagames@ZulaGames.com: H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\zulagames@ZulaGames.com [2013.10.12 10:26:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013.10.12 10:26:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\zulagames@ZulaGames.com: H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\zulagames@ZulaGames.com [2013.10.12 10:26:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013.10.12 10:26:24 | 000,000,000 | ---D | M]

[2013.10.12 10:26:24 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions
[2011.08.29 07:12:57 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\songbird@songbirdnest.com
[2013.10.12 10:26:24 | 000,000,000 | ---D | M] (Speed Analysis 3) -- H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
[2013.10.12 10:26:24 | 000,000,000 | ---D | M] (Zula Games) -- H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\zulagames@ZulaGames.com

O1 HOSTS File: ([2013.10.20 09:41:26 | 000,000,741 | R--- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {2A836234-186C-41A0-9863-40BECDEDED9F} - No CLSID value found.
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\Toolbar\WebBrowser: (no name) - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] H:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] H:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [NeroCheck] H:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OpwareSE4] H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Print2PDF Print Monitor] H:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKLM..\Run: [SoundMan] H:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-57989841-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..Trusted Domains: csob.cz ([ib24] https in Důvěryhodné servery)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E0F044C-B76A-42E4-9E04-2843A5972F54}: NameServer = 213.192.60.6,213.192.60.5
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - H:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: H:\Documents and Settings\Olda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: H:\Documents and Settings\Olda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001.01.01 14:00:00 | 000,000,050 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2011.09.18 18:27:00 | 000,668,672 | ---- | M] () - I:\AUTODOPRAVA.ppt -- [ NTFS ]
O33 - MountPoints2\{0cb9ff51-ce4b-11e0-b412-0019db21bd70}\Shell - "" = AutoRun
O33 - MountPoints2\{0cb9ff51-ce4b-11e0-b412-0019db21bd70}\Shell\AutoRun\command - "" = M:\Setup.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (H:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - H:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - H:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - H:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - H:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - H:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - H:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - H:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - H:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - H:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - H:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to H:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.10.18 22:09:17 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Olda\Data aplikací\Malwarebytes
[2013.10.18 22:08:50 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.10.18 16:52:40 | 000,000,000 | ---D | C] -- H:\Program Files\trend micro
[2013.10.18 16:52:39 | 000,000,000 | ---D | C] -- H:\rsit
[2013.10.18 13:48:08 | 000,000,000 | RH-D | C] -- H:\Documents and Settings\Olda\Recent
[2013.10.18 13:14:21 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2013.10.17 19:27:03 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Olda\Data aplikací\LavasoftStatistics
[2013.10.17 19:09:27 | 000,000,000 | ---D | C] -- H:\Program Files\Lavasoft
[2013.10.17 19:07:17 | 000,000,000 | ---D | C] -- H:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2013.10.17 11:45:44 | 000,000,000 | ---D | C] -- H:\WINDOWS\System32\XPSViewer
[2013.10.17 11:45:40 | 000,000,000 | ---D | C] -- H:\Program Files\MSBuild
[2013.10.17 11:45:32 | 000,000,000 | ---D | C] -- H:\Program Files\Reference Assemblies
[2013.10.17 11:45:10 | 001,676,288 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\xpssvcs.dll
[2013.10.17 11:45:10 | 001,676,288 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013.10.17 11:45:10 | 000,597,504 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013.10.17 11:45:10 | 000,575,488 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013.10.17 11:45:10 | 000,117,760 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\prntvpt.dll
[2013.10.17 11:45:10 | 000,089,088 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2013.10.11 17:25:04 | 000,000,000 | ---D | C] -- H:\Documents and Settings\Olda\Dokumenty\Add-in Express
[2013.10.09 06:07:20 | 000,025,088 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\hidparse.sys
[2013.10.09 06:06:03 | 000,144,128 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\usbport.sys
[2013.10.09 06:06:03 | 000,030,336 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\usbehci.sys
[2013.10.09 06:06:03 | 000,005,376 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\usbd.sys
[1 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

motoracek · #28 Příspěvek od **motoracek** » 20 říj 2013 09:56

A druhá část OTL

[2013.10.20 10:47:37 | 000,000,512 | ---- | M] () -- H:\PhysicalMBR.bin
[2013.10.20 10:44:00 | 000,000,464 | -H-- | M] () -- H:\WINDOWS\tasks\User_Feed_Synchronization-{98B36C82-A07F-40E0-9108-97BD5F89E9A7}.job
[2013.10.20 09:51:55 | 000,002,477 | ---- | M] () -- H:\Documents and Settings\Olda\Plocha\Microsoft Office Excel 2007.lnk
[2013.10.20 09:51:15 | 000,000,914 | ---- | M] () -- H:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.10.20 09:41:26 | 000,000,741 | R--- | M] () -- H:\WINDOWS\System32\drivers\etc\hosts
[2013.10.20 09:13:21 | 140,554,410 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013.10.20 09:09:40 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2013.10.20 09:09:39 | 2145,964,032 | -HS- | M] () -- H:\hiberfil.sys
[2013.10.19 19:45:27 | 000,217,335 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013.10.18 18:37:17 | 000,564,422 | ---- | M] () -- H:\WINDOWS\System32\perfh009.dat
[2013.10.18 18:37:17 | 000,559,886 | ---- | M] () -- H:\WINDOWS\System32\perfh005.dat
[2013.10.18 18:37:17 | 000,114,544 | ---- | M] () -- H:\WINDOWS\System32\perfc005.dat
[2013.10.18 18:37:17 | 000,097,728 | ---- | M] () -- H:\WINDOWS\System32\perfc009.dat
[2013.10.18 13:50:59 | 000,013,646 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2013.10.18 13:40:33 | 000,000,079 | ---- | M] () -- H:\WINDOWS\wininit.ini
[2013.10.18 13:34:59 | 000,447,729 | R--- | M] () -- H:\WINDOWS\System32\drivers\etc\hosts.20131018-133541.backup
[2013.10.17 14:43:58 | 000,497,240 | ---- | M] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.15 06:20:42 | 003,779,946 | ---- | M] () -- H:\Documents and Settings\Olda\Dokumenty\Fwd_ Labute.eml
[2013.10.14 16:46:10 | 000,002,563 | ---- | M] () -- H:\Documents and Settings\Olda\Plocha\Microsoft Office Word 2007.lnk
[2013.10.14 08:23:20 | 000,140,800 | ---- | M] () -- H:\Documents and Settings\Olda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.11 23:05:02 | 000,000,128 | ---- | M] () -- H:\Documents and Settings\Olda\Plocha\kz.url
[2013.10.09 06:51:49 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerApp.exe
[2013.10.09 06:51:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.10.06 10:54:09 | 000,002,507 | ---- | M] () -- H:\Documents and Settings\Olda\Plocha\CorelDRAW 11.lnk
[2013.10.02 05:48:19 | 000,037,664 | ---- | M] (AVG Technologies) -- H:\WINDOWS\System32\drivers\avgtpx86.sys
[2013.09.23 23:55:10 | 011,113,472 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\ieframe.dll
[2013.09.23 20:25:11 | 001,215,488 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\urlmon.dll
[2013.09.23 20:25:11 | 000,920,064 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\wininet.dll
[2013.09.23 20:25:11 | 000,759,296 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\vgx.dll
[2013.09.23 20:25:11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\mstime.dll
[2013.09.23 20:25:11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\mstime.dll
[2013.09.23 20:25:11 | 000,206,848 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\occache.dll
[2013.09.23 20:25:11 | 000,105,984 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\url.dll
[2013.09.23 20:25:11 | 000,105,984 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\url.dll
[2013.09.23 20:25:10 | 006,017,536 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\mshtml.dll
[2013.09.23 20:25:10 | 000,067,072 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\mshtmled.dll
[2013.09.23 20:25:09 | 001,469,440 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\inetcpl.cpl
[2013.09.23 20:25:09 | 001,469,440 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013.09.23 20:25:09 | 000,630,272 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\msfeeds.dll
[2013.09.23 20:25:09 | 000,630,272 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.09.23 20:25:09 | 000,522,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.09.23 20:25:09 | 000,055,296 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\msfeedsbs.dll
[2013.09.23 20:25:09 | 000,055,296 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.09.23 20:25:09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\licmgr10.dll
[2013.09.23 20:25:09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\licmgr10.dll
[2013.09.23 20:25:09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\jsproxy.dll
[2013.09.23 20:25:09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\jsproxy.dll
[2013.09.23 20:25:08 | 002,006,016 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\iertutil.dll
[2013.09.23 20:25:08 | 000,184,320 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\iepeers.dll
[2013.09.23 20:25:08 | 000,184,320 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\iepeers.dll
[2013.09.23 20:25:06 | 000,743,424 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.09.23 20:25:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\iedkcs32.dll
[2013.09.23 20:25:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013.09.23 20:25:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\corpol.dll
[2013.09.23 20:25:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\corpol.dll
[2013.09.23 20:06:49 | 000,174,592 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\ie4uinit.exe
[2013.09.23 20:06:49 | 000,174,592 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013.09.23 20:06:48 | 000,385,024 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\System32\html.iec
[1 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.10.20 10:37:03 | 000,000,512 | ---- | C] () -- H:\PhysicalMBR.bin
[2013.10.18 13:20:51 | 000,000,079 | ---- | C] () -- H:\WINDOWS\wininit.ini
[2013.10.15 06:20:42 | 003,779,946 | ---- | C] () -- H:\Documents and Settings\Olda\Dokumenty\Fwd_ Labute.eml
[2013.02.20 09:12:04 | 000,802,904 | ---- | C] () -- H:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-448539723-57989841-1177238915-1004-0.dat
[2013.02.20 09:12:04 | 000,226,402 | ---- | C] () -- H:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.02.15 07:07:56 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\iacenc.dll
[2009.06.10 22:08:35 | 000,140,800 | ---- | C] () -- H:\Documents and Settings\Olda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013.10.12 10:28:32 | 000,000,227 | RHS- | M] () -- H:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.03.10 06:43:10 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.10.17 19:00:52 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.11.16 16:54:58 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\avg9
[2009.06.10 19:34:50 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.06.10 20:06:01 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2013.05.24 16:17:28 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2013.07.03 19:21:10 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Cisco
[2011.03.15 09:21:39 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.06.27 15:46:46 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\InstallMate
[2013.06.14 08:27:21 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.10.20 15:06:02 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
[2013.02.20 17:10:13 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Samsung
[2009.09.14 16:09:45 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2010.10.10 09:40:01 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Temp
[2009.08.02 20:28:02 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\{FC0EF073-EDB5-4CBE-B92D-5CE9A223F37B}
[2013.01.31 10:55:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2011.06.03 16:29:28 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602Installer
[2011.06.03 16:29:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602XML
[2011.11.16 16:59:23 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\AVG2012
[2010.03.16 07:34:09 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\AVG9
[2009.09.14 16:14:50 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Canon
[2010.07.03 11:55:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\CD-LabelPrint
[2010.01.02 11:34:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\LANGMaster
[2009.09.14 16:29:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\NewSoft
[2011.08.29 07:12:46 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Philips-Songbird
[2013.02.20 17:10:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Samsung
[2009.09.14 16:09:47 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\ScanSoft
[2011.09.28 10:41:40 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Software602
[2013.03.23 18:01:19 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.06.10 11:04:16 | 000,000,065 | RH-- | C] () -- H:\WINDOWS\Tasks\desktop.ini
[2009.06.10 11:10:07 | 000,000,006 | -H-- | C] () -- H:\WINDOWS\Tasks\SA.DAT
[2010.10.19 14:40:47 | 000,000,464 | -H-- | C] () -- H:\WINDOWS\Tasks\User_Feed_Synchronization-{98B36C82-A07F-40E0-9108-97BD5F89E9A7}.job
[2012.04.06 06:05:59 | 000,000,914 | ---- | C] () -- H:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- H:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- H:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- H:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- H:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- H:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- H:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- H:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- H:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- H:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 01:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- H:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- H:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- H:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- H:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- H:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- H:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- H:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- H:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- H:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- H:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- H:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- H:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- H:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- H:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- H:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- H:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- H:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- H:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- H:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- H:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- H:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- H:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- H:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- H:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- H:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[13 H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 H:\WINDOWS\system32\*.tmp files -> H:\WINDOWS\system32\*.tmp -> ]
[61 H:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp files -> H:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp -> ]
[1 H:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> H:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[2 H:\WINDOWS\Temp\*.tmp files -> H:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2009.12.15 21:44:17 | 003,326,576 | ---- | M] (Piriform Ltd) -- H:\ccsetup226.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.06.03 16:29:28 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602Installer
[2011.06.03 16:29:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602XML
[2012.08.08 21:33:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Adobe
[2009.09.14 16:16:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\ArcSoft
[2011.11.16 16:59:23 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\AVG2012
[2010.03.16 07:34:09 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\AVG9
[2009.09.14 16:14:50 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Canon
[2010.07.03 11:55:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\CD-LabelPrint
[2009.06.10 21:35:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Corel
[2009.08.12 15:28:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\DivX
[2012.10.16 16:49:35 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\dvdcss
[2009.07.18 08:50:04 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Google
[2009.07.11 19:17:42 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Help
[2009.06.10 11:12:09 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Identities
[2011.06.03 16:29:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\InstallShield
[2010.01.02 11:34:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\LANGMaster
[2013.10.17 19:27:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\LavasoftStatistics
[2009.06.11 10:29:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Macromedia
[2013.10.18 22:09:17 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Malwarebytes
[2013.10.09 17:46:12 | 000,000,000 | --SD | M] -- H:\Documents and Settings\Olda\Data aplikací\Microsoft
[2011.08.29 07:12:57 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Mozilla
[2009.09.14 16:29:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\NewSoft
[2011.08.29 07:12:46 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Philips-Songbird
[2013.02.20 17:10:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Samsung
[2009.09.14 16:09:47 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\ScanSoft
[2011.09.28 10:41:40 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Software602
[2013.03.23 18:01:19 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\TuneUp Software
[2013.08.11 15:58:49 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\vlc
[2013.10.18 13:48:10 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Winamp

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 H:\WINDOWS\system32\*.tmp files -> H:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.06.10 21:26:59 | 000,611,064 | ---- | M] () Unable to obtain MD5 -- H:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.01.01 02:15:06 | 000,094,208 | ---- | M] () -- H:\WINDOWS\System32\config\default.sav
[2006.01.01 02:15:06 | 001,069,056 | ---- | M] () -- H:\WINDOWS\System32\config\software.sav
[2006.01.01 02:15:05 | 000,499,712 | ---- | M] () -- H:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 H:\WINDOWS\system32\*.tmp files -> H:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.10.17 14:43:58 | 000,497,240 | ---- | M] () -- H:\WINDOWS\system32\FNTCACHE.DAT
[2013.10.18 18:37:17 | 000,114,544 | ---- | M] () -- H:\WINDOWS\system32\perfc005.dat
[2013.10.18 18:37:17 | 000,097,728 | ---- | M] () -- H:\WINDOWS\system32\perfc009.dat
[2013.10.18 18:37:17 | 000,559,886 | ---- | M] () -- H:\WINDOWS\system32\perfh005.dat
[2013.10.18 18:37:17 | 000,564,422 | ---- | M] () -- H:\WINDOWS\system32\perfh009.dat
[2013.10.18 18:37:17 | 001,311,524 | ---- | M] () -- H:\WINDOWS\system32\PerfStringBackup.INI
[2013.10.18 13:50:59 | 000,013,646 | ---- | M] () -- H:\WINDOWS\system32\wpa.dbl
[1 H:\WINDOWS\system32\*.tmp files -> H:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2009.12.15 21:44:17 | 003,326,576 | ---- | M] (Piriform Ltd) -- H:\ccsetup226.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = H:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.10.20 10:47:37 | 000,000,512 | ---- | M] () MD5=AB3BA9243A571FA399DE4C6FEAF48A29 -- H:\PhysicalMBR.bin

< >

< *crack* /s >
[2009.03.29 19:56:46 | 000,105,528 | ---- | M] () -- \OldPC\D\zz-top1\jedenact\martincova-crackerjack-2-01.jpg
[3 \OldPC\D\zz-top1\jedenact\*.tmp files -> \OldPC\D\zz-top1\jedenact\*.tmp -> ]
[1996.12.18 12:29:16 | 000,007,141 | ---- | M] () -- \OldPC\E\Program Files\SEA\CRACK.EXE

< *keygen* /s >
[2004.04.23 16:22:38 | 000,105,739 | ---- | M] () -- \OldPC\E\srackolap2\SysMechKeygen.zip

< *AntiWPA* /s >

< *loader* /s >
[2013.10.12 10:38:18 | 000,711,040 | ---- | M] () -- \Winrar_SoftangoDownloader.exe
[2002.12.12 00:14:32 | 000,032,768 | ---- | M] () -- \OldPC\C\WIN98\SYSBCKUP\DMLOADER.DLL
[2002.12.12 00:14:32 | 000,032,768 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\dmloader.dll
[2009.06.10 18:31:40 | 000,002,305 | ---- | M] () -- \OldPC\C\WIN98\Temporary Internet Files\Content.IE5\AVCFVGH8\preloader[1].swf
[2009.06.10 18:31:36 | 000,001,317 | ---- | M] () -- \OldPC\C\WIN98\Temporary Internet Files\Content.IE5\I3WFYDON\GeewaRuntimeDefaultLoader[1].swf

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[1999.05.05 22:22:00 | 000,049,152 | ---- | M] () -- \OldPC\C\WIN98\SYSBCKUP\DPSERIAL.DLL
[1999.05.05 22:22:00 | 000,049,152 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\DPSERIAL.DLL
[1999.05.05 22:22:00 | 000,018,625 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\SERIAL.VXD
[1999.05.05 22:22:00 | 000,012,271 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\SERIALUI.DLL

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> H:\Documents and Settings\All Users\Data aplikací\Temp:581B0446

< End of report >

#29 Příspěvek od **Márty84** » 20 říj 2013 10:08

Jeste mi chybi novy log z RSIT

motoracek · #30 Příspěvek od **motoracek** » 20 říj 2013 10:16

Tady to je. Nějak jsem se v těch příspěvcích začal strácet.

))

Logfile of random's system information tool 1.09 (written by random/random)
Run by Olda at 2013-10-20 11:15:21
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 17 GB (51%) free of 33 GB
Total RAM: 2046 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:15:24, on 20.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\PROGRA~1\AVG\AVG2012\avgrsx.exe
H:\Program Files\AVG\AVG2012\avgcsrvx.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
H:\Program Files\AVG\AVG2012\avgwdsvc.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\AVG\AVG2012\avgnsx.exe
H:\Program Files\AVG\AVG2012\avgemcx.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\Canon\MyPrinter\BJMyPrt.exe
H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
H:\Program Files\Software602\Print2PDF\Print2PDF.exe
H:\Program Files\Winamp\winampa.exe
H:\Program Files\AVG\AVG2012\avgtray.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Outlook Express\msimn.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\AVG\AVG2012\avgcsrvx.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
I:\install\RSIT.exe
H:\Program Files\trend micro\Olda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {2A836234-186C-41A0-9863-40BECDEDED9F} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CanonMyPrinter] H:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [NeroCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "H:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "H:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [OTL] "I:\install\OTL.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E0F044C-B76A-42E4-9E04-2843A5972F54}: NameServer = 213.192.60.6,213.192.60.5
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - H:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

--
End of file - 5972 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Adobe Flash Player Updater.job
H:\WINDOWS\tasks\User_Feed_Synchronization-{98B36C82-A07F-40E0-9108-97BD5F89E9A7}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A836234-186C-41A0-9863-40BECDEDED9F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{48586425-6bb7-4f51-8dc6-38c88e3ebb58}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=H:\WINDOWS\SOUNDMAN.EXE [2006-11-16 577536]
"CanonMyPrinter"=H:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 1848648]
"NeroCheck"=H:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CanonSolutionMenu"=H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"SSBkgdUpdate"=H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"Print2PDF Print Monitor"=H:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"WinampAgent"=H:\Program Files\Winamp\winampa.exe [2011-10-25 74752]
"AVG_TRAY"=H:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"Adobe ARM"=H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"OTL"=I:\install\OTL.exe [2013-10-20 602112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
H:\WINDOWS\system32\VTTimer.exe [2009-12-26 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
H:\WINDOWS\system32\VTtrayp.exe [2009-12-26 176128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\AVG\AVG8\avgam.exe"="H:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"H:\Program Files\AVG\AVG8\avgdiag.exe"="H:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"H:\Program Files\AVG\AVG8\avgdiagex.exe"="H:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"H:\Program Files\AVG\AVG8\avgemc.exe"="H:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"H:\Program Files\AVG\AVG8\avgupd.exe"="H:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"H:\Program Files\AVG\AVG8\avgnsx.exe"="H:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"H:\Program Files\Common Files\soft602\langserv.exe"="H:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"H:\Program Files\Winamp\winamp.exe"="H:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"H:\Program Files\AVG\AVG2012\avgmfapx.exe"="H:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"H:\Program Files\AVG\AVG2012\avgnsx.exe"="H:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"H:\Program Files\AVG\AVG2012\avgdiagex.exe"="H:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"H:\Program Files\AVG\AVG2012\avgemcx.exe"="H:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"I:\Winrar_SoftangoDownloader.exe"="I:\Winrar_SoftangoDownloader.exe:*:Enabled:Winrar_SoftangoDownloader.exe (in)"
"H:\WINDOWS\Temp\avgcu_mDNSResponder.exe"="H:\WINDOWS\Temp\avgcu_mDNSResponder.exe:*:Disabled:Bonjour"
"H:\Documents and Settings\Olda\Local Settings\Temp\Softango Downloader213706.exe"="H:\Documents and Settings\Olda\Local Settings\Temp\Softango Downloader213706.exe:*:Disabled:Softango Downloader213706.exe (in)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2013-10-18 22:09:17 ----D---- H:\Documents and Settings\Olda\Data aplikací\Malwarebytes
2013-10-18 22:08:50 ----D---- H:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-10-18 18:27:17 ----HDC---- H:\WINDOWS\$NtUninstallKB961118$
2013-10-18 16:52:40 ----D---- H:\Program Files\trend micro
2013-10-18 16:52:39 ----D---- H:\rsit
2013-10-18 13:20:51 ----A---- H:\WINDOWS\wininit.ini
2013-10-18 13:14:21 ----D---- H:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-10-17 19:27:03 ----D---- H:\Documents and Settings\Olda\Data aplikací\LavasoftStatistics
2013-10-17 19:09:27 ----D---- H:\Program Files\Lavasoft
2013-10-17 19:07:17 ----D---- H:\Documents and Settings\All Users\Data aplikací\Lavasoft
2013-10-17 11:45:44 ----D---- H:\WINDOWS\system32\XPSViewer
2013-10-17 11:45:40 ----D---- H:\Program Files\MSBuild
2013-10-17 11:45:32 ----D---- H:\Program Files\Reference Assemblies
2013-10-17 11:45:10 ----N---- H:\WINDOWS\system32\xpssvcs.dll
2013-10-17 11:45:10 ----N---- H:\WINDOWS\system32\xpsshhdr.dll
2013-10-17 11:45:10 ----N---- H:\WINDOWS\system32\prntvpt.dll

======List of files/folders modified in the last 1 month======

2013-10-20 11:15:19 ----D---- H:\WINDOWS\Prefetch
2013-10-20 10:45:45 ----D---- H:\WINDOWS\Temp
2013-10-20 10:26:42 ----D---- H:\WINDOWS\system32
2013-10-20 10:00:39 ----D---- H:\WINDOWS\system32\drivers
2013-10-20 09:38:54 ----SD---- H:\WINDOWS\Tasks
2013-10-20 09:14:50 ----D---- H:\WINDOWS\system32\CatRoot2
2013-10-20 09:14:27 ----D---- H:\Program Files
2013-10-20 09:13:23 ----D---- H:\WINDOWS\system32\drivers\AVG
2013-10-20 09:10:01 ----A---- H:\WINDOWS\SchedLgU.Txt
2013-10-19 19:46:38 ----D---- H:\WINDOWS
2013-10-19 15:47:59 ----D---- H:\WINDOWS\Microsoft.NET
2013-10-19 14:54:46 ----RSD---- H:\WINDOWS\assembly
2013-10-19 08:30:01 ----D---- H:\WINDOWS\pchealth
2013-10-18 22:00:22 ----D---- H:\Config.Msi
2013-10-18 18:37:29 ----SHD---- H:\WINDOWS\Installer
2013-10-18 18:37:17 ----AC---- H:\WINDOWS\system32\PerfStringBackup.INI
2013-10-18 18:37:04 ----D---- H:\WINDOWS\WinSxS
2013-10-18 18:27:24 ----HD---- H:\WINDOWS\inf
2013-10-18 18:27:23 ----D---- H:\WINDOWS\system32\CatRoot
2013-10-18 18:27:20 ----RSHDC---- H:\WINDOWS\system32\dllcache
2013-10-18 17:55:01 ----D---- H:\Program Files\Common Files
2013-10-18 13:48:10 ----D---- H:\Documents and Settings\Olda\Data aplikací\Winamp
2013-10-18 13:48:09 ----D---- H:\WINDOWS\Debug
2013-10-18 13:35:41 ----D---- H:\WINDOWS\system32\drivers\etc
2013-10-18 13:27:46 ----SD---- H:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-10-18 13:14:16 ----D---- H:\WINDOWS\system32\config
2013-10-17 19:08:01 ----D---- H:\WINDOWS\system32\mui
2013-10-17 19:00:52 ----D---- H:\Documents and Settings\All Users\Data aplikací\AVG2012
2013-10-17 11:45:37 ----RSD---- H:\WINDOWS\Fonts
2013-10-17 11:45:22 ----D---- H:\WINDOWS\system32\spool
2013-10-17 11:44:10 ----D---- H:\Program Files\Internet Explorer
2013-10-12 17:27:29 ----D---- H:\WINDOWS\Minidump
2013-10-09 17:46:12 ----SD---- H:\Documents and Settings\Olda\Data aplikací\Microsoft
2013-10-09 14:56:53 ----D---- H:\Program Files\Microsoft Silverlight
2013-10-09 09:47:08 ----D---- H:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-10-09 09:46:06 ----D---- H:\WINDOWS\system32\MRT
2013-10-09 09:44:39 ----A---- H:\WINDOWS\system32\MRT.exe
2013-10-09 09:42:30 ----D---- H:\WINDOWS\ie8updates
2013-10-09 06:51:49 ----AC---- H:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-02 05:48:31 ----D---- H:\WINDOWS\system32\cache
2013-09-23 23:55:10 ----A---- H:\WINDOWS\system32\ieframe.dll
2013-09-23 20:25:11 ----N---- H:\WINDOWS\system32\occache.dll
2013-09-23 20:25:11 ----N---- H:\WINDOWS\system32\mstime.dll
2013-09-23 20:25:11 ----A---- H:\WINDOWS\system32\wininet.dll
2013-09-23 20:25:11 ----A---- H:\WINDOWS\system32\urlmon.dll
2013-09-23 20:25:11 ----A---- H:\WINDOWS\system32\url.dll
2013-09-23 20:25:10 ----A---- H:\WINDOWS\system32\mshtmled.dll
2013-09-23 20:25:10 ----A---- H:\WINDOWS\system32\mshtml.dll
2013-09-23 20:25:09 ----N---- H:\WINDOWS\system32\jsproxy.dll
2013-09-23 20:25:09 ----A---- H:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 20:25:09 ----A---- H:\WINDOWS\system32\msfeeds.dll
2013-09-23 20:25:09 ----A---- H:\WINDOWS\system32\licmgr10.dll
2013-09-23 20:25:08 ----N---- H:\WINDOWS\system32\iepeers.dll
2013-09-23 20:25:08 ----A---- H:\WINDOWS\system32\iertutil.dll
2013-09-23 20:25:06 ----N---- H:\WINDOWS\system32\iedkcs32.dll
2013-09-23 20:25:06 ----A---- H:\WINDOWS\system32\corpol.dll
2013-09-23 20:06:49 ----N---- H:\WINDOWS\system32\ie4uinit.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; H:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; H:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; H:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 PxHelp20;PxHelp20; H:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; H:\WINDOWS\System32\Drivers\sptd.sys [2009-06-10 611064]
R0 videX32;videX32; H:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0 xfilt;VIA SATA IDE Hot-plug Driver; H:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 17920]
R1 AmdK8;Ovladač procesoru AMD; H:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 Avgldx86;AVG AVI Loader Driver; H:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; H:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; H:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 avgtp;avgtp; \??\H:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 PQNTDrv;PQNTDrv; H:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); H:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 AVGIDSDriver;AVGIDSDriver; H:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; H:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; H:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; H:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2011-01-19 15664]
R3 nv;nv; H:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; H:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 a1fpqrb5;a1fpqrb5; H:\WINDOWS\system32\drivers\a1fpqrb5.sys []
S3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
S3 atinrvxx;ATI WDM Rage Theater Video (Microsoft Corporation); H:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2008-04-14 104960]
S3 CCDECODE;Dekodér Closed Caption; H:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); H:\WINDOWS\system32\DRIVERS\ssudbus.sys [2011-10-18 78136]
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; H:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 MVDCODEC;ATI WDM Specialized MVD Codec (Microsoft Corporation); H:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2008-04-14 13824]
S3 NABTSFEC;NABTS/FEC VBI Codec; H:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; H:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; H:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; H:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; H:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 viagfx;viagfx; H:\WINDOWS\system32\DRIVERS\vtmini.sys [2009-12-26 252416]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows; H:\WINDOWS\system32\DRIVERS\vpnva.sys []
S3 WpdUsb;WpdUsb; H:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; H:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AVGIDSAgent;AVGIDSAgent; H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 avgwd;AVG WatchDog; H:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; H:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; H:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

VIRY.CZ

nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet

Re: nespravne pracujuci internet