prosím o kontrolu vir worm/delf.ff

mafian · Příspěvekod **mafian** » 27 srp 2012 19:47

Automatická kontrola: dokončeno před 7 min. (události: 6, objekty: 2427247, čas: 07:45:41)
27.8.2012 11:25:36 Úloha byla spuštěna
27.8.2012 11:44:38 Zjištěno: Trojan.Win32.Agent.ftsi C:\System Volume Information\_restore{96CA4019-5871-4E92-BB26-30BFEDD36EA5}\RP6\A0003374.exe
27.8.2012 17:57:03 Zjištěno: Virus.Win32.Neshta.a G:\Python27\w9xpopen.exe
27.8.2012 17:57:21 Neošetřeno: Virus.Win32.Neshta.a G:\Python27\w9xpopen.exe Nelze dezinfikovat
27.8.2012 17:57:58 Nelze odstranit: Virus.Win32.Neshta.a G:\Python27\w9xpopen.exe Přístup byl odepřen
27.8.2012 19:11:19 Úloha byla dokončena

nechal jsem to běžet od rána a tady je výsledek a avg vidělo všude vir a když ten soubor dam na sken na http://www.virustotal.com/cs/ tak je soubor ok.

Reklama

mafian · Příspěvekod **mafian** » 27 srp 2012 19:48

Automatická kontrola: dokončeno před 15579 dní (události: 22, objekty: 2427247, čas: 07:45:41)
27.8.2012 11:25:36 Úloha byla spuštěna
27.8.2012 11:44:38 Zjištěno: Trojan.Win32.Agent.ftsi C:\System Volume Information\_restore{96CA4019-5871-4E92-BB26-30BFEDD36EA5}\RP6\A0003374.exe
27.8.2012 11:49:46 Odstraněno: Trojan.Win32.Agent.ftsi C:\System Volume Information\_restore{96CA4019-5871-4E92-BB26-30BFEDD36EA5}\RP6\A0003374.exe
27.8.2012 13:22:54 Zjištěno: not-a-virus:AdWare.Win32.AdMedia.zk F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNODUP 1.4.1.Beta.2.exe.mwt/TNODUP.exe
27.8.2012 13:22:55 Zjištěno: not-a-virus:AdWare.Win32.AdMedia.zk F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNODUP 1.4.1.Beta.2[1].exe.mwt/TNODUP.exe
27.8.2012 13:23:00 Zjištěno: not-a-virus:AdWare.Win32.AdMedia.zi F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNod User & Password Finder\TNODUP.exe.mwt
27.8.2012 13:25:10 Odstraněno: not-a-virus:AdWare.Win32.AdMedia.zk F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNODUP 1.4.1.Beta.2.exe.mwt
27.8.2012 13:25:10 Odstraněno: not-a-virus:AdWare.Win32.AdMedia.zi F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNod User & Password Finder\TNODUP.exe.mwt
27.8.2012 13:25:14 Zjištěno: not-a-virus:AdWare.Win32.AdMedia.zi F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNod User & Password Finder\TNODUP[1].exe.mwt
27.8.2012 13:25:19 Odstraněno: not-a-virus:AdWare.Win32.AdMedia.zk F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNODUP 1.4.1.Beta.2[1].exe.mwt
27.8.2012 13:25:23 Odstraněno: not-a-virus:AdWare.Win32.AdMedia.zi F:\Nová složka\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNod User & Password Finder\TNODUP[1].exe.mwt
27.8.2012 17:57:03 Zjištěno: Virus.Win32.Neshta.a G:\Python27\w9xpopen.exe
27.8.2012 17:57:21 Neošetřeno: Virus.Win32.Neshta.a G:\Python27\w9xpopen.exe Nelze dezinfikovat
27.8.2012 17:57:58 Nelze odstranit: Virus.Win32.Neshta.a G:\Python27\w9xpopen.exe Přístup byl odepřen
27.8.2012 17:57:58 Bude odstraněno při restartování systému: Virus.Win32.Neshta.a G:\Python27\w9xpopen.exe
27.8.2012 18:16:39 Zjištěno: not-a-virus:AdWare.Win32.Agent.xip K:\FFSetup185.zip/FFSetup185.exe/$PLUGINSDIR\eBay.exe/eBayShortcuts.exe
27.8.2012 18:16:56 Zjištěno: not-a-virus:AdWare.Win32.AdMedia.zk K:\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNODUP 1.4.1.Beta.2.exe.mwt/TNODUP.exe
27.8.2012 18:17:01 Zjištěno: not-a-virus:AdWare.Win32.AdMedia.zi K:\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNod User & Password Finder\TNODUP.exe.mwt
27.8.2012 18:55:10 Odstraněno: not-a-virus:AdWare.Win32.AdMedia.zk K:\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNODUP 1.4.1.Beta.2.exe.mwt
27.8.2012 18:55:11 Odstraněno: not-a-virus:AdWare.Win32.AdMedia.zi K:\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNod User & Password Finder\TNODUP.exe.mwt
27.8.2012 18:55:14 Odstraněno: not-a-virus:AdWare.Win32.Agent.xip K:\FFSetup185.zip/FFSetup185.exe
27.8.2012 19:11:19 Úloha byla dokončena

Příspěvekod **jaro3** » 28 srp 2012 10:36

Vše smaž.

Odinstaluj oba esety!!!

Vypni body obnovy , restart, po restartu si zase zapni body obnovy.

Stáhni si fre antivir:
Avira , Avast nebo AVG.

Vlož nový sken z OTL.

mafian · Příspěvekod **mafian** » 28 srp 2012 10:50

ješte se zeptám raději co všechno smazat a čím? počkat ty esety jsou asi jen nějaké zbytky a instalační soubory eset jsem měl nainstalované ale pak jsem měl problém s pc a tu jste mi řekly ať je smažu to jsem udělal takže mohu jen smazat jen ty zbytky.avg by měl být ok platil jsem za něj v servisu okolo 1tis.neřikej že mi podfoukly?protože už ten obchod zkrachoval ten bod obnovi udělám.

Příspěvekod **jaro3** » 28 srp 2012 11:23

Píšu o ESETU:
ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNODUP 1.4.1.Beta.2.exe.mwt/TNODUP.exe
27.8.2012 18:17:01 Zjištěno: not-a-virus:AdWare.Win32.AdMedia.zi K:\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit) 100% Works\Eset Smart Security 5 & ESET NOD32 Antivirus 5 CZ (x86,x64Bit)\3) TNODUP 1.4.1\TNod User & Password Finder\TNODUP.exe.mwt

ty jsou nelegální!

Použij tohle:
Uninstall NOD32:
http://www.nod32.nl/download/tool/nod32removal.exe

http://kb.eset.com/esetkb/index?page=co ... raft=false

ESS:
http://kb.eset.com/esetkb/index?page=content&id=SOLN93

mafian · Příspěvekod **mafian** » 28 srp 2012 11:29

jo ty samozřejmě ne promiň dneska jsem pomalejší jdu to nějak odstranit.

Příspěvekod **jaro3** » 28 srp 2012 11:32

mafian · Příspěvekod **mafian** » 28 srp 2012 12:36

OTL logfile created on: 28.8.2012 12:43:10 - Run 5
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 79,54% Memory free
5,09 Gb Paging File | 4,38 Gb Available in Paging File | 86,12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 30,85 Gb Free Space | 45,13% Space Free | Partition Type: NTFS
Drive D: | 59,63 Gb Total Space | 37,02 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
Drive F: | 337,77 Gb Total Space | 117,50 Gb Free Space | 34,79% Space Free | Partition Type: NTFS
Drive G: | 127,99 Gb Total Space | 46,30 Gb Free Space | 36,18% Space Free | Partition Type: NTFS
Drive I: | 68,36 Gb Total Space | 40,17 Gb Free Space | 58,76% Space Free | Partition Type: NTFS
Drive K: | 171,77 Gb Total Space | 42,56 Gb Free Space | 24,78% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 47,97 Gb Free Space | 49,12% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\uživatel\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe (Opera Software)
PRC - C:\Program Files\Opera\opera.exe (Opera Software)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe (Software602 a.s.)
PRC - C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
MOD - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (OODefragAgent) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (602XML Updater) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe (Software602 a.s.)
SRV - (Správce výběru OS) -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (PCIDump) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (AtiHDAudioService) -- C:\WINDOWS\system32\drivers\AtihdXP3.sys (Advanced Micro Devices)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (w810mdm) -- C:\WINDOWS\system32\drivers\w810mdm.sys (MCCI)
DRV - (w810mgmt) -- C:\WINDOWS\system32\drivers\w810mgmt.sys (MCCI)
DRV - (w810obex) -- C:\WINDOWS\system32\drivers\w810obex.sys (MCCI)
DRV - (w810bus) -- C:\WINDOWS\system32\drivers\w810bus.sys (MCCI)
DRV - (w810mdfl) -- C:\WINDOWS\system32\drivers\w810mdfl.sys (MCCI)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Lbd) -- C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)
DRV - (PAR1284) -- C:\WINDOWS\system32\Par1284.sys (Warp Nine Engineering)
DRV - (WinDriver6) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (amdide) -- C:\WINDOWS\system32\drivers\amdide.sys (Advanced Micro Devices)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)

[color=#E56717]========== Standard Registry (All) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.12.29 14:00:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.08.27 17:51:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\11.1.0.12\ [2012.07.09 15:19:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.27 17:50:36 | 000,000,000 | ---D | M]

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Software602 Form Filler (Enabled) = C:\Program Files\Software602\602XML\Filler\npfiller.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: 1Click Downloader = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.1_0\

O1 HOSTS File: ([2012.08.28 10:38:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\uživatel\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_27.08.2012_12-12.lnk = C:\Documents and Settings\uživatel\Plocha\Virus Removal Tool\setup_9.0.0.722_27.08.2012_12-12\startup.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0A2D612-9559-4215-AAD7-1B34697AC779}: NameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8B99982-EFB9-4C64-B43C-FA0CDD747D4D}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll File not found
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (OODBS)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012.08.28 10:51:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.08.28 10:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.08.28 09:08:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.08.28 09:08:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.08.28 09:08:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.08.28 09:08:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.08.28 09:07:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.08.28 09:07:13 | 004,738,846 | R--- | C] (Swearware) -- C:\Documents and Settings\uživatel\Plocha\ComboFix.exe
[2012.08.27 19:51:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\uživatel\Recent
[2012.08.27 17:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
[2012.08.27 15:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.27 15:56:40 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.27 11:23:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Plocha\Virus Removal Tool
[2012.08.26 19:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Plocha\RK_Quarantine
[2012.08.26 19:56:39 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2012.08.26 19:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012.08.26 19:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Lavasoft
[2012.08.26 19:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2012.08.25 17:24:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.08.24 14:15:53 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2012.08.21 10:21:04 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe
[2012.08.21 10:17:56 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\uživatel\Plocha\hijackthis.exe
[2012.08.20 09:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\sound
[2012.08.20 09:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\gfx
[2012.08.20 09:16:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Nabídka Start\Programy\Unlocker
[2012.08.20 09:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2012.08.19 16:03:45 | 000,093,696 | ---- | C] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Documents and Settings\uživatel\Dokumenty\KillBox-Beta.exe
[2012.08.17 12:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\winutilities.10.53_softarchive.net
[2012.08.17 12:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinUtilities
[2012.08.17 12:26:51 | 001,706,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2012.08.17 12:26:51 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\System32\wbocx.ocx
[2012.08.17 12:26:51 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2012.08.17 12:26:51 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2012.08.17 12:26:51 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\System32\anim.dll
[2012.08.17 12:26:51 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF32.DLL
[2012.08.17 12:26:51 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF16.DLL
[2012.08.17 12:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinUtilities
[2012.08.02 14:51:40 | 000,000,000 | ---D | C] -- C:\HostsXpert
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012.08.28 12:42:49 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2012.08.28 12:28:10 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.08.28 12:28:09 | 000,013,002 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.28 12:27:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.28 12:27:03 | 000,335,588 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2012.08.28 12:17:44 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.28 10:38:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.08.28 09:07:30 | 004,738,846 | R--- | M] (Swearware) -- C:\Documents and Settings\uživatel\Plocha\ComboFix.exe
[2012.08.28 08:56:19 | 105,088,910 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012.08.27 17:51:05 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 2012.lnk
[2012.08.27 15:56:04 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\RSIT.exe
[2012.08.27 11:24:33 | 000,002,232 | ---- | M] () -- C:\Documents and Settings\uživatel\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_27.08.2012_12-12.lnk
[2012.08.27 11:19:40 | 135,601,280 | ---- | M] ( ) -- C:\Documents and Settings\uživatel\Plocha\setup_9.0.0.722_27.08.2012_12-12.exe
[2012.08.26 20:22:16 | 000,000,110 | -H-- | M] () -- C:\aaw7boot.cmd
[2012.08.26 19:58:51 | 001,367,040 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\RogueKiller.exe
[2012.08.26 19:56:47 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
[2012.08.26 19:28:17 | 012,038,144 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Ad-Aware96Install.msi
[2012.08.26 16:21:03 | 000,507,328 | -HS- | M] () -- C:\WINDOWS\8696974drv.spi
[2012.08.25 17:39:03 | 000,000,128 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.SYL
[2012.08.25 17:31:32 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.08.25 17:25:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012.08.25 13:25:00 | 000,000,150 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
[2012.08.25 12:52:24 | 000,441,892 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012.08.21 10:21:07 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe
[2012.08.21 10:17:56 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\uživatel\Plocha\hijackthis.exe
[2012.08.20 09:33:17 | 000,002,421 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Nový objekt - Prezentace OpenDocument.odp
[2012.08.20 09:22:21 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Zástupce - BubbleBall.lnk
[2012.08.20 09:21:45 | 000,793,568 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\bubble ball.exe
[2012.08.20 09:16:24 | 001,665,985 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Unlocker1.9.1.exe
[2012.08.19 16:14:49 | 000,000,021 | ---- | M] () -- C:\WINDOWS\tpcsd
[2012.08.19 16:06:51 | 000,208,015 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\pinfect.zip
[2012.08.19 16:03:45 | 000,093,696 | ---- | M] (Option^Explicit Software vbtechcd@gmail.com) -- C:\Documents and Settings\uživatel\Dokumenty\KillBox-Beta.exe
[2012.08.17 12:26:54 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\WinUtilities.lnk
[2012.08.16 17:31:54 | 006,266,880 | ---- | M] () -- C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
[2012.08.15 10:35:43 | 000,201,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.04 15:16:28 | 000,002,343 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012.08.28 09:08:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.08.28 09:08:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.08.28 09:08:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.08.28 09:08:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.08.28 09:08:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.08.27 15:56:04 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\RSIT.exe
[2012.08.27 11:24:33 | 000,002,232 | ---- | C] () -- C:\Documents and Settings\uživatel\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_27.08.2012_12-12.lnk
[2012.08.27 11:13:32 | 135,601,280 | ---- | C] ( ) -- C:\Documents and Settings\uživatel\Plocha\setup_9.0.0.722_27.08.2012_12-12.exe
[2012.08.26 20:22:16 | 000,000,110 | -H-- | C] () -- C:\aaw7boot.cmd
[2012.08.26 20:06:53 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.08.26 19:58:51 | 001,367,040 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\RogueKiller.exe
[2012.08.26 19:56:47 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
[2012.08.26 19:27:49 | 012,038,144 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Ad-Aware96Install.msi
[2012.08.26 12:27:35 | 000,507,328 | -HS- | C] () -- C:\WINDOWS\8696974drv.spi
[2012.08.25 17:30:14 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.25 17:25:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012.08.20 09:33:17 | 000,002,421 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Nový objekt - Prezentace OpenDocument.odp
[2012.08.20 09:23:11 | 000,000,150 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
[2012.08.20 09:22:11 | 000,173,568 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\BubbleBall.exe
[2012.08.20 09:21:45 | 000,793,568 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\bubble ball.exe
[2012.08.20 09:16:23 | 001,665,985 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Unlocker1.9.1.exe
[2012.08.19 16:14:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\tpcsd
[2012.08.17 12:26:58 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\_WKERNEL.SYL
[2012.08.17 12:26:54 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\WinUtilities.lnk
[2012.08.17 12:26:51 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\shfolder.inf
[2012.05.13 16:46:11 | 006,266,880 | ---- | C] () -- C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
[2012.04.17 09:03:49 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
[2012.04.04 11:51:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012.02.27 20:05:14 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.02.27 20:05:13 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012.02.24 11:23:47 | 000,001,312 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
[2012.02.19 12:16:22 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\HMIPCore.dll
[2012.02.17 17:43:14 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
[2012.02.15 10:06:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.12 19:16:25 | 000,000,183 | ---- | C] () -- C:\WINDOWS\aimpr.ini
[2012.02.01 18:39:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\uživatel\netstat
[2012.01.29 18:28:59 | 000,000,054 | ---- | C] () -- C:\WINDOWS\RP121032.INI
[2012.01.29 18:28:57 | 000,008,937 | ---- | C] () -- C:\WINDOWS\dx121032.ini
[2012.01.29 18:28:57 | 000,007,851 | ---- | C] () -- C:\WINDOWS\NXEDL32.ini
[2012.01.29 18:28:57 | 000,001,053 | ---- | C] () -- C:\WINDOWS\SerialDV.INI
[2012.01.29 18:28:57 | 000,000,286 | ---- | C] () -- C:\WINDOWS\BTConnectUtility.ini
[2012.01.29 18:28:48 | 000,001,336 | ---- | C] () -- C:\WINDOWS\ExceptionReport.ini
[2012.01.29 18:28:48 | 000,001,198 | ---- | C] () -- C:\WINDOWS\xVDSClientCntrl.ini
[2012.01.29 18:28:48 | 000,000,583 | ---- | C] () -- C:\WINDOWS\xVDSMgr.ini
[2012.01.29 18:26:54 | 000,000,617 | ---- | C] () -- C:\WINDOWS\ECULP.ini
[2012.01.29 18:26:52 | 000,000,191 | ---- | C] () -- C:\WINDOWS\FaultMon.INI
[2012.01.29 18:26:50 | 000,569,439 | ---- | C] () -- C:\WINDOWS\System32\JDLegacyCfgReader.dll
[2012.01.29 18:25:27 | 000,001,399 | ---- | C] () -- C:\WINDOWS\PayloadProcessor.Ini
[2012.01.29 18:24:28 | 000,479,232 | ---- | C] () -- C:\WINDOWS\System32\JDMemAccessController.dll
[2012.01.29 18:24:28 | 000,323,657 | ---- | C] () -- C:\WINDOWS\System32\JDComm.dll
[2012.01.29 18:24:28 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\JDPFController.dll
[2012.01.29 18:24:28 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\JDPhoenixController.dll
[2012.01.29 18:24:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\JDEnhancedSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDJDOW.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDJDCFD.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDHarvestorWorks.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSupplierSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSimpleSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSimple2Security.dll
[2012.01.29 18:24:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PWDPhoenix.dll
[2012.01.29 18:23:26 | 000,221,255 | ---- | C] () -- C:\WINDOWS\System32\JDLog.dll
[2012.01.29 18:23:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\JDNetCommSerial.dll
[2012.01.29 18:23:26 | 000,168,011 | ---- | C] () -- C:\WINDOWS\System32\JDError.dll
[2012.01.29 18:21:25 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\VersionInfo.dll
[2012.01.29 18:21:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JDBinaryRecords.dll
[2012.01.29 18:21:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\JDArrayUtils.dll
[2012.01.29 18:21:24 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\JDHarvesterController.dll
[2012.01.29 18:21:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\JDPlus1Controller.dll
[2012.01.15 13:29:30 | 000,000,055 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2012.01.13 19:44:36 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012.01.08 19:15:41 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.12.31 16:52:34 | 000,000,111 | ---- | C] () -- C:\WINDOWS\posta2.ini
[2011.12.31 16:14:53 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\uživatel\default.pls
[2011.12.31 11:00:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.29 13:29:12 | 000,004,952 | ---- | C] () -- C:\WINDOWS\BOOTFONT.BIN
[2011.12.28 17:17:24 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS53.DLL
[2011.12.28 12:28:42 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.12.28 12:28:32 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2011.12.28 12:28:32 | 000,601,728 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.12.28 12:23:06 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011.12.28 12:12:22 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.12.28 12:11:04 | 000,201,736 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.28 11:25:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.12.28 11:21:49 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011.12.29 12:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2012.07.09 15:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
[2012.03.29 21:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.12.28 17:17:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.03.29 20:58:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.06.29 19:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Copernic
[2012.02.19 12:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
[2012.02.19 12:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy 5.1.4.8_Crack_HideIPEasy.exe
[2011.12.31 21:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.03.22 21:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.03.22 21:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2012.04.05 11:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2012.01.15 12:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FTWeak
[2012.02.19 12:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HideIPEasy
[2012.04.15 16:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.08.28 08:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2012.01.29 18:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Service ADVISOR
[2012.05.12 10:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.05.12 10:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[2012.02.13 15:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2012.08.16 17:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.04.04 10:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2012.04.08 15:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\602Installer
[2012.04.08 15:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\602XML
[2012.05.05 17:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\AVG
[2012.05.23 19:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\AVG Secure Search
[2012.03.29 21:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\AVG2012
[2012.06.29 19:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Copernic
[2012.02.19 12:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
[2012.02.19 12:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy 5.1.4.8_Crack_HideIPEasy.exe
[2012.08.20 14:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\DAEMON Tools Lite
[2012.04.09 12:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Dropbox
[2012.04.05 11:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Epson
[2012.01.15 12:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\FTweak
[2012.02.19 12:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\HideIPEasy
[2012.05.12 10:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\ICQ
[2012.04.28 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Nuclear Coffee
[2012.02.04 10:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\OpenCandy
[2012.02.13 22:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\OpenOffice.org
[2012.07.09 10:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Opera
[2012.02.21 15:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Posta
[2012.01.23 20:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Product_RM
[2012.01.23 21:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Registry Mechanic
[2012.05.24 19:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\searchresultstb
[2012.02.13 15:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Teleca
[2012.01.10 20:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Trine2
[2012.01.08 17:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Ubisoft
[2012.03.15 19:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Updatem
[2012.01.29 14:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\VitySoft
[2012.07.13 19:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Vso
[2012.08.28 12:28:10 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012.08.28 12:26:44 | 000,032,624 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

ten log extras zase neni i když jsem dal prohledat pc tak ho nikde vyhledávání nenešlo

Příspěvekod **jaro3** » 29 srp 2012 11:13

Hm to je divný.

avg by měl být ok platil jsem za něj v servisu okolo 1tis.neřikej že mi podfoukly?protože už ten obchod zkrachoval ten bod obnovi udělám.

AVG2012 je zadarmo ne? Sis ho mohl nainstalovat sám a zadarmo.

Odinstaluj:
Lavasoft\Ad-Aware

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (PCIDump) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes,DefaultScope =
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll File not found
O1 HOSTS File: ([2012.08.28 10:38:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job 
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\SWREG.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\SWXCACLS.exe
C:\WINDOWS\NIRCMD.exe
C:\Documents and Settings\uživatel\Plocha\ComboFix.exe
C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe
C:\Documents and Settings\uživatel\Dokumenty\KillBox-Beta.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\uživatel\Plocha\RogueKiller.exe
C:\WINDOWS\8696974drv.spi
C:\WINDOWS\ativpsrm.bin
C:\Documents and Settings\uživatel\Dokumenty\pinfect.zip
C:\WINDOWS\PEV.exe
C:\WINDOWS\MBR.exe
C:\WINDOWS\sed.exe
C:\WINDOWS\grep.exe
C:\WINDOWS\zip.exe

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

C:\Documents and Settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
C:\Documents and Settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy5.1.4.8_Crack_HideIPEasy.exe
to si zase smaž!

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

mafian · Příspěvekod **mafian** » 29 srp 2012 14:08

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ deleted successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\PerfStringBackup.TMP moved successfully.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Ad-Aware Update (Weekly).job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\SWREG.exe moved successfully.
C:\WINDOWS\SWSC.exe moved successfully.
C:\WINDOWS\SWXCACLS.exe moved successfully.
C:\WINDOWS\NIRCMD.exe moved successfully.
C:\Documents and Settings\uživatel\Plocha\ComboFix.exe moved successfully.
C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe moved successfully.
C:\Documents and Settings\uživatel\Dokumenty\KillBox-Beta.exe moved successfully.
File\Folder [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] not found.
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\uživatel\Plocha\RogueKiller.exe moved successfully.
C:\WINDOWS\8696974drv.spi moved successfully.
C:\WINDOWS\ativpsrm.bin moved successfully.
C:\Documents and Settings\uživatel\Dokumenty\pinfect.zip moved successfully.
C:\WINDOWS\PEV.exe moved successfully.
C:\WINDOWS\MBR.exe moved successfully.
C:\WINDOWS\sed.exe moved successfully.
C:\WINDOWS\grep.exe moved successfully.
C:\WINDOWS\zip.exe moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: User

User: uivatel

User: uživatel
->Temp folder emptied: 674871 bytes
->Temporary Internet Files folder emptied: 6925085 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1431 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17059 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3072 bytes

Total Files Cleaned = 7,00 mb

OTL by OldTimer - Version 3.2.59.1 log created on 08292012_140608

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\uživatel\Local Settings\Temp\Perflib_Perfdata_488.dat not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_27c.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL logfile created on: 29.8.2012 14:11:42 - Run 6
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 79,69% Memory free
5,09 Gb Paging File | 4,50 Gb Available in Paging File | 88,40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 30,06 Gb Free Space | 43,97% Space Free | Partition Type: NTFS
Drive D: | 59,63 Gb Total Space | 37,02 Gb Free Space | 62,09% Space Free | Partition Type: NTFS
Drive F: | 337,77 Gb Total Space | 117,50 Gb Free Space | 34,79% Space Free | Partition Type: NTFS
Drive G: | 127,99 Gb Total Space | 46,30 Gb Free Space | 36,18% Space Free | Partition Type: NTFS
Drive I: | 68,36 Gb Total Space | 40,17 Gb Free Space | 58,76% Space Free | Partition Type: NTFS
Drive K: | 171,77 Gb Total Space | 42,56 Gb Free Space | 24,78% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 47,97 Gb Free Space | 49,12% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\uživatel\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe (Opera Software)
PRC - C:\Program Files\Opera\opera.exe (Opera Software)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe (Software602 a.s.)
PRC - C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
MOD - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (OODefragAgent) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (602XML Updater) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe (Software602 a.s.)
SRV - (Správce výběru OS) -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (AtiHDAudioService) -- C:\WINDOWS\system32\drivers\AtihdXP3.sys (Advanced Micro Devices)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (w810mdm) -- C:\WINDOWS\system32\drivers\w810mdm.sys (MCCI)
DRV - (w810mgmt) -- C:\WINDOWS\system32\drivers\w810mgmt.sys (MCCI)
DRV - (w810obex) -- C:\WINDOWS\system32\drivers\w810obex.sys (MCCI)
DRV - (w810bus) -- C:\WINDOWS\system32\drivers\w810bus.sys (MCCI)
DRV - (w810mdfl) -- C:\WINDOWS\system32\drivers\w810mdfl.sys (MCCI)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (PAR1284) -- C:\WINDOWS\system32\Par1284.sys (Warp Nine Engineering)
DRV - (WinDriver6) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (amdide) -- C:\WINDOWS\system32\drivers\amdide.sys (Advanced Micro Devices)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.08.27 17:51:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\11.1.0.12\ [2012.07.09 15:19:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.27 17:50:36 | 000,000,000 | ---D | M]

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\u\u017Eivatel\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Software602 Form Filler (Enabled) = C:\Program Files\Software602\602XML\Filler\npfiller.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: 1Click Downloader = C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.1_0\

O1 HOSTS File: ([2012.08.29 14:06:11 | 000,000,002 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0A2D612-9559-4215-AAD7-1B34697AC779}: NameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8B99982-EFB9-4C64-B43C-FA0CDD747D4D}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - Reg Error: Value error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (OODBS)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012.08.28 16:57:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\uživatel\Recent
[2012.08.28 10:51:20 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.08.28 10:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.08.28 09:07:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.08.27 17:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
[2012.08.27 15:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.27 15:56:40 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.26 19:58:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Plocha\RK_Quarantine
[2012.08.26 19:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2012.08.25 17:24:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.08.24 14:15:53 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2012.08.21 10:17:56 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\uživatel\Plocha\hijackthis.exe
[2012.08.20 09:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\sound
[2012.08.20 09:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\gfx
[2012.08.20 09:16:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Nabídka Start\Programy\Unlocker
[2012.08.20 09:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2012.08.17 12:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\winutilities.10.53_softarchive.net
[2012.08.17 12:26:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinUtilities
[2012.08.17 12:26:51 | 001,706,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2012.08.17 12:26:51 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\System32\wbocx.ocx
[2012.08.17 12:26:51 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicows.dll
[2012.08.17 12:26:51 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2012.08.17 12:26:51 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\System32\anim.dll
[2012.08.17 12:26:51 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF32.DLL
[2012.08.17 12:26:51 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\W95INF16.DLL
[2012.08.17 12:26:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinUtilities
[2012.08.02 14:51:40 | 000,000,000 | ---D | C] -- C:\HostsXpert
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012.08.29 14:08:08 | 000,013,002 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.29 14:07:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.29 14:07:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012.08.29 14:07:14 | 000,344,520 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2012.08.29 14:06:11 | 000,000,002 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.08.29 13:21:52 | 105,215,959 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012.08.29 13:21:14 | 000,000,150 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
[2012.08.28 20:52:02 | 000,441,892 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012.08.28 19:34:48 | 649,883,285 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Strasidla ze Spessartu.part02.rar
[2012.08.28 19:06:46 | 734,003,750 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Strasidla ze Spessartu.part01.rar
[2012.08.28 16:58:38 | 000,000,128 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.SYL
[2012.08.28 12:42:49 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2012.08.27 17:51:05 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 2012.lnk
[2012.08.27 15:56:04 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\RSIT.exe
[2012.08.27 11:19:40 | 135,601,280 | ---- | M] ( ) -- C:\Documents and Settings\uživatel\Plocha\setup_9.0.0.722_27.08.2012_12-12.exe
[2012.08.26 20:22:16 | 000,000,110 | -H-- | M] () -- C:\aaw7boot.cmd
[2012.08.26 19:28:17 | 012,038,144 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Ad-Aware96Install.msi
[2012.08.25 17:31:32 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.08.21 10:17:56 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\uživatel\Plocha\hijackthis.exe
[2012.08.20 09:33:17 | 000,002,421 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Nový objekt - Prezentace OpenDocument.odp
[2012.08.20 09:22:21 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Zástupce - BubbleBall.lnk
[2012.08.20 09:21:45 | 000,793,568 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\bubble ball.exe
[2012.08.20 09:16:24 | 001,665,985 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\Unlocker1.9.1.exe
[2012.08.19 16:14:49 | 000,000,021 | ---- | M] () -- C:\WINDOWS\tpcsd
[2012.08.17 12:26:54 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\WinUtilities.lnk
[2012.08.16 17:31:54 | 006,266,880 | ---- | M] () -- C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
[2012.08.15 10:35:43 | 000,201,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.04 15:16:28 | 000,002,343 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012.08.29 14:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012.08.28 19:06:52 | 649,883,285 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Strasidla ze Spessartu.part02.rar
[2012.08.28 18:31:58 | 734,003,750 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Strasidla ze Spessartu.part01.rar
[2012.08.27 15:56:04 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\RSIT.exe
[2012.08.27 11:13:32 | 135,601,280 | ---- | C] ( ) -- C:\Documents and Settings\uživatel\Plocha\setup_9.0.0.722_27.08.2012_12-12.exe
[2012.08.26 20:22:16 | 000,000,110 | -H-- | C] () -- C:\aaw7boot.cmd
[2012.08.26 19:27:49 | 012,038,144 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Ad-Aware96Install.msi
[2012.08.20 09:33:17 | 000,002,421 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Nový objekt - Prezentace OpenDocument.odp
[2012.08.20 09:23:11 | 000,000,150 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\HighScore.hsc
[2012.08.20 09:22:11 | 000,173,568 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\BubbleBall.exe
[2012.08.20 09:21:45 | 000,793,568 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\bubble ball.exe
[2012.08.20 09:16:23 | 001,665,985 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\Unlocker1.9.1.exe
[2012.08.19 16:14:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\tpcsd
[2012.08.17 12:26:58 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\_WKERNEL.SYL
[2012.08.17 12:26:54 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\WinUtilities.lnk
[2012.08.17 12:26:51 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\shfolder.inf
[2012.05.13 16:46:11 | 006,266,880 | ---- | C] () -- C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
[2012.04.17 09:03:49 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
[2012.04.04 11:51:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012.02.27 20:05:14 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.02.27 20:05:13 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012.02.24 11:23:47 | 000,001,312 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
[2012.02.19 12:16:22 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\HMIPCore.dll
[2012.02.17 17:43:14 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
[2012.02.15 10:06:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.12 19:16:25 | 000,000,183 | ---- | C] () -- C:\WINDOWS\aimpr.ini
[2012.02.01 18:39:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\uživatel\netstat
[2012.01.29 18:28:59 | 000,000,054 | ---- | C] () -- C:\WINDOWS\RP121032.INI
[2012.01.29 18:28:57 | 000,008,937 | ---- | C] () -- C:\WINDOWS\dx121032.ini
[2012.01.29 18:28:57 | 000,007,851 | ---- | C] () -- C:\WINDOWS\NXEDL32.ini
[2012.01.29 18:28:57 | 000,001,053 | ---- | C] () -- C:\WINDOWS\SerialDV.INI
[2012.01.29 18:28:57 | 000,000,286 | ---- | C] () -- C:\WINDOWS\BTConnectUtility.ini
[2012.01.29 18:28:48 | 000,001,336 | ---- | C] () -- C:\WINDOWS\ExceptionReport.ini
[2012.01.29 18:28:48 | 000,001,198 | ---- | C] () -- C:\WINDOWS\xVDSClientCntrl.ini
[2012.01.29 18:28:48 | 000,000,583 | ---- | C] () -- C:\WINDOWS\xVDSMgr.ini
[2012.01.29 18:26:54 | 000,000,617 | ---- | C] () -- C:\WINDOWS\ECULP.ini
[2012.01.29 18:26:52 | 000,000,191 | ---- | C] () -- C:\WINDOWS\FaultMon.INI
[2012.01.29 18:26:50 | 000,569,439 | ---- | C] () -- C:\WINDOWS\System32\JDLegacyCfgReader.dll
[2012.01.29 18:25:27 | 000,001,399 | ---- | C] () -- C:\WINDOWS\PayloadProcessor.Ini
[2012.01.29 18:24:28 | 000,479,232 | ---- | C] () -- C:\WINDOWS\System32\JDMemAccessController.dll
[2012.01.29 18:24:28 | 000,323,657 | ---- | C] () -- C:\WINDOWS\System32\JDComm.dll
[2012.01.29 18:24:28 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\JDPFController.dll
[2012.01.29 18:24:28 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\JDPhoenixController.dll
[2012.01.29 18:24:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\JDEnhancedSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDJDOW.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDJDCFD.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDHarvestorWorks.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSupplierSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSimpleSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSimple2Security.dll
[2012.01.29 18:24:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PWDPhoenix.dll
[2012.01.29 18:23:26 | 000,221,255 | ---- | C] () -- C:\WINDOWS\System32\JDLog.dll
[2012.01.29 18:23:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\JDNetCommSerial.dll
[2012.01.29 18:23:26 | 000,168,011 | ---- | C] () -- C:\WINDOWS\System32\JDError.dll
[2012.01.29 18:21:25 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\VersionInfo.dll
[2012.01.29 18:21:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JDBinaryRecords.dll
[2012.01.29 18:21:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\JDArrayUtils.dll
[2012.01.29 18:21:24 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\JDHarvesterController.dll
[2012.01.29 18:21:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\JDPlus1Controller.dll
[2012.01.15 13:29:30 | 000,000,055 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2012.01.13 19:44:36 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012.01.08 19:15:41 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.12.31 16:52:34 | 000,000,111 | ---- | C] () -- C:\WINDOWS\posta2.ini
[2011.12.31 16:14:53 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\uživatel\default.pls
[2011.12.31 11:00:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.29 13:29:12 | 000,004,952 | ---- | C] () -- C:\WINDOWS\BOOTFONT.BIN
[2011.12.28 17:17:24 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS53.DLL
[2011.12.28 12:28:42 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.12.28 12:28:32 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2011.12.28 12:28:32 | 000,601,728 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.12.28 12:23:06 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011.12.28 12:12:22 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.12.28 12:11:04 | 000,201,736 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.28 11:25:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.12.28 11:21:49 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2012.01.27 21:25:23 | 141,333,296 | ---- | M] () -- C:\mwav.exe

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

[color=#A23BEC]< MD5 for: AHCIX86.SYS >[/color]
[2009.04.08 23:46:22 | 000,189,968 | ---- | M] (Advanced Micro Devices, Inc) MD5=3936A49ECB74CF23BBB6979CD683DD56 -- C:\Documents and Settings\uživatel\Plocha\SB750\x86\ahcix86.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

tak snad je to vše no v tom případě si vzali za nainstalování a vyčištění pc oněch cca1tis no příště budu chytřejší.prosím o rady co stím dále.děkuji

Příspěvekod **jaro3** » 29 srp 2012 23:42

Nemáš zač!
Máš zkušenost.

Spusť OTL a klikni na Vyčisti.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

mafian · Příspěvekod **mafian** » 30 srp 2012 09:04

tak jsem dal vyčistit a problém pořád stejný jakmile chci spustit nějaký program tak hned avg začne řvát že v tom je vir nemůže to být přímo v avg?

prosím o kontrolu vir worm/delf.ff Vyřešeno

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Re: prosím o kontrolu vir worm/delf.ff

Kdo je online