Prosím o kontrolu logu - nejdou spouštět některé akce...

Ronnie · Příspěvekod **Ronnie** » 09 pro 2009 16:54

Ahoj, prosím o pomoc s následujícím problémem (ve WinXP). Začalo to tím, že mi přestal jít spouštět Adobe Acrobat (kliknu, disk zahrabe, nic se nestane), teď se k tomu přidalo částečně deaktivované AVG 9 (komponenta Identity Protection nelze spustit, když se o to snažím manuálně, vyhodí chybu - zkoušel jsem reinstal AVG, nepomohlo), samotné AVG nejde aktualizovat (hází to více hlášek s různými důvody) a spustím-li třeba MBAM, tak po cca 3 sekundách chodu prostě spadne a zmizí. Níže přidávám log...

Děkuji!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:34, on 9.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\BioAdmin Server\BA_Server.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: ApacheMonitor.exe.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: BioAdmin Server - Unknown owner - C:\Program Files\BioAdmin Server\BA_Server.exe
O23 - Service: Služba Google Update (gupdate1c9e6a68bb09558) (gupdate1c9e6a68bb09558) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 3529 bytes

Reklama

Damned · Příspěvekod **Damned** » 09 pro 2009 17:11

Aktualizuj MbAM, restartuj do NR a zkus spustit MbAM v NR. Pokud vytvoří nějaký log, vlož mi ho sem.

Damned · Příspěvekod **Damned** » 09 pro 2009 17:17

Martine, není vhodné problém řešit na dvou fórech!!!!!!!!!!!!!!!!!!

Ronnie · Příspěvekod **Ronnie** » 09 pro 2009 17:25

Ano, já vím, ale je to pracovní počítač a já tady kvůli tomu celé odpoledne nepracuji... tak jsem založil topic tam a čekal cca hodinu, pak z nervozity i tady. Tam ho smažu, omlouvám se. (edit: už smazáno)

Každopádně v NR se mi také nepodaří s MBAM proběhnout až do konce, zapnu ho, pustím, chvilku běží, spadne. Zkoušel jsem několikrát, někdy spadne hned, někdy po otestování prvních pár souborů...

Jen ještě doplňuji drobnost, na pozadí se mi stále (cca každé 2 sekundy) spouští proces AVGIDSMonitor.exe, každopádně vždy po cca půlvteřině spadne... a tak stále dokola.

Damned · Příspěvekod **Damned** » 09 pro 2009 17:36

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Ronnie · Příspěvekod **Ronnie** » 09 pro 2009 17:44

OTL logfile created on: 9.12.2009 17:39:28 - Run 1
OTL by OldTimer - Version 3.1.11.9 Folder = C:\Documents and Settings\Martin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 698,63 Gb Total Space | 299,50 Gb Free Space | 42,87% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 162,64 Gb Free Space | 8,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,81 Gb Total Space | 3,81 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 1859,80 Gb Total Space | 805,32 Gb Free Space | 43,30% Space Free | Partition Type: NTFS

Computer Name: RONNIE
Current User Name: Martin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Martin\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files\BioAdmin Server\BA_Server.exe ()
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
PRC - C:\Program Files\Apache Group\Apache2\bin\Apache.exe (Apache Software Foundation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Martin\Plocha\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws9) -- C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.)
SRV - (gupdate1c9e6a68bb09558) Služba Google Update (gupdate1c9e6a68bb09558) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe ()
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (BioAdmin Server) -- C:\Program Files\BioAdmin Server\BA_Server.exe ()
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (NetTcpPortSharing) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (MySQL) -- C:\Program Files\Apache Group\MySQL\bin\mysqld-nt.exe ()
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Apache2) -- C:\Program Files\Apache Group\Apache2\bin\Apache.exe (Apache Software Foundation)

========== Driver Services (SafeList) ==========

DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriverxpx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys (AVG Technologies )
DRV - (AVGIDSFilterxpx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys (AVG Technologies )
DRV - (AVGIDSShimxpx) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys (AVG Technologies )
DRV - (AVGIDSErHrxpx) -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys (AVG Technologies )
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (pcouffin) -- C:\WINDOWS\system32\drivers\pcouffin.sys (VSO Software)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (PxHelp20) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys (Sonic Solutions)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (usb_rndisx) -- C:\WINDOWS\system32\drivers\usb8023x.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (usbser) -- C:\WINDOWS\system32\drivers\usbser.sys (Microsoft Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (CrystalSysInfo) -- C:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (AVerFx2hbtv) -- C:\WINDOWS\system32\drivers\AVerFx2hbtv.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (HCW85BDA) -- C:\WINDOWS\system32\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV - (SNP2STD) USB2.0 PC Camera (SNP2STD) -- C:\WINDOWS\system32\drivers\snp2sxp.sys ()
DRV - (CamthWDM) -- C:\WINDOWS\system32\drivers\CamthWDM.sys (YewSoft)
DRV - (CyUsb) -- C:\WINDOWS\system32\drivers\CyUsb.sys (Cypress Semiconductor)
DRV - (CyLoad) -- C:\WINDOWS\system32\drivers\CyLoad.sys (Cypress Semiconductor)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.search.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {FFA36170-80B1-4535-B0E3-A4569E497DD0}:2.0.3
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.713
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:1.0.7
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.04.17 09:47:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 02:00:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.10.29 13:07:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.12.06 10:54:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.12.09 13:46:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009.12.04 09:29:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009.12.03 18:38:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Extensions
[2009.12.03 18:38:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.08.02 14:23:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.12.09 14:22:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\extensions
[2009.09.03 06:48:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.02 14:25:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
[2009.08.02 14:25:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009.08.02 14:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009.08.02 14:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2009.08.02 14:25:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}
[2009.02.01 14:36:30 | 00,000,950 | ---- | M] () -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\searchplugins\icqplugin-1.xml
[2008.11.18 13:56:02 | 00,000,944 | ---- | M] () -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\searchplugins\icqplugin.xml
[2009.12.07 13:37:42 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.06 10:33:49 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.02.28 05:00:28 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009.04.17 09:48:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2008.05.29 21:32:45 | 00,023,040 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2008.05.29 21:32:45 | 00,134,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.04.17 09:47:51 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2008.05.29 21:32:45 | 00,065,536 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003.05.15 01:01:48 | 00,133,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009.03.27 02:27:37 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009.03.27 02:27:37 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009.03.27 02:27:38 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009.03.27 02:27:38 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009.03.27 02:27:38 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009.03.27 02:27:38 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009.03.27 02:27:38 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009.02.02 18:15:00 | 03,771,296 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2008.04.16 05:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2008.03.31 20:06:24 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2008.03.31 20:06:24 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2008.01.27 10:57:20 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2008.01.27 10:57:20 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2008.03.31 20:06:24 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (1109 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ron.cz
O1 - Hosts: 127.0.0.1 www.ron.cz
O1 - Hosts: 127.0.0.1 kulturistika.ron.cz
O1 - Hosts: 127.0.0.1 powerlifting.ron.cz
O1 - Hosts: 127.0.0.1 medicina.ron.cz
O1 - Hosts: 127.0.0.1 lide.ron.cz
O1 - Hosts: 127.0.0.1 tv.ron.cz
O1 - Hosts: 127.0.0.1 blog.ron.cz
O1 - Hosts: 127.0.0.1 blogy.ron.cz
O1 - Hosts: 127.0.0.1 forum.ron.cz
O1 - Hosts: 127.0.0.1 obchod.ron.cz
O1 - Hosts: 127.0.0.1 kamzasportem.ron.cz
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\Martin\Nabídka Start\Programy\Po spuštění\ApacheMonitor.exe.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.03 00:33:03 | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\##server-old#server\Shell - "" = AutoRun
O33 - MountPoints2\##server-old#server\Shell\AutoRun\command - "" = X:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{a63248f4-a8da-11de-8c59-001e8cc5765e}\Shell\AutoRun\command - "" = .\Docs\print.exe
O33 - MountPoints2\{a63248f4-a8da-11de-8c59-001e8cc5765e}\Shell\explore\command - "" = .\\\\Docs/print.exe
O33 - MountPoints2\{a63248f4-a8da-11de-8c59-001e8cc5765e}\Shell\open\command - "" = Docs////print.exe
O33 - MountPoints2\{c38247d8-ce4c-11de-a229-001e8cc5765e}\Shell - "" = AutoRun
O33 - MountPoints2\{c38247d8-ce4c-11de-a229-001e8cc5765e}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009.12.09 17:38:09 | 00,536,576 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Martin\Plocha\OTL.exe
[2009.12.09 14:48:22 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009.12.09 14:48:05 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009.12.09 14:48:04 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009.12.09 14:48:04 | 00,161,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009.12.09 14:48:04 | 00,025,608 | ---- | C] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2009.12.09 14:48:02 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009.12.09 14:47:58 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009.12.09 14:47:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009.12.09 14:47:36 | 00,050,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009.12.09 14:47:36 | 00,030,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009.12.09 14:47:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2009.12.09 13:46:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Adobe PDF 6.0
[2009.12.09 13:07:34 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Martin\Recent
[2009.12.01 10:22:50 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2009.12.01 10:22:34 | 00,000,000 | ---D | C] -- C:\Program Files\SPOST
[2009.11.19 15:19:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martin\Data aplikací\Broad Intelligence
[2009.11.19 15:17:58 | 00,000,000 | ---D | C] -- C:\Program Files\MediaCoder
[2009.11.19 15:14:21 | 00,000,000 | ---D | C] -- C:\Program Files\RM Converter1
[2009.11.19 15:05:36 | 01,245,184 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\bkll.dll
[2009.11.19 15:05:36 | 00,780,288 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\ALOVideoCompress.dll
[2009.11.19 15:05:36 | 00,495,104 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\ALOVideoCoreM.dll
[2009.11.19 15:05:36 | 00,382,464 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\ALOAVIFile.dll
[2009.11.19 15:05:36 | 00,249,856 | ---- | C] (Online Media Technologies Company Ltd.) -- C:\WINDOWS\System32\ALOQuickTimeFile.dll
[2009.11.19 15:05:36 | 00,215,552 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\ALOWMVFile.dll
[2009.11.19 15:05:36 | 00,188,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\ALOVideoFile.dll
[2009.11.19 15:05:35 | 02,846,720 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\ALOAudioCompress3.dll
[2009.11.19 15:05:35 | 00,877,568 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\ALOAudioFile2.dll
[2009.11.19 15:05:35 | 00,778,240 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\ALOAudioCompress2.dll
[2009.11.19 15:05:35 | 00,403,968 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\ALOWMAFile2.dll
[2009.11.19 15:05:35 | 00,090,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\ALOAudioFormatSettings3.dll
[2009.11.19 15:05:34 | 00,053,248 | ---- | C] (www.alosoft.com) -- C:\WINDOWS\System32\AloFrame.ocx
[2009.11.19 15:05:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\RMBin
[2009.11.17 20:23:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martin\Dokumenty\Downloads
[2009.11.10 23:02:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009.09.12 12:16:12 | 00,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2009.09.12 12:16:12 | 00,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2009.04.13 21:12:32 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Martin\Data aplikací\pcouffin.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009.12.09 17:42:01 | 00,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1004336348-1801674531-1003UA.job
[2009.12.09 17:38:34 | 04,718,592 | -H-- | M] () -- C:\Documents and Settings\Martin\NTUSER.DAT
[2009.12.09 17:38:10 | 00,536,576 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Plocha\OTL.exe
[2009.12.09 17:22:44 | 00,194,297 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.09 17:22:41 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.12.09 17:22:40 | 00,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.12.09 17:22:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.09 17:22:13 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.09 17:20:55 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Martin\ntuser.ini
[2009.12.09 17:20:50 | 03,712,656 | -H-- | M] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\IconCache.db
[2009.12.09 17:13:45 | 00,006,680 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2009.12.09 17:12:59 | 00,002,044 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2009.12.09 16:49:01 | 00,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009.12.09 16:10:24 | 00,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.12.09 16:10:24 | 00,437,832 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2009.12.09 16:10:24 | 00,082,552 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2009.12.09 16:10:24 | 00,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.12.09 16:10:21 | 01,046,890 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.12.09 15:31:11 | 00,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.12.09 14:56:32 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009.12.09 14:56:30 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009.12.09 14:56:30 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009.12.09 14:56:27 | 00,025,608 | ---- | M] (AVG Technologies ) -- C:\WINDOWS\System32\drivers\AVGIDSxx.sys
[2009.12.09 14:56:24 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009.12.09 14:56:22 | 00,161,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2009.12.09 14:48:08 | 44,947,123 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009.12.09 14:48:08 | 00,536,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2009.12.09 14:48:08 | 00,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009.12.09 14:48:05 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 9.0.lnk
[2009.12.09 14:47:58 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009.12.09 14:47:58 | 00,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009.12.09 14:47:58 | 00,088,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009.12.09 14:47:36 | 00,050,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgfwdx.dll
[2009.12.09 14:47:36 | 00,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys
[2009.12.09 13:58:24 | 01,460,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.09 13:56:58 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009.12.09 13:49:22 | 00,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 6.0 CE Professional.lnk
[2009.12.09 13:46:30 | 00,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 6.0 Professional.lnk
[2009.12.09 13:09:08 | 00,003,272 | ---- | M] () -- C:\Documents and Settings\Martin\Dokumenty\cc_20091209_130905.reg
[2009.12.09 13:08:48 | 00,125,906 | ---- | M] () -- C:\Documents and Settings\Martin\Dokumenty\cc_20091209_130845.reg
[2009.12.08 21:42:00 | 00,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1004336348-1801674531-1003Core.job
[2009.12.08 17:06:23 | 00,033,968 | ---- | M] () -- C:\Documents and Settings\Martin\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.07 21:32:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.12.07 16:58:46 | 00,017,408 | ---- | M] () -- C:\Documents and Settings\Martin\Plocha\facebook.xls
[2009.12.07 08:49:19 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Martin\Dokumenty\Změňte svoji postavu.doc
[2009.12.06 16:52:14 | 00,322,048 | ---- | M] () -- C:\Documents and Settings\Martin\Plocha\Peníze 2009.xls
[2009.12.06 10:33:51 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2009.12.05 18:09:14 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\PUTTY.RND
[2009.12.05 16:05:43 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2009.12.05 14:33:38 | 00,046,567 | ---- | M] () -- C:\WINDOWS\php.ini
[2009.12.04 10:11:00 | 00,022,016 | ---- | M] () -- C:\Documents and Settings\Martin\Dokumenty\Prohlášení vlastníka nemovitosti.doc
[2009.12.03 18:44:04 | 00,001,668 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Thunderbird.lnk
[2009.12.03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.12.01 10:50:41 | 00,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2009.11.28 17:58:34 | 00,032,256 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.27 23:53:06 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.11.26 13:03:30 | 00,003,746 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2009.11.25 11:03:45 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\Martin\Plocha\Redaktoři.xls
[2009.11.23 11:54:29 | 00,018,040 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009.11.20 00:15:39 | 00,051,712 | ---- | M] () -- C:\Documents and Settings\Martin\Dokumenty\ADV.doc
[2009.11.19 15:19:26 | 00,000,718 | ---- | M] () -- C:\Documents and Settings\Martin\Plocha\MediaCoder.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009.12.09 15:03:48 | 00,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.12.09 14:48:08 | 00,536,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2009.12.09 14:48:08 | 00,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2009.12.09 14:48:05 | 44,947,123 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009.12.09 14:48:05 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AVG 9.0.lnk
[2009.12.09 14:47:58 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009.12.09 14:47:58 | 00,492,629 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009.12.09 14:47:58 | 00,088,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009.12.09 13:56:20 | 00,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009.12.09 13:46:30 | 00,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 6.0 Professional.lnk
[2009.12.09 13:09:06 | 00,003,272 | ---- | C] () -- C:\Documents and Settings\Martin\Dokumenty\cc_20091209_130905.reg
[2009.12.09 13:08:46 | 00,125,906 | ---- | C] () -- C:\Documents and Settings\Martin\Dokumenty\cc_20091209_130845.reg
[2009.12.07 09:14:49 | 00,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 6.0 CE Professional.lnk
[2009.12.07 08:40:07 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Martin\Dokumenty\Změňte svoji postavu.doc
[2009.12.04 10:11:00 | 00,022,016 | ---- | C] () -- C:\Documents and Settings\Martin\Dokumenty\Prohlášení vlastníka nemovitosti.doc
[2009.12.03 18:38:16 | 00,001,668 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Thunderbird.lnk
[2009.12.01 10:50:41 | 00,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2009.12.01 10:22:51 | 00,183,808 | ---- | C] () -- C:\WINDOWS\System32\BDEADMIN.CPL
[2009.11.27 20:59:28 | 00,017,408 | ---- | C] () -- C:\Documents and Settings\Martin\Plocha\facebook.xls
[2009.11.20 00:15:38 | 00,051,712 | ---- | C] () -- C:\Documents and Settings\Martin\Dokumenty\ADV.doc
[2009.11.19 15:19:26 | 00,000,718 | ---- | C] () -- C:\Documents and Settings\Martin\Plocha\MediaCoder.lnk
[2009.11.19 15:05:34 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.11.19 15:05:34 | 00,000,001 | ---- | C] () -- C:\WINDOWS\yedlata.dll
[2009.10.19 17:08:12 | 00,335,537 | ---- | C] () -- C:\WINDOWS\php_browscap.ini
[2009.10.07 22:29:03 | 00,001,502 | ---- | C] () -- C:\WINDOWS\d.ini
[2009.09.12 12:16:14 | 00,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2009.09.12 12:16:14 | 00,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2009.09.12 12:16:13 | 12,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2009.09.04 10:41:41 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7R.DLL
[2009.07.25 21:19:53 | 00,000,556 | ---- | C] () -- C:\Documents and Settings\Martin\Data aplikací\AutoGK.ini
[2009.06.14 15:40:58 | 00,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009.05.29 08:54:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw.INI
[2009.05.21 13:34:06 | 00,006,592 | ---- | C] () -- C:\WINDOWS\gwpreset.ini
[2009.05.21 13:34:06 | 00,000,666 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2009.05.14 18:37:07 | 00,000,056 | RHS- | C] () -- C:\WINDOWS\System32\F647C26939.sys
[2009.05.14 00:32:15 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009.05.14 00:32:15 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2009.05.14 00:32:15 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2009.05.14 00:32:15 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2009.05.14 00:32:15 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2009.05.07 20:05:11 | 00,018,040 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009.04.21 13:33:41 | 00,046,567 | ---- | C] () -- C:\WINDOWS\php.ini
[2009.04.21 12:42:46 | 02,076,672 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2009.04.21 12:42:46 | 00,464,172 | ---- | C] () -- C:\WINDOWS\System32\libpq.dll
[2009.04.21 12:42:46 | 00,166,912 | ---- | C] () -- C:\WINDOWS\System32\libmcrypt.dll
[2009.04.21 12:42:46 | 00,165,643 | ---- | C] () -- C:\WINDOWS\System32\libmhash.dll
[2009.04.21 12:42:46 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\msql.dll
[2009.04.21 12:42:43 | 01,110,849 | ---- | C] () -- C:\WINDOWS\System32\aspell-15.dll
[2009.04.15 17:47:19 | 00,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2009.04.13 21:12:42 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Martin\Data aplikací\pcouffin.log
[2009.04.13 21:12:32 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Martin\Data aplikací\pcouffin.cat
[2009.04.13 21:12:32 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Martin\Data aplikací\pcouffin.inf
[2009.04.05 18:58:03 | 00,000,074 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\FASTWiz.log
[2009.03.31 21:41:22 | 00,002,044 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.02.26 16:48:18 | 00,032,256 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.15 12:10:27 | 00,000,071 | ---- | C] () -- C:\WINDOWS\smartvideoconverter.ini
[2009.02.06 17:05:49 | 00,003,746 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.02.01 20:43:58 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Martin\Data aplikací\$_hpcst$.hpc
[2009.02.01 16:32:07 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Martin\Data aplikací\PUTTY.RND
[2009.02.01 16:31:35 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\PUTTY.RND
[2009.02.01 15:43:44 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.01.25 22:10:48 | 00,179,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.01.09 00:01:22 | 00,629,760 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.01.05 20:21:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.01.03 01:47:02 | 00,006,680 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.01.03 01:12:42 | 00,000,126 | ---- | C] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\fusioncache.dat
[2009.01.03 00:46:17 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2009.01.03 00:46:01 | 00,001,312 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2009.01.03 00:45:28 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009.01.03 00:38:56 | 00,066,048 | ---- | C] () -- C:\WINDOWS\System32\hcwxds.dll
[2008.05.16 14:01:00 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.05.16 14:01:00 | 01,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.05.16 14:01:00 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.05.16 14:01:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.05.16 14:01:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007.11.07 06:37:10 | 00,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLfNL.DLL
[2006.01.05 06:21:58 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\CNCFLaNL.DLL
[2005.10.14 10:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.10.26 23:39:05 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2002.10.15 23:54:04 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002.02.27 08:41:28 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2002.02.27 08:41:26 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2002.02.27 08:41:26 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll

========== LOP Check ==========

[2009.03.31 09:08:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2009.12.09 14:47:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2009.08.01 22:38:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.02.01 20:10:15 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.09.18 17:00:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Deskshare
[2009.02.01 14:36:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.10.29 13:15:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.03.30 21:51:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2009.05.14 00:32:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Minnetonka Audio Software
[2009.10.29 13:16:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2009.10.29 13:08:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.04.15 17:47:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2009.10.25 14:20:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2009.02.01 16:11:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\ACD Systems
[2009.08.10 19:36:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Azureus
[2009.11.19 15:19:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Broad Intelligence
[2009.02.02 08:36:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Canon
[2009.02.01 15:51:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\CD-LabelPrint
[2009.02.28 05:01:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\esmska
[2009.08.26 01:01:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\ICQ
[2009.02.01 15:40:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Jeyo
[2009.11.04 11:30:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Nokia
[2009.10.04 09:57:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\OpenOffice.org
[2009.02.01 16:14:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Opera
[2009.10.29 13:10:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\PC Suite
[2009.02.01 14:59:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Star-Tools
[2009.02.08 15:44:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\TextPad
[2009.12.03 18:38:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Thunderbird
[2009.09.07 19:53:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\VirtuaWin
[2009.04.13 21:16:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Vso
[2009.01.03 01:33:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Windows Search
[2009.10.08 17:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Zoner
[2009.12.07 21:32:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\WINDOWS:98E1505E58C4709E
< End of report >

Ronnie · Příspěvekod **Ronnie** » 09 pro 2009 17:45

OTL Extras logfile created on: 9.12.2009 17:39:29 - Run 1
OTL by OldTimer - Version 3.1.11.9 Folder = C:\Documents and Settings\Martin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 698,63 Gb Total Space | 299,50 Gb Free Space | 42,87% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 162,64 Gb Free Space | 8,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 3,81 Gb Total Space | 3,81 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 1859,80 Gb Total Space | 805,32 Gb Free Space | 43,30% Space Free | Partition Type: NTFS

Computer Name: RONNIE
Current User Name: Martin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- C:\Program Files\PSPad\PSPad.exe (Prog-Soft s.r.o.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- C:\PROGRA~1\MICROS~2\Office10\FRONTPG.EXE (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- "C:\Program Files\PSPad\PSPad.exe" "%1" (Prog-Soft s.r.o.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\8.0\ACDSee8.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\Program Files\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Jeyo\JMC_WindowsMobile\JMC_WM.exe" = C:\Program Files\Jeyo\JMC_WindowsMobile\JMC_WM.exe:*:Enabled:Jeyo Mobile Companion -- (Jeyo, Inc.)
"C:\Program Files\ICQ\Icq.exe" = C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ -- (ICQ Inc.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe -- File not found
"C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe -- File not found
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{23E797E9-F852-4AEA-93F0-772ED2B9D9F9}" = OpenOffice.org 3.1
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A862C7D-0504-48BC-AEF8-7F7479C7C158}" = Apache HTTP Server 2.0.44
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{467D4602-532E-43D9-9176-A6EBD281F767}" = BioAdmin Server 4.3
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{70AB1576-7883-2313-C650-7A71270B1029}" = Nero 7 Premium
"{73A77BB2-1391-41AD-B68F-4AD37EAC8BC4}" = BioAdmin Client 4.3
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USR Mini Cam for Skype
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{9074AFC0-CFDA-11DE-B484-005056806466}" = Google Earth
"{984FFBAD-C445-442F-BC71-E2034F9A395B}" = MySQL Server 5.0
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{A14F7508-B784-40B8-B11A-E0E2EEB7229F}" = Adobe Premiere Pro 1.5
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-1033-C470-7760-CE0000000001}" = Adobe Acrobat 6.0 CE Professional
"{ADBBED4F-720B-460D-AA14-D85EBC4AEF97}" = TextPad
"{AE80641A-0C8D-4670-A518-B4EC154B1027}" = ACDSee 8
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 6.0.1 CE" = Adobe Photoshop 6.0.1 CE
"AVerMedia C038 USB Capture Card" = AVerMedia C038 USB Capture Card 1.0.0.23
"AVG9Uninstall" = AVG 9.0
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DVD Shrink_is1" = DVD Shrink 3.2
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"EasyDivX v0.820" = EasyDivX v0.820 Standard
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"GoldWave v4.26" = GoldWave v4.26
"HijackThis" = HijackThis 2.0.2
"ICQ" = ICQ
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{467D4602-532E-43D9-9176-A6EBD281F767}" = BioAdmin Server 4.3
"InstallShield_{73A77BB2-1391-41AD-B68F-4AD37EAC8BC4}" = BioAdmin Client 4.3
"IPCam Admin Utility_is1" = IPCam Admin v3.0
"IPCam Surveillance Software_is1" = IPCam Surveillance Software 3.0.0.11
"Jeyo Mobile Companion 2.0_is1" = Jeyo Mobile Companion 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.2.4530
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0)" = Mozilla Firefox (3.0)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MySQL-Front_is1" = MySQL-Front 3.2
"Net Transport_is1" = Net Transport 1.87.258
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Pošta 2002_is1" = Pošta 2002 verze 12.990
"PSPad editor_is1" = PSPad editor
"QuicktimeAlt_is1" = QuickTime Alternative 2.8.0
"Remote Administrator v2.2" = Remote Administrator v2.2
"Smart Video Converter_is1" = Smart Video Converter 1.5.31
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Vuze" = Vuze
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebCam Monitor_is1" = WebCam Monitor 5.2
"WebcamMax" = WebcamMax
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.2.1 final uninstall
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.12.2009 23:42:20 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 0:42:15 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 1:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 2:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 3:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 4:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 5:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 6:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 7:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

Error - 9.12.2009 8:42:14 | Computer Name = RONNIE | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 9.12.2009 12:18:37 | Computer Name = RONNIE | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec Lbd MRxSmb NetBIOS NetBT RasAcd
Rdbss
Tcpip

Error - 9.12.2009 12:18:42 | Computer Name = RONNIE | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9.12.2009 12:19:41 | Computer Name = RONNIE | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 9.12.2009 12:20:40 | Computer Name = RONNIE | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 9.12.2009 12:20:52 | Computer Name = RONNIE | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 9.12.2009 12:22:39 | Computer Name = RONNIE | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
AVG9IDSAgent.

Error - 9.12.2009 12:22:39 | Computer Name = RONNIE | Source = Service Control Manager | ID = 7000
Description = Služba AVG9IDSAgent neuspěla při spuštění v důsledku následující chyby:
%%1053

Error - 9.12.2009 12:23:29 | Computer Name = RONNIE | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Lbd

Error - 9.12.2009 12:23:30 | Computer Name = RONNIE | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
AVG9IDSAgent.

Error - 9.12.2009 12:23:30 | Computer Name = RONNIE | Source = Service Control Manager | ID = 7000
Description = Služba AVG9IDSAgent neuspěla při spuštění v důsledku následující chyby:
%%1053

< End of report >

Damned · Příspěvekod **Damned** » 09 pro 2009 18:33

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
O33 - MountPoints2\##server-old#server\Shell\AutoRun\command - "" = X:\wd_windows_tools\setup.exe -- File not found
O33 - MountPoints2\{c38247d8-ce4c-11de-a229-001e8cc5765e}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe -- File not found

:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\System32\KGyGaAvL.sys
C:\WINDOWS\System32\F647C26939.sys
C:\WINDOWS\d.ini
C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\searchplugins\icqplugin-1.xml
C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\searchplugins\icqplugin.xml

:Reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
*****************************************************************************************************************************************
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

C:\WINDOWS\jestertb.dll
C:\WINDOWS\yedlata.dll

Ronnie · Příspěvekod **Ronnie** » 09 pro 2009 19:16

http://www.virustotal.com/cs/analisis/5 ... 1260381905

soubor yedlata.dll mi to na virustotal odmítalo odeslat (stále zobrazuje, že soubor nahrává, po čase skočí timelimit), v Total Commander vidím jeho velikost 1 B, při prohlížení je v něm jediný prázdný znak, nic jiného

edit, povedlo se: http://www.virustotal.com/cs/analisis/3 ... 1260382575

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##server-old#server\ deleted successfully.
File X:\wd_windows_tools\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c38247d8-ce4c-11de-a229-001e8cc5765e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c38247d8-ce4c-11de-a229-001e8cc5765e}\ not found.
File F:\NokiaPCIA_Autorun.exe not found.
========== FILES ==========
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\KGyGaAvL.sys moved successfully.
C:\WINDOWS\System32\F647C26939.sys moved successfully.
C:\WINDOWS\d.ini moved successfully.
C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\searchplugins\icqplugin.xml moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Martin
->Temp folder emptied: 560016464 bytes
->Temporary Internet Files folder emptied: 9457274 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45976836 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 1707158 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Ronnie.ATHLONXP

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 264790 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23940608 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 611,81 mb

OTL by OldTimer - Version 3.1.11.9 log created on 12092009_185338

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Damned · Příspěvekod **Damned** » 09 pro 2009 19:38

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
C:\WINDOWS\jestertb.dll

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

Ronnie · Příspěvekod **Ronnie** » 09 pro 2009 20:14

Vše jsem udělal, změny jsou následující:

- AVG už má komponentu Identity Protection aktivní (a proces AVGIDSMonitor.exe, který se stále vypínal a zapínal, teď v poho běží) - edit, tak bohužel, po restartu zase neaktivní, zmíněný proces také neběží... a ani se nesnaží opakovaně spouštět, jako předtím

- AVG stále nejde aktualizovat (hlásí, že server zamítl přístup, což nutně nemusí být chyba u mě... ale je to divné... aktualizace na vedlejším PC proběhne v pohodě)

- MBAM spustím, ale během vteřinky se zase vypne (to samé v NR)

- přestal fungovat Thunderbird, zřejmě proto, že mu to (viz log níže) smazalo nějaký soubor

- Adobe Acrobat neběží stále a to ani když ho přeinstaluju

Takže je stav víceméně stejný... :-(

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:35, on 9.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
C:\Program Files\BioAdmin Server\BA_Server.exe
C:\Program Files\Apache Group\Apache2\bin\Apache.exe
C:\Program Files\Apache Group\MySQL\bin\mysqld-nt.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ronnie.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: ApacheMonitor.exe.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2 - Apache Software Foundation - C:\Program Files\Apache Group\Apache2\bin\Apache.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: BioAdmin Server - Unknown owner - C:\Program Files\BioAdmin Server\BA_Server.exe
O23 - Service: Služba Google Update (gupdate1c9e6a68bb09558) (gupdate1c9e6a68bb09558) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 3858 bytes

ComboFix 09-12-08.07 - Martin 09.12.2009 19:47:44.7.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2709 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martin\Plocha\CFScript.txt
AV: AVG Internet Security *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Thunderbird\plc4.dll
C:\Thumbs.db
c:\windows\jestertb.dll
c:\windows\system32\twain_32.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-09 do 2009-12-09 )))))))))))))))))))))))))))))))
.

V tomto časovém úseku nebyly vytvořeny žádné nové soubory.

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-09 2020120]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]

c:\documents and settings\Martin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ApacheMonitor.exe.lnk - c:\program files\Apache Group\Apache2\bin\ApacheMonitor.exe [2003-1-18 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-09 13:56 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk
backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Martin^Nabídka Start^Programy^Po spuštění^AOM.lnk]
path=c:\documents and settings\Martin\Nabídka Start\Programy\Po spuštění\AOM.lnk
backup=c:\windows\pss\AOM.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-04-21 16:03 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-02-01 15:12 133104 ----atw- c:\documents and settings\Martin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 04:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 04:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-09-17 22:55 13574144 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-03-12 16:21 17531392 ----a-w- c:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-04-25 10:23 675840 ----a-w- c:\windows\vsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-04-17 08:47 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2007-04-25 10:23 258048 ----a-w- c:\windows\tsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Trkwnetaa"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Lavasoft Ad-Aware Service"=3 (0x3)
"AshEvtSvc"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"IDriverT"=3 (0x3)
"gupdate1c9e6a68bb09558"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\Jeyo\\JMC_WindowsMobile\\JMC_WM.exe"=
"c:\\Program Files\\ICQ\\Icq.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]
R2 BioAdmin Server;BioAdmin Server;c:\program files\BioAdmin Server\BA_Server.exe [2008-12-08 303104]
R2 gupdate1c9e6a68bb09558;Služba Google Update (gupdate1c9e6a68bb09558);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-06 133104]
R3 AVerFx2hbtv;AVerMedia C038 USB Capture Card;c:\windows\system32\drivers\AVerFx2hbtv.sys [2007-07-17 199552]
R3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys [2009-12-09 30104]
R3 CyLoad;Suprema USB Driver Loader;c:\windows\system32\Drivers\CyLoad.sys [2005-10-11 28800]
R3 CyUsb;Suprema USB Driver;c:\windows\system32\Drivers\CyUsb.sys [2005-10-11 31872]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-12-03 38224]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
R4 Npftsvwstat;Npftsvwstat; [x]
S0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSxx.sys [2009-12-09 25608]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2009-12-09 161800]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-12-09 333192]
S1 AvgTdiX;AVG Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-12-09 360584]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2009-12-09 285392]
S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2009-12-09 2304192]
S2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2006-07-03 242736]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys [2009-12-09 30104]
S3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [2009-12-09 122376]
S3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [2009-12-09 30216]
S3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [2009-12-09 25736]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2007-05-08 964352]

.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ronnie.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel
IE: Stáhnout pomocí Net Transportu
IE: Stáhnout vše pomocí &Net Transportu
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\b8vh9xf1.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - http://www.seznam.cz
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Adobe Photoshop 6.0.1 CE - c:\windows\ISUN0405.EXE -fc:\program files\Adobe\Photoshop 6.0.1 CE\Uninst.isu -cc:\program files\Adobe\Photoshop 6.0.1 CE\Uninst.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-09 19:53
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\Apache Group\MySQL\bin\mysqld-nt\" --defaults-file=\"c:\program files\Apache Group\MySQL\my.ini\" MySQL"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Adobe\Premiere Pro\1.5\DefaultPreset]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Premiere Pro 1.5\\Settings\\DV - NTSC\\Standard 48kHz.prpreset"

[HKEY_LOCAL_MACHINE\software\Adobe\Premiere Pro\1.5\Help]
@DACL=(02 0000)
"AdobeMediaEncoder"="c:\\Program Files\\Adobe\\Premiere Pro 1.5\\Help\\1_0_0_0.html"
"Contents"="c:\\Program Files\\Adobe\\Premiere Pro 1.5\\Help\\1_0_0_0.html"
"ExportToDVD"="c:\\Program Files\\Adobe\\Premiere Pro 1.5\\Help\\1_19_2_0.html"
"HowToUse"="c:\\Program Files\\Adobe\\Premiere Pro 1.5\\Help\\0_0_0_0.html"
"Keyboard"="c:\\Program Files\\Adobe\\Premiere Pro 1.5\\Help\\1_21_0_0.html"
"Search"="c:\\Program Files\\Adobe\\Premiere Pro 1.5\\Help\\search.html"
"Support"="http://www.adobe.com/support/products/premiere.html"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:9a,f8,0c,97,15,56,07,b1,06,32,d3,7b,75,ea,30,81,cc,aa,fc,1b,68,
1c,26,cb,56,6c,24,48,22,db,99,a8,6a,22,55,3d,6f,1b,00,af,2c,7b,07,ef,fd,7a,\

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:9a,f8,0c,97,15,56,07,b1,06,32,d3,7b,75,ea,30,81,cc,aa,fc,1b,68,
1c,26,cb,56,6c,24,48,22,db,99,a8,6a,22,55,3d,6f,1b,00,af,2c,7b,07,ef,fd,7a,\
.
Celkový čas: 2009-12-09 19:56:11
ComboFix-quarantined-files.txt 2009-12-09 18:56

Před spuštěním: Volných bajtů: 321 971 675 136
Po spuštění: Volných bajtů: 321 939 034 112

- - End Of File - - F44D7033AD6962888D93E26C9E0B4B89

Damned · Příspěvekod **Damned** » 09 pro 2009 21:09

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

Driver::
Npftsvwstat;Npftsvwstat
Npftsvwstat
MySQL
Program

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\dpvsetup.exe"=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu
*****************************************************************************************************************************************
Osobně bych celý AVG odinstaloval, a klidně nahradil něčím lepším, na trhu je toho dost. Spouštění všech těch programů podle mne brání právě AVG, který nefunguje tak jak má. Takže odinstaluj ho v Přidat/Odebrat a pak použij i avg remover ( http://www.avg.com/cz-cs/download-tools ) a vyčisti registr po něm. Pokud máš k němu licenci, stáhni si nejnovější balík a nainstaluj si ho, pokud ne, stáhni si něco podobné (ESS. CIS apod), co neleze tak do systému.

TB pak přeinstaluješ, tu knihovnu "plc4.dll" smazal asi proto, že má být jinde, patří k nějakýmu trackeru.

V logu jinak nic špatnýho nevidím.

Prosím o kontrolu logu - nejdou spouštět některé akce...

Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Re: Prosím o kontrolu logu - nejdou spouštět některé akce...

Kdo je online