Nelze spustit některé stránky z IE8

Zpráva

#16 Příspěvek od **Márty84** » 15 říj 2014 19:53

To znamena, ze to program smazal. Co ten druhy?

motoracek · #17 Příspěvek od **motoracek** » 16 říj 2014 16:00

Pardon, jsem blbej, ale jaký druhý? jiný log než ten jeden mi z toho nevylezl. Včera jsem už nějak vytuhl...

#18 Příspěvek od **Márty84** » 16 říj 2014 19:04

Log z druheho programku (Zoek)

motoracek · #19 Příspěvek od **motoracek** » 16 říj 2014 20:52

Tady to je, dále zase budu bádat zítra. nějak dneska bylo na vše málo času a brzo vstávám. Děkuji za podporu a trpělivost.

Zoek.exe v5.0.0.0 Updated 16-10-2014
Tool run by Olda on źt 16.10.2014 at 21:39:05,65.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: H:\Documents and Settings\Olda\Plocha\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

16.10.2014 21:39:50 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

H:\Program Files\Cisco deleted successfully
H:\Program Files\Hry.cz deleted successfully
H:\Program Files\Lavasoft deleted successfully
H:\Program Files\Philips deleted successfully
H:\Program Files\Realtek Sound Manager deleted successfully
H:\DOCUME~1\ALLUSE~1\NABDKA~1\Programy\Games deleted successfully
H:\DOCUME~1\ALLUSE~1\DATAAP~1\CanonIJPLM deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-448539723-57989841-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-448539723-57989841-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-448539723-57989841-1177238915-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

H:\Program Files\ComPlus Applications deleted
H:\user.js deleted
H:\ccsetup226.exe deleted
H:\DOCUME~1\ALLUSE~1\DATAAP~1\InstallMate deleted
"H:\WINDOWS\Installer\2b8d91d.msi" deleted

==== Files Recently Created / Modified ======================

====== H:\WINDOWS ====
====== H:\DOCUME~1\Olda\LOCALS~1\Temp ====
====== Java Cache =====
====== H:\WINDOWS\system32 =====
====== H:\WINDOWS\system32\drivers =====
====== H:\WINDOWS\Tasks ======
====== H:\WINDOWS\Temp ======
======= H:\Program Files =====
======= H: =====
====== H:\Documents and Settings\Olda\Data aplikací ======
====== H:\Documents and Settings\Olda ======
2014-09-25 12:57:29 -------- d--h--r- H:\Documents and Settings\Olda\Recent

====== H: exe-files ==
2014-10-15 17:59:01 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\erunt\ERUNT.EXE
2014-10-15 17:54:53 3F5D9D75F6523CB30924999EDFDAD28B 1705698 ----a-w- H:\RECYCLER\S-1-5-21-448539723-57989841-1177238915-1004\Dh5.exe
=== H: other files ==
2014-10-15 17:59:00 FC1F36A7844235BACFE12DF3FD486026 14957 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\get.bat
2014-10-15 17:59:00 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\prelim.bat
2014-10-15 17:59:00 E5E1041DE1DBDDF20D704BA894BEAD05 183929 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\misc.bat
2014-10-15 17:59:00 E01FF880FC345F56C61E80C91FA03687 9384 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\runvalues.bat
2014-10-15 17:59:00 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\TDL4.bat
2014-10-15 17:59:00 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\medfos.bat
2014-10-15 17:59:00 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\surfvox.bat
2014-10-15 17:59:00 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\searchlnk.bat
2014-10-15 17:59:00 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\firefox.bat
2014-10-15 17:59:00 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\ev_clear.bat
2014-10-15 17:59:00 4D80C7010E2CE44AB25FA25B013649E4 8085 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\mws.bat
2014-10-15 17:59:00 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\ask.bat
2014-10-15 17:59:00 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\iexplore.bat
2014-10-15 17:59:00 1EFD82B5DDC672FE3D2AFE731898BAF4 14044 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\chrome.bat
2014-10-15 17:59:00 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- H:\Documents and Settings\Olda\Local Settings\Temp\jrt\delfolders.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-448539723-57989841-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="H:\WINDOWS\system32\ctfmon.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="H:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE"
"CanonMyPrinter"="H:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"CanonSolutionMenu"="H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"OpwareSE4"="H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"Print2PDF Print Monitor"="H:\Program Files\Software602\Print2PDF\Print2PDF.exe /server"
"AVG_TRAY"="H:\Program Files\AVG\AVG2012\avgtray.exe"
"Adobe ARM"="H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AtherosBtXpStack"="H:\Program Files\Bluetooth XP Suite\BluetoothSuit.exe"
"SSBkgdUpdate"="H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="H:\WINDOWS\system32\ctfmon.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CTFMON.EXE"
"hkey"="HKCU"
"command"="H:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VTTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VTTimer"
"hkey"="HKLM"
"command"="VTTimer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VTTrayp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VTTrayp"
"hkey"="HKLM"
"command"="VTtrayp.exe"

==== Task Scheduler Jobs ======================

H:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24.09.2014 12:25]
H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job [Undetermined Task]
H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job [Undetermined Task]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"="H:\Program Files\AVG\AVG2012\Firefox\DoNotTrack" [29.08.2012 09:11]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{74B8363E-36AE-4795-B877-8B7F2C57D4E4} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4B4269910CB62C84BAE7A99BB042C97D deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{199624B4-6BC0-48C2-AB7E-9AB90B249CD7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4B4269910CB62C84BAE7A99BB042C97D deleted successfully

==== Empty IE Cache ======================

H:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
H:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
H:\Documents and Settings\Olda\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
H:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
H:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
H:\Documents and Settings\Olda\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== H:\zoek_backup content ======================

H:\zoek_backup (files=6 folders=3 5771771 bytes)

==== Empty Temp Folders ======================

H:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

H:\WINDOWS\Temp successfully emptied
H:\DOCUME~1\Olda\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

H:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"H:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat" not found
"H:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"H:\Documents and Settings\Olda\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on źt 16.10.2014 at 21:49:28,53 ======================

#20 Příspěvek od **Márty84** » 17 říj 2014 04:34

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

motoracek · #21 Příspěvek od **motoracek** » 17 říj 2014 14:43

Koumkám, že to nic nenašlo... Předpokládám, všechny tyto pomocné prográmky odinstalovat.

alwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Olda :: MOTORACEK [administrátor]

17.10.2014 15:33:56
mbam-log-2014-10-17 (15-33-56).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 218828
Uplynulý čas: 3 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#22 Příspěvek od **Márty84** » 17 říj 2014 17:53

A ja koukam, ze napsano cervene a sesti vykricniku je porad malo...

Márty84 píše:Udelejte !!!kompletni!!! kontrolu

motoracek píše:Typ: Rychlá kontrola

Pustte tu kompletni, at program prohledne cely disk/y

Odinstalovavat zatim nemusite, to az pak na konci vse najednou

motoracek · #23 Příspěvek od **motoracek** » 17 říj 2014 19:13

To je tak, když u toho občas sedí dva a ruka je rychlejší než mozek.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Olda :: MOTORACEK [administrátor]

17.10.2014 19:16:34
mbam-log-2014-10-17 (19-16-34).txt

Typ: Kompletní kontrola (H:\|I:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 370806
Uplynulý čas: 55 minut, 9 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#24 Příspěvek od **Márty84** » 17 říj 2014 20:43

motoracek píše:To je tak, když u toho občas sedí dva a ruka je rychlejší než mozek.

MBAM odinstalujte.

Jak to zatim vypada s pocitacem? Nastala nejaka zmena?

Dejte novy log z RSIT

motoracek · #25 Příspěvek od **motoracek** » 18 říj 2014 15:31

Zdravím,
všechno zatím maká tak, jak má. tady je ten log.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Olda at 2014-10-18 16:29:15
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 17 GB (53%) free of 33 GB
Total RAM: 2046 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:29:19, on 18.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Program Files\Canon\MyPrinter\BJMyPrt.exe
H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
H:\Program Files\Software602\Print2PDF\Print2PDF.exe
H:\Program Files\AVG\AVG2012\avgtray.exe
H:\Program Files\Bluetooth XP Suite\BluetoothSuit.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
H:\Program Files\AVG\AVG2012\avgwdsvc.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
H:\Program Files\AVG\AVG2012\avgnsx.exe
H:\Program Files\AVG\AVG2012\avgemcx.exe
H:\Program Files\AVG\AVG2012\avgrsx.exe
H:\Program Files\AVG\AVG2012\avgcsrvx.exe
H:\Program Files\Outlook Express\msimn.exe
H:\Program Files\Messenger\msmsgs.exe
H:\Program Files\AVG\AVG2012\avgcsrvx.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
I:\install\RSIT.exe
H:\Program Files\trend micro\Olda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - H:\Program Files\AVG\AVG2012\avgdtiex.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CanonMyPrinter] H:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [OpwareSE4] "H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "H:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [AVG_TRAY] "H:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AtherosBtXpStack] "H:\Program Files\Bluetooth XP Suite\BluetoothSuit.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - H:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - H:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

--
End of file - 5706 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Adobe Flash Player Updater.job - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe
H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - H:\WINDOWS\system32\xp_eos.exe -c

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - H:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15 938104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=H:\WINDOWS\SOUNDMAN.EXE [2006-11-16 577536]
"CanonMyPrinter"=H:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 1848648]
"CanonSolutionMenu"=H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"OpwareSE4"=H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"Print2PDF Print Monitor"=H:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"AVG_TRAY"=H:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"Adobe ARM"=H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AtherosBtXpStack"=H:\Program Files\Bluetooth XP Suite\BluetoothSuit.exe [2011-03-02 2186400]
"SSBkgdUpdate"=H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
H:\WINDOWS\system32\VTTimer.exe [2009-12-26 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
H:\WINDOWS\system32\VTtrayp.exe [2009-12-26 176128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\AVG\AVG8\avgam.exe"="H:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"H:\Program Files\AVG\AVG8\avgdiag.exe"="H:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"H:\Program Files\AVG\AVG8\avgdiagex.exe"="H:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"H:\Program Files\AVG\AVG8\avgemc.exe"="H:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"H:\Program Files\AVG\AVG8\avgupd.exe"="H:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"H:\Program Files\AVG\AVG8\avgnsx.exe"="H:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"H:\Program Files\Winamp\winamp.exe"="H:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"H:\Program Files\AVG\AVG2012\avgmfapx.exe"="H:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"H:\WINDOWS\Temp\avgcu_mDNSResponder.exe"="H:\WINDOWS\Temp\avgcu_mDNSResponder.exe:*:Disabled:Bonjour"
"H:\Documents and Settings\Olda\Local Settings\Temp\Softango Downloader213706.exe"="H:\Documents and Settings\Olda\Local Settings\Temp\Softango Downloader213706.exe:*:Disabled:Softango Downloader213706.exe (in)"
"H:\Program Files\AVG\AVG2012\avgnsx.exe"="H:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"H:\Program Files\AVG\AVG2012\avgdiagex.exe"="H:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"H:\Program Files\AVG\AVG2012\avgemcx.exe"="H:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-10-17 15:44:27 ----SHD---- H:\RECYCLER
2014-10-17 15:31:43 ----D---- H:\Program Files\Malwarebytes' Anti-Malware
2014-10-16 21:48:19 ----A---- H:\WINDOWS\zoek-delete.exe
2014-10-16 21:48:18 ----D---- H:\WINDOWS\Temp
2014-10-16 21:38:53 ----D---- H:\zoek_backup
2014-10-15 19:59:08 ----D---- H:\WINDOWS\ERUNT
2014-10-15 19:37:38 ----D---- H:\AdwCleaner
2014-10-15 19:22:06 ----D---- H:\rsit
2014-09-20 07:24:32 ----ASH---- H:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2014-10-18 16:29:17 ----D---- H:\Program Files\trend micro
2014-10-18 08:41:26 ----D---- H:\WINDOWS\system32\drivers\AVG
2014-10-18 08:20:51 ----D---- H:\WINDOWS\system32\CatRoot2
2014-10-18 07:49:38 ----D---- H:\WINDOWS\Prefetch
2014-10-17 21:56:18 ----A---- H:\WINDOWS\SchedLgU.Txt
2014-10-17 21:38:10 ----D---- H:\Documents and Settings\Olda\Data aplikací\vlc
2014-10-17 21:06:12 ----D---- H:\WINDOWS\system32\drivers
2014-10-17 15:44:02 ----D---- H:\Program Files
2014-10-17 15:41:15 ----D---- H:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-10-16 21:49:18 ----D---- H:\WINDOWS
2014-10-16 21:45:11 ----SHD---- H:\WINDOWS\Installer
2014-10-16 21:38:54 ----D---- H:\WINDOWS\system32
2014-10-16 05:46:20 ----D---- H:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-10-16 05:46:20 ----D---- H:\Config.Msi
2014-10-16 05:45:05 ----D---- H:\WINDOWS\system32\MRT
2014-10-16 05:43:05 ----A---- H:\WINDOWS\system32\MRT.exe
2014-10-15 19:31:23 ----D---- H:\WINDOWS\Network Diagnostic
2014-10-15 14:45:33 ----D---- H:\WINDOWS\system32\config
2014-10-15 14:45:23 ----D---- H:\WINDOWS\system32\wbem
2014-10-15 14:45:22 ----D---- H:\WINDOWS\Registration
2014-10-15 08:35:25 ----D---- H:\WINDOWS\Debug
2014-09-25 14:57:29 ----D---- H:\WINDOWS\Minidump
2014-09-24 12:25:09 ----AC---- H:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; H:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; H:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; H:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 PxHelp20;PxHelp20; H:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; H:\WINDOWS\System32\Drivers\sptd.sys [2009-06-10 611064]
R0 videX32;videX32; H:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0 xfilt;VIA SATA IDE Hot-plug Driver; H:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 17920]
R1 AmdK8;Ovladač procesoru AMD; H:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 Avgldx86;AVG AVI Loader Driver; H:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; H:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; H:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-04-11 302368]
R1 avgtp;avgtp; \??\H:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 PQNTDrv;PQNTDrv; H:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); H:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 Atheros_btAudio;Bluetooth Virtual SCO Driver; H:\WINDOWS\system32\drivers\btathsco.sys [2011-03-02 29856]
R3 AVGIDSDriver;AVGIDSDriver; H:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2012-12-10 142176]
R3 AVGIDSFilter;AVGIDSFilter; H:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; H:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 btatha2dp;Bluetooth A2DP Audio Device Driver; H:\WINDOWS\system32\drivers\btatha2dp.sys [2011-03-02 74912]
R3 btathPan;Bluetooth PAN Miniport Device; H:\WINDOWS\system32\DRIVERS\btathpan.sys [2011-03-02 36384]
R3 BTATHPROT;General Bluetooth Filter; H:\WINDOWS\system32\DRIVERS\btathprot.sys [2011-03-02 663072]
R3 btathrcp;Bluetooth AVRCP Target Device; H:\WINDOWS\system32\DRIVERS\btathrcp.sys [2011-03-02 13344]
R3 btathspp;Bluetooth Serial Port Device; H:\WINDOWS\system32\DRIVERS\btathspp.sys [2011-03-02 85152]
R3 BTATHUSB;General Bluetooth Device; H:\WINDOWS\system32\DRIVERS\btathusb.sys [2011-03-02 79008]
R3 btfilter;General Bluetooth Filter ss; H:\WINDOWS\system32\DRIVERS\btfilter.sys [2011-03-02 242976]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; H:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2011-01-19 15664]
R3 nv;nv; H:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; H:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; H:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 ao73o7yj;ao73o7yj; H:\WINDOWS\system32\drivers\ao73o7yj.sys []
S3 AthDfu;Atheros Valkyrie USB BootROM; H:\WINDOWS\System32\Drivers\AthDfu.sys [2011-03-02 42016]
S3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
S3 atinrvxx;ATI WDM Rage Theater Video (Microsoft Corporation); H:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2008-04-14 104960]
S3 CCDECODE;Dekodér Closed Caption; H:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); H:\WINDOWS\system32\DRIVERS\ssudbus.sys [2011-10-18 78136]
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; H:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 MVDCODEC;ATI WDM Specialized MVD Codec (Microsoft Corporation); H:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2008-04-14 13824]
S3 NABTSFEC;NABTS/FEC VBI Codec; H:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; H:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; H:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; H:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; H:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 viagfx;viagfx; H:\WINDOWS\system32\DRIVERS\vtmini.sys [2009-12-26 252416]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows; H:\WINDOWS\system32\DRIVERS\vpnva.sys []
S3 WpdUsb;WpdUsb; H:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; H:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AVGIDSAgent;AVGIDSAgent; H:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2013-10-16 5175856]
R2 avgwd;AVG WatchDog; H:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; H:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; H:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#26 Příspěvek od **Márty84** » 18 říj 2014 15:36

Fajn, tak jeste jeden sken a smaznem zbytky.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

motoracek · #27 Příspěvek od **motoracek** » 18 říj 2014 16:07

Tak to proběhlo, ale výstup z toho nemám. Napsalo to nějakou fatal error, problikla dvě dosovská černá okna a žádný txt jsem nenašel. Nemůže to být tím, že mám místo disku C disk H ?
Konkrétně to napsalo Canon create file I/instal/cmd.bat

motoracek · #28 Příspěvek od **motoracek** » 18 říj 2014 16:21

Jo a když jsem ten bat spustil, tak z toho vylezl text soubůrek s tímto textem

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

#29 Příspěvek od **Márty84** » 18 říj 2014 16:23

Pismenko disku na to nema vliv.

Spustte OTL podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

motoracek · #30 Příspěvek od **motoracek** » 18 říj 2014 16:37

Ta už to maká. Kdepak, to je radost, když je oproti mně (debilovi) odborník na druhé straně.

OTL logfile created on: 18.10.2014 17:27:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = I:\install
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,70% Memory free
3,85 Gb Paging File | 3,34 Gb Available in Paging File | 86,94% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Program Files
Drive H: | 32,01 Gb Total Space | 17,06 Gb Free Space | 53,31% Space Free | Partition Type: NTFS
Drive I: | 266,08 Gb Total Space | 143,19 Gb Free Space | 53,82% Space Free | Partition Type: NTFS

Computer Name: MOTORACEK | User Name: Olda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.10.18 17:27:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- I:\install\OTL.exe
PRC - [2013.10.16 01:30:02 | 005,175,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2013.02.27 17:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012.11.19 18:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012.11.08 04:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012.03.19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.02.14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.04.12 10:58:04 | 000,222,776 | ---- | M] (Software602) -- H:\Program Files\Software602\Print2PDF\Print2PDF.exe
PRC - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) -- H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2011.03.02 11:38:44 | 002,186,400 | ---- | M] (Atheros Commnucations) -- H:\Program Files\Bluetooth XP Suite\BluetoothSuit.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2008.03.18 03:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- H:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- H:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2006.11.16 23:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- H:\WINDOWS\soundman.exe

========== Modules (No Company Name) ==========

MOD - [2011.03.02 11:39:26 | 000,068,768 | ---- | M] () -- H:\Program Files\Bluetooth XP Suite\Sync.dll
MOD - [2011.03.02 11:38:52 | 000,101,536 | ---- | M] () -- H:\Program Files\Bluetooth XP Suite\L2capLib.dll
MOD - [2010.12.02 02:13:18 | 000,214,528 | ---- | M] () -- H:\WINDOWS\system32\spool\drivers\w32x86\3\Software602.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- H:\WINDOWS\system32\pdfcmnnt.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.09.24 12:25:10 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.16 01:30:02 | 005,175,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.03.14 10:59:40 | 000,084,520 | ---- | M] (Software602 a.s.) [Auto | Running] -- H:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2008.01.22 19:35:52 | 000,103,808 | ---- | M] () [On_Demand | Stopped] -- H:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vpnva.sys -- (vpnva)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aaz06x6h)
DRV - [2013.10.02 05:48:19 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013.04.11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.12.10 04:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.11.08 04:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- H:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- H:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.10.18 03:43:42 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.03.02 11:38:50 | 000,242,976 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btfilter.sys -- (btfilter)
DRV - [2011.03.02 11:38:48 | 000,663,072 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btathprot.sys -- (BTATHPROT)
DRV - [2011.03.02 11:38:48 | 000,085,152 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btathspp.sys -- (btathspp)
DRV - [2011.03.02 11:38:48 | 000,079,008 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btathusb.sys -- (BTATHUSB)
DRV - [2011.03.02 11:38:48 | 000,036,384 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btathpan.sys -- (btathPan)
DRV - [2011.03.02 11:38:48 | 000,029,856 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btathsco.sys -- (Atheros_btAudio)
DRV - [2011.03.02 11:38:48 | 000,013,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btathrcp.sys -- (btathrcp)
DRV - [2011.03.02 11:38:46 | 000,074,912 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\btatha2dp.sys -- (btatha2dp)
DRV - [2011.03.02 11:38:46 | 000,042,016 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\AthDfu.sys -- (AthDfu)
DRV - [2009.06.10 21:26:59 | 000,611,064 | ---- | M] () [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.14 00:04:18 | 000,104,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2008.04.14 00:04:18 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2007.03.08 08:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2006.10.18 11:39:58 | 000,017,920 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt)
DRV - [2006.10.17 14:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.02.21 21:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002.09.16 18:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- H:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{74B8363E-36AE-4795-B877-8B7F2C57D4E4}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..\SearchScopes\{74B8363E-36AE-4795-B877-8B7F2C57D4E4}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-448539723-57989841-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: H:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: H:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: H:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: H:\Program Files\AVG\AVG2012\Firefox4\ [2013.11.15 10:29:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: H:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.29 09:11:35 | 000,000,000 | ---D | M]

[2013.10.20 12:26:11 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions
[2011.08.29 07:12:57 | 000,000,000 | ---D | M] (No name found) -- H:\Documents and Settings\Olda\Data aplikací\Mozilla\Extensions\songbird@songbirdnest.com

O1 HOSTS File: ([2014.10.15 17:08:58 | 000,000,741 | R--- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - H:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AtherosBtXpStack] H:\Program Files\Bluetooth XP Suite\BluetoothSuit.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AVG_TRAY] H:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] H:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] H:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [OpwareSE4] H:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Print2PDF Print Monitor] H:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKLM..\Run: [SoundMan] H:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-57989841-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - H:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O15 - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..Trusted Domains: csob.cz ([ib24] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-448539723-57989841-1177238915-1004\..Trusted Domains: seznam.cz ([www] https in Důvěryhodné servery)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.192.60.6 213.192.60.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E0F044C-B76A-42E4-9E04-2843A5972F54}: DhcpNameServer = 213.192.60.6 213.192.60.5
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - H:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: H:\Documents and Settings\Olda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: H:\Documents and Settings\Olda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.09.18 18:27:00 | 000,668,672 | ---- | M] () - I:\AUTODOPRAVA.ppt -- [ NTFS ]
O33 - MountPoints2\{0cb9ff51-ce4b-11e0-b412-0019db21bd70}\Shell - "" = AutoRun
O33 - MountPoints2\{0cb9ff51-ce4b-11e0-b412-0019db21bd70}\Shell\AutoRun\command - "" = M:\Setup.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - H:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - H:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - H:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - H:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - H:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - H:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - H:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - H:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - H:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - H:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - H:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to H:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.10.17 15:44:27 | 000,000,000 | -HSD | C] -- H:\RECYCLER
[2014.10.17 15:31:43 | 000,000,000 | ---D | C] -- H:\Program Files\Malwarebytes' Anti-Malware
[2014.10.16 21:48:18 | 000,000,000 | ---D | C] -- H:\WINDOWS\Temp
[2014.10.16 21:38:53 | 000,000,000 | ---D | C] -- H:\zoek_backup
[2014.10.15 19:59:08 | 000,000,000 | ---D | C] -- H:\WINDOWS\ERUNT
[2014.10.15 19:37:38 | 000,000,000 | ---D | C] -- H:\AdwCleaner
[2014.10.15 19:22:06 | 000,000,000 | ---D | C] -- H:\rsit
[2014.09.25 14:57:29 | 000,000,000 | RH-D | C] -- H:\Documents and Settings\Olda\Recent

========== Files - Modified Within 30 Days ==========

[2014.10.18 17:29:27 | 000,000,512 | ---- | M] () -- H:\PhysicalMBR.bin
[2014.10.18 17:25:00 | 000,000,914 | ---- | M] () -- H:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.10.18 17:24:33 | 000,002,334 | ---- | M] () -- H:\Documents and Settings\Olda\bmarchive.bms
[2014.10.18 17:23:44 | 000,000,220 | ---- | M] () -- H:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.10.18 17:23:37 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2014.10.18 17:23:36 | 2145,964,032 | -HS- | M] () -- H:\hiberfil.sys
[2014.10.18 12:09:34 | 000,002,563 | ---- | M] () -- H:\Documents and Settings\Olda\Plocha\Microsoft Office Word 2007.lnk
[2014.10.18 08:41:24 | 176,159,598 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\incavi.avm
[2014.10.18 07:48:32 | 000,013,646 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2014.10.17 19:46:01 | 000,235,329 | ---- | M] () -- H:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2014.10.16 21:38:52 | 000,024,064 | ---- | M] () -- H:\WINDOWS\zoek-delete.exe
[2014.10.16 19:33:41 | 000,065,536 | ---- | M] () -- H:\Documents and Settings\Olda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.10.16 18:36:50 | 000,002,477 | ---- | M] () -- H:\Documents and Settings\Olda\Plocha\Microsoft Office Excel 2007.lnk
[2014.10.09 09:09:23 | 000,002,507 | ---- | M] () -- H:\Documents and Settings\Olda\Plocha\CorelDRAW 11.lnk
[2014.10.08 15:00:00 | 000,000,214 | ---- | M] () -- H:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.09.24 12:25:09 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerApp.exe
[2014.09.24 12:25:09 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2014.10.16 21:48:19 | 000,024,064 | ---- | C] () -- H:\WINDOWS\zoek-delete.exe
[2014.09.20 07:24:32 | 2145,964,032 | -HS- | C] () -- H:\hiberfil.sys
[2014.04.12 17:23:44 | 000,002,334 | ---- | C] () -- H:\Documents and Settings\Olda\bmarchive.bms
[2013.02.20 09:12:04 | 000,802,904 | ---- | C] () -- H:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-448539723-57989841-1177238915-1004-0.dat
[2013.02.20 09:12:04 | 000,226,402 | ---- | C] () -- H:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2009.06.10 22:08:35 | 000,065,536 | ---- | C] () -- H:\Documents and Settings\Olda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013.10.12 10:28:32 | 000,000,227 | RHS- | M] () -- H:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.03.10 06:43:10 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.10.17 19:00:52 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\AVG2012
[2009.06.10 19:34:50 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.06.10 20:06:01 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2013.07.03 19:21:10 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Cisco
[2011.03.15 09:21:39 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.11.15 10:29:36 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.10.20 15:06:02 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
[2013.02.20 17:10:13 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Samsung
[2009.09.14 16:09:45 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2010.10.10 09:40:01 | 000,000,000 | ---D | M] -- H:\Documents and Settings\All Users\Data aplikací\Temp
[2009.08.02 20:28:02 | 000,000,000 | -H-D | M] -- H:\Documents and Settings\All Users\Data aplikací\{FC0EF073-EDB5-4CBE-B92D-5CE9A223F37B}
[2013.01.31 10:55:34 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2011.06.03 16:29:28 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602Installer
[2011.06.03 16:29:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602XML
[2011.11.16 16:59:23 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\AVG2012
[2009.09.14 16:14:50 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Canon
[2010.07.03 11:55:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\CD-LabelPrint
[2010.01.02 11:34:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\LANGMaster
[2014.09.18 14:07:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Mikrotik
[2009.09.14 16:29:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\NewSoft
[2011.08.29 07:12:46 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Philips-Songbird
[2013.02.20 17:10:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Samsung
[2009.09.14 16:09:47 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\ScanSoft
[2011.09.28 10:41:40 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Software602
[2014.01.04 14:41:44 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Spotify
[2013.03.23 18:01:19 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.06.10 11:04:16 | 000,000,065 | RH-- | C] () -- H:\WINDOWS\Tasks\desktop.ini
[2009.06.10 11:10:07 | 000,000,006 | -H-- | C] () -- H:\WINDOWS\Tasks\SA.DAT
[2013.11.25 08:16:40 | 000,000,914 | ---- | C] () -- H:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.03.14 06:55:37 | 000,000,214 | ---- | C] () -- H:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.14 06:55:38 | 000,000,220 | ---- | C] () -- H:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- H:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- H:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- H:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- H:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- H:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- H:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- H:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 01:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- H:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- H:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- H:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- H:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- H:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- H:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- H:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- H:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- H:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- H:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- H:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- H:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[19 H:\WINDOWS\Temp\*.tmp files -> H:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.06.03 16:29:28 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602Installer
[2011.06.03 16:29:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\602XML
[2012.08.08 21:33:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Adobe
[2009.09.14 16:16:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\ArcSoft
[2014.04.12 17:37:46 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Atheros
[2011.11.16 16:59:23 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\AVG2012
[2009.09.14 16:14:50 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Canon
[2010.07.03 11:55:31 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\CD-LabelPrint
[2009.06.10 21:35:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Corel
[2009.08.12 15:28:00 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\DivX
[2014.02.23 21:18:58 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\dvdcss
[2009.07.18 08:50:04 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Google
[2009.07.11 19:17:42 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Help
[2009.06.10 11:12:09 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Identities
[2011.06.03 16:29:37 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\InstallShield
[2010.01.02 11:34:32 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\LANGMaster
[2013.10.17 19:27:03 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\LavasoftStatistics
[2009.06.11 10:29:26 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Macromedia
[2013.10.18 22:09:17 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Malwarebytes
[2013.10.09 17:46:12 | 000,000,000 | --SD | M] -- H:\Documents and Settings\Olda\Data aplikací\Microsoft
[2014.09.18 14:07:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Mikrotik
[2011.08.29 07:12:57 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Mozilla
[2009.09.14 16:29:24 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\NewSoft
[2011.08.29 07:12:46 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Philips-Songbird
[2013.02.20 17:10:06 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Samsung
[2009.09.14 16:09:47 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\ScanSoft
[2011.09.28 10:41:40 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Software602
[2014.01.04 14:41:44 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Spotify
[2013.03.23 18:01:19 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\TuneUp Software
[2014.10.17 21:38:10 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\vlc
[2014.05.03 17:07:17 | 000,000,000 | ---D | M] -- H:\Documents and Settings\Olda\Data aplikací\Winamp

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.10.18 17:25:00 | 000,000,914 | ---- | M] () -- H:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.10.08 15:00:00 | 000,000,214 | ---- | M] () -- H:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.10.18 17:23:44 | 000,000,220 | ---- | M] () -- H:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.06.10 21:26:59 | 000,611,064 | ---- | M] () Unable to obtain MD5 -- H:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2006.01.01 02:15:06 | 000,094,208 | ---- | M] () -- H:\WINDOWS\System32\config\default.sav
[2006.01.01 02:15:06 | 001,069,056 | ---- | M] () -- H:\WINDOWS\System32\config\software.sav
[2006.01.01 02:15:05 | 000,499,712 | ---- | M] () -- H:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.10.16 05:43:05 | 100,290,944 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\system32\MRT.exe
[2014.10.18 07:48:32 | 000,013,646 | ---- | M] () -- H:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2009.03.29 19:56:46 | 000,105,528 | ---- | M] () -- \OldPC\D\zz-top1\jedenact\martincova-crackerjack-2-01.jpg
[3 \OldPC\D\zz-top1\jedenact\*.tmp files -> \OldPC\D\zz-top1\jedenact\*.tmp -> ]
[1996.12.18 12:29:16 | 000,007,141 | ---- | M] () -- \OldPC\E\Program Files\SEA\CRACK.EXE

< *keygen* /s >
[2004.04.23 16:22:38 | 000,105,739 | ---- | M] () -- \OldPC\E\srackolap2\SysMechKeygen.zip

< *AntiWPA* /s >

< *loader* /s >
[2002.12.12 00:14:32 | 000,032,768 | ---- | M] () -- \OldPC\C\WIN98\SYSBCKUP\DMLOADER.DLL
[2002.12.12 00:14:32 | 000,032,768 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\dmloader.dll
[2009.06.10 18:31:40 | 000,002,305 | ---- | M] () -- \OldPC\C\WIN98\Temporary Internet Files\Content.IE5\AVCFVGH8\preloader[1].swf
[2009.06.10 18:31:36 | 000,001,317 | ---- | M] () -- \OldPC\C\WIN98\Temporary Internet Files\Content.IE5\I3WFYDON\GeewaRuntimeDefaultLoader[1].swf

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[1999.05.05 22:22:00 | 000,049,152 | ---- | M] () -- \OldPC\C\WIN98\SYSBCKUP\DPSERIAL.DLL
[1999.05.05 22:22:00 | 000,049,152 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\DPSERIAL.DLL
[1999.05.05 22:22:00 | 000,018,625 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\SERIAL.VXD
[1999.05.05 22:22:00 | 000,012,271 | ---- | M] () -- \OldPC\C\WIN98\SYSTEM\SERIALUI.DLL

< *w7lxe* /s >

< End of report >

VIRY.CZ

Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8

Re: Nelze spustit některé stránky z IE8