ComboFix 10-03-01.04 - JARA_2 02.03.2010  17:56:18.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.420.1029.18.3071.2034 [GMT 1:00]
Sputn z: c:\users\JARA_2\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1497842182-775629098-4108401540-1000
c:\program files\temp
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\JARA_2\AppData\Roaming\inst.exe
c:\windows\system32\~.inf
c:\windows\system32\sqlite3.dll

----- BITS: Mon infikovan strnky -----

hxxp://armmf.adobe.com
.
(((((((((((((((((((((((((   Soubory vytvoen od 2010-02-02 do 2010-03-02  )))))))))))))))))))))))))))))))
.

2010-03-02 17:03 . 2010-03-02 17:08	--------	d-----w-	c:\users\JARA_2\AppData\Local\temp
2010-03-02 17:03 . 2010-03-02 17:03	--------	d-----w-	c:\users\Guest\AppData\Local\temp
2010-03-02 17:03 . 2010-03-02 17:03	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-03-02 03:35 . 2010-03-02 08:03	--------	d--h--w-	c:\temp\dvmexp
2010-03-02 03:35 . 2010-03-02 03:35	--------	d-----w-	C:\dvmexp
2010-03-01 15:31 . 2010-03-01 15:31	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\skypePM
2010-03-01 15:01 . 2010-03-02 03:36	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----w-	c:\program files\Common Files\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----r-	c:\program files\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----w-	c:\programdata\Skype
2010-03-01 12:39 . 2010-03-02 16:20	--------	d-----w-	c:\programdata\IObit
2010-03-01 11:13 . 2010-03-02 16:20	--------	d-----w-	c:\program files\IObit
2010-03-01 11:13 . 2010-03-01 12:19	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\IObit
2010-03-01 04:59 . 2010-03-01 04:59	--------	d-----w-	c:\program files\Lavalys
2010-02-27 22:49 . 2010-02-27 22:49	--------	d-----w-	C:\inetpub
2010-02-26 23:01 . 2010-02-27 22:02	--------	d-----w-	c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-02-26 23:01 . 2010-02-27 22:02	--------	d-----w-	c:\program files\SDHelper (Spybot - Search & Destroy)
2010-02-26 23:01 . 2010-02-27 22:02	--------	d-----w-	c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-02-26 22:53 . 2010-02-27 07:49	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-02-26 22:35 . 2010-02-27 22:02	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GetRightToGo
2010-02-24 11:17 . 2010-02-24 11:17	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Thinstall
2010-02-24 11:17 . 2010-02-24 11:17	--------	d-----w-	c:\users\JARA_2\AppData\Local\Thinstall
2010-02-24 01:31 . 2009-12-13 09:30	641536	----a-w-	c:\windows\system32\CPFilters.dll
2010-02-24 01:31 . 2009-12-13 09:30	465408	----a-w-	c:\windows\system32\psisdecd.dll
2010-02-24 01:31 . 2009-12-13 09:29	417792	----a-w-	c:\windows\system32\msdri.dll
2010-02-24 01:31 . 2010-02-02 07:45	2048	----a-w-	c:\windows\system32\tzres.dll
2010-02-21 08:51 . 2010-02-21 08:54	--------	d-----w-	c:\program files\Ashampoo
2010-02-20 17:16 . 2010-02-20 17:16	--------	d-----w-	c:\program files\Gabest
2010-02-20 17:16 . 2010-02-20 17:16	--------	d-----w-	c:\program files\Xvid
2010-02-20 17:16 . 2006-11-01 13:54	180224	----a-w-	c:\windows\system32\xvidvfw.dll
2010-02-20 17:16 . 2006-11-01 13:52	765952	----a-w-	c:\windows\system32\xvidcore.dll
2010-02-20 17:15 . 2010-02-20 17:15	--------	d-----w-	c:\program files\AviSynth 2.5
2010-02-20 17:13 . 2010-02-21 06:20	--------	d-----w-	c:\program files\AVI ReComp
2010-02-20 17:08 . 2010-02-20 17:08	--------	d-----w-	c:\program files\JockerSoft
2010-02-12 11:06 . 2010-03-01 14:00	--------	d-----w-	C:\TRANSLAT
2010-02-12 11:06 . 2010-03-01 14:00	--------	d-----w-	c:\programdata\LangSoft
2010-02-12 11:04 . 2010-03-01 13:32	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\LangSoft
2010-02-10 02:17 . 2009-12-19 09:02	1328640	----a-w-	c:\windows\system32\quartz.dll
2010-02-10 02:17 . 2009-12-19 09:02	31744	----a-w-	c:\windows\system32\msvidc32.dll
2010-02-10 02:17 . 2009-12-19 09:02	84480	----a-w-	c:\windows\system32\mciavi32.dll
2010-02-10 02:17 . 2009-12-19 09:02	91648	----a-w-	c:\windows\system32\avifil32.dll
2010-02-07 19:36 . 2010-02-07 19:36	--------	d-----w-	c:\users\JARA_2\AppData\Local\Apps
2010-02-07 12:49 . 2010-02-07 12:49	--------	d-----w-	c:\programdata\ChessBase
2010-02-07 12:36 . 2010-02-07 12:37	--------	d-----w-	c:\program files\ChessBase
2010-02-07 08:46 . 2009-09-02 15:41	102439	----a-w-	c:\windows\system32\sipr3260.dll
2010-02-07 06:34 . 2010-02-07 06:34	--------	d-----w-	c:\programdata\vsosdk
2010-02-07 05:56 . 2010-03-01 18:42	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Vso
2010-02-07 05:56 . 2010-02-07 05:56	47360	----a-w-	c:\windows\system32\drivers\pcouffin.sys
2010-02-07 05:56 . 2007-03-18 20:37	65602	----a-w-	c:\windows\system32\cook3260.dll
2010-02-07 05:56 . 2006-09-29 12:26	176165	----a-w-	c:\windows\system32\drv23260.dll
2010-02-07 05:56 . 2006-09-29 12:25	208935	----a-w-	c:\windows\system32\drv33260.dll
2010-02-07 05:56 . 2006-09-29 12:24	217127	----a-w-	c:\windows\system32\drv43260.dll
2010-02-07 05:56 . 2010-02-07 08:56	--------	d-----w-	c:\program files\VSO
2010-01-31 21:28 . 2010-02-26 04:20	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\F-Secure
2010-01-31 21:21 . 2010-01-31 21:35	33920	----a-w-	c:\windows\system32\drivers\fsbts.sys
2010-01-31 21:21 . 2008-12-04 13:57	35552	----a-w-	c:\windows\system32\drivers\fses.sys
2010-01-31 21:21 . 2008-12-04 13:57	70944	----a-w-	c:\windows\system32\drivers\fsdfw.sys
2010-01-31 21:21 . 2008-12-04 14:03	572512	----a-w-	c:\windows\system32\msvcp50.dll
2010-01-31 21:19 . 2010-03-02 16:05	--------	d-----w-	c:\program files\F-Secure
2010-01-31 21:15 . 2010-01-31 21:19	--------	d-----w-	c:\programdata\fssg
2010-01-31 21:13 . 2010-01-31 21:20	--------	d-----w-	c:\programdata\f-secure

.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-02 07:57 . 2009-08-26 09:31	661510	----a-w-	c:\windows\system32\perfh005.dat
2010-03-02 07:57 . 2009-08-26 09:31	138088	----a-w-	c:\windows\system32\perfc005.dat
2010-03-01 15:31 . 2010-03-01 15:31	56	---ha-w-	c:\programdata\ezsidmv.dat
2010-03-01 14:00 . 2010-02-12 11:07	299008	----a-w-	c:\programdata\LangSoft\TrnWord.dll
2010-03-01 14:00 . 2010-02-12 11:07	798771	----a-w-	c:\programdata\LangSoft\WebIE.dll
2010-03-01 14:00 . 2010-02-12 11:07	356352	----a-w-	c:\programdata\LangSoft\TrnOutl.dll
2010-03-01 08:57 . 2010-03-01 08:58	509552	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtb6D29.tmp.exe
2010-02-27 22:02 . 2010-01-06 08:39	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\PDFCreator
2010-02-27 22:02 . 2009-10-23 03:41	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\OpenOffice.org2
2010-02-27 22:02 . 2009-10-31 18:58	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GHISLER
2010-02-27 22:02 . 2009-08-05 20:52	--------	d-----w-	c:\programdata\P4G
2010-02-27 22:01 . 2009-11-25 19:42	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\OpenOffice.org
2010-02-27 22:01 . 2009-11-24 18:52	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\ChessBase
2010-02-24 08:16 . 2009-10-31 16:15	181632	------w-	c:\windows\system32\MpSigStub.exe
2010-02-15 03:57 . 2009-12-02 17:12	--------	d-----w-	c:\program files\QuickMediaConverter
2010-02-10 02:28 . 2009-08-05 19:43	--------	d-----w-	c:\programdata\Microsoft Help
2010-02-07 12:49 . 2010-02-07 12:49	--------	d-----w-	c:\programdata\ChessBase
2010-02-07 12:37 . 2010-01-02 01:24	126496	----a-w-	c:\users\JARA_2\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-07 12:37 . 2010-02-07 12:36	--------	d-----w-	c:\program files\ChessBase
2010-02-07 08:55 . 2010-02-07 05:56	47360	----a-w-	c:\users\JARA_2\AppData\Roaming\pcouffin.sys
2010-02-07 08:55 . 2010-02-07 05:56	47360	----a-w-	c:\users\JARA_2\AppData\Roaming\pcouffin.sys
2010-01-31 04:26 . 2010-01-31 04:26	--------	d-----w-	c:\program files\CCleaner
2010-01-30 20:36 . 2010-01-30 20:36	--------	d-----w-	c:\programdata\Agnitum
2010-01-30 14:54 . 2010-01-30 14:53	--------	d-----w-	c:\program files\Ultimate Process Manager
2010-01-21 03:04 . 2009-11-24 19:36	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-10 02:16	365568	----a-w-	c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 02:16	85504	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 02:16	85504	----a-w-	c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 02:16	369152	----a-w-	c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 02:16	324608	----a-w-	c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 02:16	277504	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 02:16	320512	----a-w-	c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 02:16	280064	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2010-01-14 03:30 . 2009-10-22 09:27	--------	d-----w-	c:\program files\Common Files\Adobe
2010-01-13 11:33 . 2010-01-13 11:33	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Actecom
2010-01-08 03:18 . 2010-02-10 02:16	221184	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 02:16	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 06:53 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Sidebar
2010-01-07 06:53 . 2009-07-14 02:37	--------	d-----w-	c:\program files\Windows Mail
2010-01-07 06:53 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Photo Viewer
2010-01-07 06:53 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Defender
2010-01-06 07:46 . 2010-01-06 07:46	--------	d-----w-	c:\program files\PDFCreator
2010-01-06 07:24 . 2010-01-03 03:06	353609	----a-w-	c:\windows\system32\~.tmp
2010-01-05 19:20 . 2009-07-14 04:52	--------	d-----w-	c:\program files\DVD Maker
2010-01-02 17:04 . 2009-08-05 19:56	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-01-02 17:04 . 2009-08-05 19:57	--------	d-----w-	c:\programdata\CyberLink
2010-01-02 17:02 . 2009-08-05 19:57	36864	----a-w-	c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-01-02 16:30 . 2009-08-05 20:26	--------	d-----w-	c:\program files\ASUS
2010-01-02 16:03 . 2010-01-02 16:03	--------	d-----w-	c:\program files\ATKGFNEX
2010-01-02 15:18 . 2009-10-22 15:29	--------	d-----w-	c:\programdata\ASUS
2010-01-02 15:16 . 2010-01-02 15:16	30264	----a-w-	c:\windows\system32\drivers\AsDsm.sys
2010-01-02 14:42 . 2010-01-02 14:42	--------	d-----w-	c:\programdata\BVRP Software
2010-01-02 13:27 . 2009-08-05 20:29	--------	d-----w-	c:\program files\Multimedia Card Reader
2010-01-02 13:27 . 2010-01-02 12:59	--------	d-----w-	c:\program files\AmIcoSingLun
2010-01-02 11:49 . 2009-08-05 20:40	--------	d-----w-	c:\programdata\Atheros
2010-01-02 11:49 . 2010-01-02 11:49	--------	d-----w-	c:\program files\Atheros
2010-01-01 23:35 . 2009-11-02 11:05	125696	----a-w-	c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-01-01 21:28 . 2010-01-01 21:28	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Search Settings
2010-01-01 21:18 . 2010-01-01 21:18	--------	d-sh--we	c:\programdata\Plocha
2010-01-01 21:18 . 2010-01-01 21:18	--------	d-sh--we	c:\programdata\Oblben poloky
2010-01-01 21:18 . 2010-01-01 21:18	--------	d-sh--we	c:\programdata\ablony
2010-01-01 21:18 . 2010-01-01 21:18	--------	d-sh--we	c:\programdata\Nabdka Start
2010-01-01 21:18 . 2010-01-01 21:18	--------	d-sh--we	c:\programdata\Dokumenty
2010-01-01 21:18 . 2010-01-01 21:18	--------	d-sh--we	c:\programdata\Data aplikac
2010-01-01 20:07 . 2010-01-01 20:07	21496	----a-w-	c:\windows\system32\emptyregdb.dat
2010-01-01 19:52 . 2009-10-29 11:14	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Teleca
2010-01-01 19:52 . 2010-01-01 14:25	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\InstallShield
2010-01-01 19:52 . 2009-12-24 05:46	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Ashampoo
2010-01-01 19:52 . 2009-12-24 05:24	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\CyberLink
2010-01-01 19:52 . 2009-11-21 13:08	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\DivX
2010-01-01 19:52 . 2009-10-22 15:25	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Leadertech
2010-01-01 19:52 . 2009-10-22 13:23	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\ATI
2010-01-01 19:52 . 2009-10-31 18:56	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Ahead
2010-01-01 19:52 . 2009-10-22 15:31	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Apple Computer
2010-01-01 19:52 . 2009-11-15 18:33	--------	d-----w-	c:\users\Guest\AppData\Roaming\Teleca
2010-01-01 19:51 . 2009-11-15 18:56	--------	d-----w-	c:\users\Guest\AppData\Roaming\Ahead
2010-01-01 19:51 . 2009-11-15 18:33	--------	d-----w-	c:\users\Guest\AppData\Roaming\ATI
2010-01-01 19:40 . 2009-12-24 05:46	--------	d-----w-	c:\programdata\page
2010-01-01 19:40 . 2009-12-19 15:26	--------	d-----w-	c:\programdata\WindowsSearch
2010-01-01 19:40 . 2009-12-02 17:48	--------	d-----w-	c:\programdata\QuickMediaConverter
2010-01-01 19:40 . 2009-08-05 19:59	--------	d-----w-	c:\programdata\Symantec
2010-01-01 19:40 . 2009-08-05 19:51	--------	d-----w-	c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2010-01-01 19:40 . 2009-11-27 02:03	--------	d-----w-	c:\programdata\Motive
2010-01-01 19:40 . 2009-10-31 15:43	--------	d-----w-	c:\programdata\Nero
2010-01-01 19:38 . 2009-10-31 15:43	--------	d-----w-	c:\program files\Nero
2010-01-01 19:38 . 2009-07-14 04:52	--------	d-----w-	c:\program files\MSBuild
2010-01-01 19:38 . 2009-10-31 15:16	--------	d-----w-	c:\program files\Microsoft Works
2010-01-01 19:38 . 2009-10-31 15:14	--------	d-----w-	c:\program files\Microsoft.NET
2010-01-01 19:38 . 2009-10-31 15:11	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2010-01-01 19:38 . 2009-10-22 09:31	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2010-01-01 19:38 . 2009-10-22 09:30	--------	d-----w-	c:\program files\Microsoft
2010-01-01 19:38 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Microsoft Games
2010-01-01 19:37 . 2009-11-29 23:34	--------	d-----w-	c:\program files\Java
2010-01-01 19:37 . 2009-08-05 20:01	--------	d-----w-	c:\program files\Google
2010-01-01 19:37 . 2009-11-24 18:41	--------	d-----w-	c:\program files\Fritz 9
2010-01-01 19:37 . 2009-12-07 15:58	--------	d-----w-	c:\program files\DivX
2010-01-01 19:37 . 2009-11-22 14:52	--------	d-----w-	c:\program files\FDRLab
2010-01-01 19:37 . 2009-08-05 21:05	--------	d-----w-	c:\program files\Downloaded Installations
2010-01-01 19:37 . 2009-08-05 20:27	--------	d-----w-	c:\program files\Dolby
2010-01-01 19:35 . 2009-08-05 19:51	--------	d-----w-	c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-29 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2008-12-04 182936]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2008-12-04 957024]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-12-24 1280272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 11:30	272952	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-08-05 20:54	47672	----a-w-	c:\windows\AsScrProlog.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSTPE]
2007-10-12 04:44	106496	----a-w-	c:\windows\System32\ASUSTPE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2009-08-19 19:31	170624	----a-w-	c:\program files\ASUS\ATK Media\DMedia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2009-08-17 08:58	6859392	----a-w-	c:\program files\ASUS\ATKOSD2\ATKOSD2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03	152872	----a-w-	c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44	31072	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
2009-06-19 09:29	105016	----a-w-	c:\program files\ASUS\ATK Hotkey\HControlUser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-07-16 11:00	6253088	----a-w-	c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-07-16 11:01	1833504	----a-w-	c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-08-29 16:11	61440	----a-w-	c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-05 20:01	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-12-06 10:12	1029416	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

R0 fsbts;fsbts;c:\windows\System32\drivers\fsbts.sys [31.1.2010 22:21 33920]
R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [5.8.2009 21:49 15416]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [31.1.2010 22:20 67808]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [31.1.2010 22:21 35552]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [31.1.2010 22:21 70944]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\Anti-Virus\minifilter\fsvista.sys [31.1.2010 22:20 12384]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [18.8.2009 2:36 176128]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [2.3.2010 17:20 311568]
R2 MDES;DVM Meta Data Export Service;c:\asus.sys\DVMExportService.exe [21.10.2008 17:57 307200]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [31.1.2010 22:20 107104]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [31.1.2010 22:20 55904]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys [2.1.2010 15:38 27632]
R3 SiSGbeLH;SiS191/SiS190  ovlada NDIS 6.0 zazen st Ethernet;c:\windows\System32\drivers\SiSGB6.sys [10.6.2009 22:18 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\System32\drivers\vwifimp.sys [14.7.2009 0:52 14336]
S2 gupdate;Sluba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21.12.2009 3:52 135664]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [5.8.2009 21:33 29736]
S3 fssfltr;fssfltr;c:\windows\System32\drivers\fssfltr.sys [22.10.2009 10:32 55264]
S3 fsssvc;Windows Live Zabezpeen rodiny;c:\program files\Windows Live\Family Safety\fsssvc.exe [8.12.2008 16:01 533344]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [2.1.2010 15:38 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [2.1.2010 15:38 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [2.1.2010 15:38 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [2.1.2010 15:38 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [2.1.2010 15:38 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [2.1.2010 15:38 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [2.1.2010 15:38 115752]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\System32\drivers\s816mdfl.sys [22.10.2009 11:22 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\System32\drivers\s816mdm.sys [22.10.2009 11:22 107304]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\fsfilter.sys [31.1.2010 22:20 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\fsrec.sys [31.1.2010 22:20 25184]

--- Ostatn sluby/ovladae v pamti ---

*Deregistered* - cmdGuard
*Deregistered* - cmdHlp
*Deregistered* - sp_rsdrv2

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Obsah adrese 'Naplnovan lohy'

2010-03-02 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-03-01 13:11]

2010-03-02 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-03-01 12:38]

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 02:51]

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 02:51]

2010-03-02 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\F-Secure\ANTI-V~1\fsav.exe [2010-01-31 13:57]

2009-11-25 c:\windows\Tasks\User_Feed_Synchronization-{98EEE44C-6E55-4FD8-900C-1E4FAB2CF1F0}.job
- c:\windows\system32\msfeedssync.exe [2009-07-13 01:14]

2009-11-02 c:\windows\Tasks\Wise Registry Cleaner 4.job
- c:\program files\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-12-17 22:48]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: WikiKomente Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\JARA_2\AppData\Roaming\Mozilla\Firefox\Profiles\zfsqyflc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVEN FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -

Toolbar-Locked - (no file)


.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navzan na bc procesy ---------------------

- - - - - - - > 'winlogon.exe'(596)
c:\program files\F-Secure\FWES\Program\fsdc32.dll

- - - - - - - > 'lsass.exe'(604)
c:\program files\F-Secure\FWES\Program\fsdc32.dll

- - - - - - - > 'Explorer.exe'(2220)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

- - - - - - - > 'csrss.exe'(432)
c:\program files\F-Secure\FWES\Program\fsdc32.dll

- - - - - - - > 'csrss.exe'(520)
c:\program files\F-Secure\FWES\Program\fsdc32.dll
.
------------------------ Jin sputen procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\System32\lpksetup.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\F-Secure\Anti-Virus\fsgk32st.exe
c:\program files\F-Secure\Common\FSMA32.EXE
c:\program files\F-Secure\Common\FSMB32.EXE
c:\program files\F-Secure\Anti-Virus\FSGK32.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\F-Secure\Common\FCH32.EXE
c:\program files\F-Secure\Common\FAMEH32.EXE
c:\program files\F-Secure\Anti-Virus\fsqh.exe
c:\windows\system32\taskhost.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\F-Secure\FWES\Program\fsdfwd.exe
c:\program files\F-Secure\FSAUA\program\fsaua.exe
c:\program files\F-Secure\Anti-Virus\fssm32.exe
c:\windows\system32\conhost.exe
c:\program files\F-Secure\FSAUA\program\fsus.exe
c:\windows\system32\conhost.exe
c:\program files\F-Secure\FSGUI\fsguidll.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkov as: 2010-03-02  18:13:53 - pota byl restartovn
ComboFix-quarantined-files.txt  2010-03-02 17:13

Ped sputnm: Volnch bajt: 164652449792
Po sputn: Volnch bajt: 164495646720

- - End Of File - - 52ED3D8080FEBC54252075ADF90D092A
ComboFix 10-03-01.04 - JARA_2 04.03.2010  21:09:47.2.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.420.1029.18.3071.1968 [GMT 1:00]
Sputn z: c:\users\JARA_2\Desktop\ComboFix.exe
Pouit ovldac pepnae :: c:\users\JARA_2\Desktop\CFScript.txt
 * Rezidentn tt AV je zapnut

.

(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\~.inf
c:\windows\system32\~.tmp

.
(((((((((((((((((((((((((   Soubory vytvoen od 2010-02-04 do 2010-03-04  )))))))))))))))))))))))))))))))
.

2010-03-04 20:17 . 2010-03-04 20:17	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-03-04 20:17 . 2010-03-04 20:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-03-04 09:11 . 2010-03-04 18:56	--------	d--h--w-	c:\temp\dvmexp
2010-03-04 09:11 . 2010-03-04 09:11	--------	d-----w-	C:\dvmexp
2010-03-04 05:54 . 2010-03-04 05:54	--------	d-----w-	c:\users\JARA_2\AppData\Local\Opera
2010-03-04 05:53 . 2010-03-04 05:54	--------	d-----w-	c:\program files\Opera
2010-03-04 04:36 . 2010-03-04 06:05	--------	d-----w-	c:\program files\trend micro
2010-03-02 17:03 . 2010-03-04 20:17	--------	d-----w-	c:\users\JARA_2\AppData\Local\temp
2010-03-01 15:31 . 2010-03-01 15:31	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\skypePM
2010-03-01 15:01 . 2010-03-02 03:36	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----w-	c:\program files\Common Files\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----r-	c:\program files\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----w-	c:\programdata\Skype
2010-03-01 12:39 . 2010-03-02 16:20	--------	d-----w-	c:\programdata\IObit
2010-03-01 11:13 . 2010-03-03 18:52	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\IObit
2010-03-01 11:13 . 2010-03-02 16:20	--------	d-----w-	c:\program files\IObit
2010-03-01 08:58 . 2010-03-01 08:57	509552	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtb6D29.tmp.exe
2010-03-01 04:59 . 2010-03-01 04:59	--------	d-----w-	c:\program files\Lavalys
2010-02-27 22:49 . 2010-02-27 22:49	--------	d-----w-	C:\inetpub
2010-02-26 23:01 . 2010-02-27 22:02	--------	d-----w-	c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-02-26 23:01 . 2010-02-27 22:02	--------	d-----w-	c:\program files\SDHelper (Spybot - Search & Destroy)
2010-02-26 23:01 . 2010-02-27 22:02	--------	d-----w-	c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-02-26 22:53 . 2010-02-27 07:49	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-02-26 22:35 . 2010-02-27 22:02	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GetRightToGo
2010-02-24 11:17 . 2010-02-24 11:17	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Thinstall
2010-02-24 11:17 . 2010-02-24 11:17	--------	d-----w-	c:\users\JARA_2\AppData\Local\Thinstall
2010-02-24 01:31 . 2009-12-13 09:30	641536	----a-w-	c:\windows\system32\CPFilters.dll
2010-02-24 01:31 . 2009-12-13 09:30	465408	----a-w-	c:\windows\system32\psisdecd.dll
2010-02-24 01:31 . 2009-12-13 09:29	417792	----a-w-	c:\windows\system32\msdri.dll
2010-02-24 01:31 . 2010-02-02 07:45	2048	----a-w-	c:\windows\system32\tzres.dll
2010-02-21 08:51 . 2010-02-21 08:54	--------	d-----w-	c:\program files\Ashampoo
2010-02-20 17:16 . 2010-02-20 17:16	--------	d-----w-	c:\program files\Gabest
2010-02-20 17:16 . 2010-02-20 17:16	--------	d-----w-	c:\program files\Xvid
2010-02-20 17:16 . 2006-11-01 13:54	180224	----a-w-	c:\windows\system32\xvidvfw.dll
2010-02-20 17:16 . 2006-11-01 13:52	765952	----a-w-	c:\windows\system32\xvidcore.dll
2010-02-20 17:15 . 2010-02-20 17:15	--------	d-----w-	c:\program files\AviSynth 2.5
2010-02-20 17:13 . 2010-02-21 06:20	--------	d-----w-	c:\program files\AVI ReComp
2010-02-20 17:08 . 2010-02-20 17:08	--------	d-----w-	c:\program files\JockerSoft
2010-02-12 11:07 . 2010-03-01 14:00	299008	----a-w-	c:\programdata\LangSoft\TrnWord.dll
2010-02-12 11:07 . 2010-03-01 14:00	798771	----a-w-	c:\programdata\LangSoft\WebIE.dll
2010-02-12 11:07 . 2010-03-01 14:00	356352	----a-w-	c:\programdata\LangSoft\TrnOutl.dll
2010-02-12 11:06 . 2010-03-01 14:00	--------	d-----w-	C:\TRANSLAT
2010-02-12 11:06 . 2010-03-01 14:00	--------	d-----w-	c:\programdata\LangSoft
2010-02-12 11:04 . 2010-03-01 13:32	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\LangSoft
2010-02-10 02:17 . 2009-12-19 09:02	1328640	----a-w-	c:\windows\system32\quartz.dll
2010-02-10 02:17 . 2009-12-19 09:02	31744	----a-w-	c:\windows\system32\msvidc32.dll
2010-02-10 02:17 . 2009-12-19 09:02	84480	----a-w-	c:\windows\system32\mciavi32.dll
2010-02-10 02:17 . 2009-12-19 09:02	91648	----a-w-	c:\windows\system32\avifil32.dll
2010-02-07 19:36 . 2010-02-07 19:36	--------	d-----w-	c:\users\JARA_2\AppData\Local\Apps
2010-02-07 12:49 . 2010-02-07 12:49	--------	d-----w-	c:\programdata\ChessBase
2010-02-07 12:36 . 2010-02-07 12:37	--------	d-----w-	c:\program files\ChessBase
2010-02-07 08:46 . 2009-09-02 15:41	102439	----a-w-	c:\windows\system32\sipr3260.dll
2010-02-07 06:34 . 2010-02-07 06:34	--------	d-----w-	c:\programdata\vsosdk
2010-02-07 05:56 . 2010-03-01 18:42	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Vso
2010-02-07 05:56 . 2010-02-07 08:55	47360	----a-w-	c:\users\JARA_2\AppData\Roaming\pcouffin.sys
2010-02-07 05:56 . 2010-02-07 05:56	47360	----a-w-	c:\windows\system32\drivers\pcouffin.sys
2010-02-07 05:56 . 2007-03-18 20:37	65602	----a-w-	c:\windows\system32\cook3260.dll
2010-02-07 05:56 . 2006-09-29 12:26	176165	----a-w-	c:\windows\system32\drv23260.dll
2010-02-07 05:56 . 2006-09-29 12:25	208935	----a-w-	c:\windows\system32\drv33260.dll
2010-02-07 05:56 . 2006-09-29 12:24	217127	----a-w-	c:\windows\system32\drv43260.dll
2010-02-07 05:56 . 2010-02-07 08:56	--------	d-----w-	c:\program files\VSO

.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 19:51 . 2010-01-31 21:19	--------	d-----w-	c:\program files\F-Secure
2010-03-03 15:18 . 2009-08-26 09:31	661510	----a-w-	c:\windows\system32\perfh005.dat
2010-03-03 15:18 . 2009-08-26 09:31	138088	----a-w-	c:\windows\system32\perfc005.dat
2010-03-01 15:31 . 2010-03-01 15:31	56	---ha-w-	c:\programdata\ezsidmv.dat
2010-02-27 22:02 . 2010-01-06 08:39	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\PDFCreator
2010-02-27 22:02 . 2009-10-23 03:41	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\OpenOffice.org2
2010-02-27 22:02 . 2009-10-31 18:58	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GHISLER
2010-02-27 22:02 . 2009-08-05 20:52	--------	d-----w-	c:\programdata\P4G
2010-02-27 22:01 . 2009-11-25 19:42	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\OpenOffice.org
2010-02-27 22:01 . 2009-11-24 18:52	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\ChessBase
2010-02-26 04:20 . 2010-01-31 21:28	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\F-Secure
2010-02-24 08:16 . 2009-10-31 16:15	181632	------w-	c:\windows\system32\MpSigStub.exe
2010-02-15 03:57 . 2009-12-02 17:12	--------	d-----w-	c:\program files\QuickMediaConverter
2010-02-10 02:28 . 2009-08-05 19:43	--------	d-----w-	c:\programdata\Microsoft Help
2010-02-07 12:49 . 2010-02-07 12:49	--------	d-----w-	c:\programdata\ChessBase
2010-02-07 12:37 . 2010-01-02 01:24	126496	----a-w-	c:\users\JARA_2\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-07 12:37 . 2010-02-07 12:36	--------	d-----w-	c:\program files\ChessBase
2010-01-31 21:35 . 2010-01-31 21:21	33920	----a-w-	c:\windows\system32\drivers\fsbts.sys
2010-01-31 21:20 . 2010-01-31 21:13	--------	d-----w-	c:\programdata\f-secure
2010-01-31 21:19 . 2010-01-31 21:15	--------	d-----w-	c:\programdata\fssg
2010-01-31 04:26 . 2010-01-31 04:26	--------	d-----w-	c:\program files\CCleaner
2010-01-30 20:36 . 2010-01-30 20:36	--------	d-----w-	c:\programdata\Agnitum
2010-01-30 14:54 . 2010-01-30 14:53	--------	d-----w-	c:\program files\Ultimate Process Manager
2010-01-21 03:04 . 2009-11-24 19:36	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-10 02:16	365568	----a-w-	c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 02:16	85504	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 02:16	85504	----a-w-	c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 02:16	369152	----a-w-	c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 02:16	324608	----a-w-	c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 02:16	277504	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 02:16	320512	----a-w-	c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 02:16	280064	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2010-01-14 03:30 . 2009-10-22 09:27	--------	d-----w-	c:\program files\Common Files\Adobe
2010-01-13 11:33 . 2010-01-13 11:33	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Actecom
2010-01-08 03:18 . 2010-02-10 02:16	221184	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 02:16	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 06:53 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Sidebar
2010-01-07 06:53 . 2009-07-14 02:37	--------	d-----w-	c:\program files\Windows Mail
2010-01-07 06:53 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Photo Viewer
2010-01-07 06:53 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Defender
2010-01-06 07:46 . 2010-01-06 07:46	--------	d-----w-	c:\program files\PDFCreator
2010-01-05 19:20 . 2009-07-14 04:52	--------	d-----w-	c:\program files\DVD Maker
2010-01-02 17:02 . 2009-08-05 19:57	36864	----a-w-	c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-01-02 15:16 . 2010-01-02 15:16	30264	----a-w-	c:\windows\system32\drivers\AsDsm.sys
2010-01-01 23:35 . 2009-11-02 11:05	125696	----a-w-	c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-01-01 20:07 . 2010-01-01 20:07	21496	----a-w-	c:\windows\system32\emptyregdb.dat
2010-01-01 19:08 . 2010-01-01 19:08	0	----a-w-	c:\windows\ativpsrm.bin
2010-01-01 16:27 . 2009-08-05 19:37	12	----a-w-	c:\windows\bthservsdp.dat
2010-01-01 16:18 . 2010-01-01 16:18	10134	----a-r-	c:\users\JARA_2\AppData\Roaming\Microsoft\Installer\{9372A5A0-DA43-0B28-6F7A-C02018D8C015}\ARPPRODUCTICON.exe
2010-01-01 13:22 . 2009-08-05 21:01	45056	----a-w-	c:\windows\system32\acovcnt.exe
2009-12-19 09:02 . 2010-01-22 03:48	977920	----a-w-	c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-10 02:16	12288	----a-w-	c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-10 02:16	22016	----a-w-	c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-10 02:16	13312	----a-w-	c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-10 02:16	50176	----a-w-	c:\windows\system32\iyuv_32.dll
2009-12-19 03:49 . 2009-12-19 03:49	515848	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-08 11:40 . 2010-02-10 02:16	3955288	----a-w-	c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:40 . 2010-02-10 02:16	3899464	----a-w-	c:\windows\system32\ntoskrnl.exe
2009-12-08 11:32 . 2010-02-10 02:16	292864	----a-w-	c:\windows\system32\apphelp.dll
2009-12-08 09:55 . 2009-12-08 09:55	484976	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtb4524.tmp.exe
2009-12-08 08:05 . 2010-02-10 02:16	310784	----a-w-	c:\windows\system32\drivers\srv.sys
2009-12-08 08:05 . 2010-02-10 02:16	113664	----a-w-	c:\windows\system32\drivers\srvnet.sys
2009-04-08 09:31 . 2009-04-08 09:31	106496	----a-w-	c:\program files\Common Files\CPInstallAction.dll
2008-08-11 20:45 . 2008-08-11 20:45	155648	----a-w-	c:\program files\Common Files\MSIactionall.dll
2008-05-22 07:35 . 2008-05-22 07:35	51962	----a-w-	c:\program files\Common Files\banner.jpg
2007-06-12 08:34 . 2007-06-12 08:34	35822	----a-w-	c:\program files\Common Files\ASPG_icon.ico
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-05 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-29 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2008-12-04 182936]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2008-12-04 957024]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-12-24 1280272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 11:30	272952	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-08-05 20:54	47672	----a-w-	c:\windows\AsScrProlog.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSTPE]
2007-10-12 04:44	106496	----a-w-	c:\windows\System32\ASUSTPE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2009-08-19 19:31	170624	----a-w-	c:\program files\ASUS\ATK Media\DMedia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2009-08-17 08:58	6859392	----a-w-	c:\program files\ASUS\ATKOSD2\ATKOSD2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03	152872	----a-w-	c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44	31072	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
2009-06-19 09:29	105016	----a-w-	c:\program files\ASUS\ATK Hotkey\HControlUser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-07-16 11:00	6253088	----a-w-	c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-07-16 11:01	1833504	----a-w-	c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-08-29 16:11	61440	----a-w-	c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-05 20:01	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-12-06 10:12	1029416	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

R0 fsbts;fsbts;c:\windows\System32\drivers\fsbts.sys [31.1.2010 22:21 33920]
R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [5.8.2009 21:49 15416]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [31.1.2010 22:20 67808]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [31.1.2010 22:21 35552]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [31.1.2010 22:21 70944]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\Anti-Virus\minifilter\fsvista.sys [31.1.2010 22:20 12384]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [18.8.2009 2:36 176128]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [2.3.2010 17:20 311568]
R2 MDES;DVM Meta Data Export Service;c:\asus.sys\DVMExportService.exe [21.10.2008 17:57 307200]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [31.1.2010 22:20 107104]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [31.1.2010 22:20 55904]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys [2.1.2010 15:38 27632]
R3 SiSGbeLH;SiS191/SiS190  ovlada NDIS 6.0 zazen st Ethernet;c:\windows\System32\drivers\SiSGB6.sys [10.6.2009 22:18 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\System32\drivers\vwifimp.sys [14.7.2009 0:52 14336]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [5.8.2009 21:33 29736]
S3 fssfltr;fssfltr;c:\windows\System32\drivers\fssfltr.sys [22.10.2009 10:32 55264]
S3 fsssvc;Windows Live Zabezpeen rodiny;c:\program files\Windows Live\Family Safety\fsssvc.exe [8.12.2008 16:01 533344]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [2.1.2010 15:38 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [2.1.2010 15:38 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [2.1.2010 15:38 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [2.1.2010 15:38 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [2.1.2010 15:38 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [2.1.2010 15:38 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [2.1.2010 15:38 115752]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\System32\drivers\s816mdfl.sys [22.10.2009 11:22 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\System32\drivers\s816mdm.sys [22.10.2009 11:22 107304]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\fsfilter.sys [31.1.2010 22:20 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\fsrec.sys [31.1.2010 22:20 25184]

--- Ostatn sluby/ovladae v pamti ---

*Deregistered* - cmdGuard
*Deregistered* - cmdHlp
*Deregistered* - sp_rsdrv2

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Obsah adrese 'Naplnovan lohy'

2010-03-04 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\F-Secure\ANTI-V~1\fsav.exe [2010-01-31 13:57]

2009-11-25 c:\windows\Tasks\User_Feed_Synchronization-{98EEE44C-6E55-4FD8-900C-1E4FAB2CF1F0}.job
- c:\windows\system32\msfeedssync.exe [2009-07-13 01:14]

2009-11-02 c:\windows\Tasks\Wise Registry Cleaner 4.job
- c:\program files\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-12-17 22:48]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: WikiKomente Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\JARA_2\AppData\Roaming\Mozilla\Firefox\Profiles\zfsqyflc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVEN FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navzan na bc procesy ---------------------

- - - - - - - > 'winlogon.exe'(660)
c:\program files\F-Secure\FWES\Program\fsdc32.dll

- - - - - - - > 'lsass.exe'(576)
c:\program files\F-Secure\FWES\Program\fsdc32.dll

- - - - - - - > 'csrss.exe'(432)
c:\program files\F-Secure\FWES\Program\fsdc32.dll

- - - - - - - > 'csrss.exe'(516)
c:\program files\F-Secure\FWES\Program\fsdc32.dll
.
Celkov as: 2010-03-04  21:22:06
ComboFix-quarantined-files.txt  2010-03-04 20:22
ComboFix2.txt  2010-03-02 17:13

Ped sputnm: Volnch bajt: 166302699520
Po sputn: Volnch bajt: 166355525632

- - End Of File - - 5B4133B8BBED137F8B8E24041391CA38
ComboFix 10-03-24.03 - JARA_2 25.03.2010  17:08:44.3.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.420.1029.18.3071.2006 [GMT 1:00]
Sputn z: d:\downloads\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\users\JARA_2\AppData\Roaming\BITS
c:\users\JARA_2\AppData\Roaming\BITS\BITS.ini
c:\users\JARA_2\AppData\Roaming\BITS\DHTTable.dat
c:\users\JARA_2\AppData\Roaming\BITS\ProxyList.ini
c:\windows\system32\~.inf
c:\windows\system32\acovcnt.exe
c:\windows\system32\secustat.dat

.
(((((((((((((((((((((((((   Soubory vytvoen od 2010-02-25 do 2010-03-25  )))))))))))))))))))))))))))))))
.

2010-03-25 16:31 . 2010-03-25 16:31	--------	d-----w-	c:\users\JARA_2\AppData\Local\temp
2010-03-25 16:31 . 2010-03-25 16:31	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-03-25 16:31 . 2010-03-25 16:31	--------	d-----w-	c:\users\Jara1\AppData\Local\temp
2010-03-25 16:31 . 2010-03-25 16:31	--------	d-----w-	c:\users\Guest\AppData\Local\temp
2010-03-25 16:31 . 2010-03-25 16:31	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-03-25 14:04 . 2010-03-25 16:05	--------	d--h--w-	c:\temp\dvmexp
2010-03-25 14:04 . 2010-03-25 14:04	--------	d-----w-	C:\dvmexp
2010-03-25 13:47 . 2010-03-09 11:08	19024	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2010-03-25 13:47 . 2010-03-09 11:12	162640	----a-w-	c:\windows\system32\drivers\aswSP.sys
2010-03-25 13:47 . 2010-03-09 11:14	294480	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2010-03-25 13:47 . 2010-03-09 11:14	102352	----a-w-	c:\windows\system32\drivers\aswFW.sys
2010-03-25 13:46 . 2010-03-09 11:14	194640	----a-w-	c:\windows\system32\drivers\aswNdis2.sys
2010-03-25 13:46 . 2010-03-09 11:09	23376	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2010-03-25 13:46 . 2010-03-09 11:12	46672	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2010-03-25 13:46 . 2010-03-09 11:08	51792	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2010-03-25 13:46 . 2010-01-09 21:22	12112	----a-w-	c:\windows\system32\drivers\aswNdis.sys
2010-03-25 13:46 . 2010-03-09 11:24	153184	----a-w-	c:\windows\system32\aswBoot.exe
2010-03-25 13:46 . 2010-02-11 18:53	38848	----a-w-	c:\windows\system32\avastSS.scr
2010-03-25 13:46 . 2010-03-25 13:46	--------	d-----w-	c:\program files\Alwil Software
2010-03-23 07:25 . 2010-03-23 07:25	--------	d-----w-	c:\program files\Xvid
2010-03-23 07:25 . 2010-03-23 07:25	--------	d-----w-	c:\program files\AviSynth 2.5
2010-03-23 07:24 . 2010-03-23 07:26	--------	d-----w-	c:\program files\AVI ReComp
2010-03-22 14:45 . 2010-03-22 14:53	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\XnView
2010-03-22 14:34 . 2010-03-23 02:38	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\HEXelon
2010-03-19 21:02 . 2010-03-23 07:26	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\AVI ReComp
2010-03-11 03:49 . 2010-03-25 14:04	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2010-03-11 03:47 . 2010-03-11 03:47	--------	d-----w-	c:\windows\system32\msmq
2010-03-10 13:51 . 2010-03-10 14:17	305	----a-w-	c:\windows\system32\secushr.dat
2010-03-10 13:51 . 2010-03-10 13:51	--------	d-----w-	C:\Downloads
2010-03-10 13:40 . 2010-03-10 13:40	2560	----a-w-	c:\windows\_MSRSTRT.EXE
2010-03-10 13:32 . 2010-03-10 13:40	--------	d-----w-	c:\programdata\SpeedBit
2010-03-10 09:16 . 2010-03-10 09:16	--------	d-----w-	c:\program files\Conduit
2010-03-09 10:30 . 2010-03-09 10:30	--------	d-----w-	c:\users\JARA_2\AppData\Local\ashampoo
2010-03-09 10:30 . 2010-03-09 10:30	--------	d-----w-	c:\programdata\ashampoo
2010-03-08 02:58 . 2010-03-08 02:58	--------	d-----w-	c:\users\Jara1\AppData\Local\Opera
2010-03-06 21:34 . 2010-03-06 21:34	--------	d-----w-	c:\users\JARA_2\AppData\Local\Opera
2010-03-06 21:33 . 2010-03-22 18:21	--------	d-----w-	c:\program files\Opera
2010-03-06 21:18 . 2010-03-06 21:18	--------	d-----w-	c:\programdata\Alwil Software
2010-03-06 20:50 . 2010-03-06 20:50	74328	----a-w-	c:\windows\system32\drivers\inspect.sys
2010-03-05 20:57 . 2010-03-05 20:57	--------	d-----w-	c:\program files\PDFCreator
2010-03-05 20:57 . 1998-07-05 23:00	23552	----a-w-	c:\windows\system32\MSMPIDE.DLL
2010-03-05 20:31 . 2001-10-28 15:42	116224	----a-w-	c:\windows\system32\pdfcmnnt.dll
2010-03-05 20:18 . 2010-03-05 20:18	--------	d-----w-	c:\program files\Application Updater
2010-03-05 20:18 . 2010-03-25 16:30	--------	d-----w-	c:\program files\pdfforge Toolbar
2010-03-05 17:04 . 2010-03-05 17:04	--------	d-----w-	c:\users\Jara1\AppData\Local\Diagnostics
2010-03-05 17:04 . 2010-03-05 17:04	--------	d-----w-	c:\users\Jara1\AppData\Local\ChessBase
2010-03-05 17:04 . 2010-03-05 17:04	--------	d-----w-	c:\users\Jara1\AppData\Local\ATI
2010-03-05 17:04 . 2010-03-05 17:04	--------	d-----w-	c:\users\Jara1\AppData\Local\ASUS
2010-03-05 17:04 . 2010-03-05 17:04	--------	d-----w-	c:\users\Jara1\AppData\Local\Apps
2010-03-05 17:04 . 2010-03-05 17:04	--------	d-----w-	c:\users\Jara1\AppData\Local\Ahead
2010-03-05 17:04 . 2010-03-05 17:04	--------	d-----w-	c:\users\Jara1\AppData\Local\Adobe
2010-03-05 17:04 . 2010-02-07 12:37	126496	----a-w-	c:\users\Jara1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-05 17:00 . 2010-03-05 17:00	--------	d-----w-	c:\users\Jara1\Bluetooth Software
2010-03-05 16:37 . 2010-03-05 16:37	--------	d-----w-	c:\users\Jara1\AppData\Local\Mozilla
2010-03-05 12:45 . 2010-02-11 07:10	293376	----a-w-	c:\windows\system32\browserchoice.exe
2010-03-04 20:22 . 2010-03-04 20:22	--------	d-----w-	c:\users\Guest
2010-03-04 04:36 . 2010-03-04 06:05	--------	d-----w-	c:\program files\trend micro
2010-03-01 15:31 . 2010-03-09 15:07	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\skypePM
2010-03-01 15:01 . 2010-03-09 12:55	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----w-	c:\program files\Common Files\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----r-	c:\program files\Skype
2010-03-01 15:00 . 2010-03-01 15:00	--------	d-----w-	c:\programdata\Skype
2010-03-01 12:39 . 2010-03-02 16:20	--------	d-----w-	c:\programdata\IObit
2010-03-01 11:13 . 2010-03-03 18:52	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\IObit
2010-03-01 11:13 . 2010-03-02 16:20	--------	d-----w-	c:\program files\IObit
2010-03-01 08:58 . 2010-03-01 08:57	509552	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtb6D29.tmp.exe
2010-03-01 04:59 . 2010-03-01 04:59	--------	d-----w-	c:\program files\Lavalys
2010-02-27 22:49 . 2010-02-27 22:49	--------	d-----w-	C:\inetpub
2010-02-26 23:01 . 2010-02-27 22:02	--------	d-----w-	c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-02-26 22:53 . 2010-03-22 18:31	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-02-26 22:35 . 2010-02-27 22:02	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GetRightToGo
2010-02-24 11:17 . 2010-02-24 11:17	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Thinstall
2010-02-24 11:17 . 2010-02-24 11:17	--------	d-----w-	c:\users\JARA_2\AppData\Local\Thinstall
2010-02-24 01:31 . 2009-12-13 09:30	641536	----a-w-	c:\windows\system32\CPFilters.dll
2010-02-24 01:31 . 2009-12-13 09:30	465408	----a-w-	c:\windows\system32\psisdecd.dll
2010-02-24 01:31 . 2009-12-13 09:29	417792	----a-w-	c:\windows\system32\msdri.dll
2010-02-24 01:31 . 2010-02-02 07:45	2048	----a-w-	c:\windows\system32\tzres.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-25 12:02 . 2010-01-02 01:24	126496	----a-w-	c:\users\JARA_2\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-23 07:26 . 2010-02-20 17:16	--------	d-----w-	c:\program files\Gabest
2010-03-23 02:38 . 2009-08-05 20:52	--------	d-----w-	c:\programdata\P4G
2010-03-20 11:37 . 2010-02-07 05:56	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Vso
2010-03-18 10:12 . 2009-08-26 09:31	656998	----a-w-	c:\windows\system32\perfh005.dat
2010-03-18 10:12 . 2009-08-26 09:31	136058	----a-w-	c:\windows\system32\perfc005.dat
2010-03-09 19:15 . 2009-12-07 15:58	--------	d-----w-	c:\program files\DivX
2010-03-09 19:04 . 2009-08-05 20:01	--------	d-----w-	c:\program files\Common Files\PX Storage Engine
2010-03-06 21:00 . 2010-01-31 21:13	--------	d-----w-	c:\programdata\f-secure
2010-03-01 15:31 . 2010-03-01 15:31	56	---ha-w-	c:\programdata\ezsidmv.dat
2010-03-01 14:00 . 2010-02-12 11:07	299008	----a-w-	c:\programdata\LangSoft\TrnWord.dll
2010-03-01 14:00 . 2010-02-12 11:06	--------	d-----w-	c:\programdata\LangSoft
2010-03-01 14:00 . 2010-02-12 11:07	798771	----a-w-	c:\programdata\LangSoft\WebIE.dll
2010-03-01 14:00 . 2010-02-12 11:07	356352	----a-w-	c:\programdata\LangSoft\TrnOutl.dll
2010-03-01 13:32 . 2010-02-12 11:04	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\LangSoft
2010-02-27 22:02 . 2009-10-23 03:41	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\OpenOffice.org2
2010-02-27 22:02 . 2009-10-31 18:58	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GHISLER
2010-02-27 22:01 . 2009-11-25 19:42	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\OpenOffice.org
2010-02-27 22:01 . 2009-11-24 18:52	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\ChessBase
2010-02-24 09:16 . 2009-10-31 16:15	181632	------w-	c:\windows\system32\MpSigStub.exe
2010-02-21 08:54 . 2010-02-21 08:51	--------	d-----w-	c:\program files\Ashampoo
2010-02-20 17:08 . 2010-02-20 17:08	--------	d-----w-	c:\program files\JockerSoft
2010-02-15 03:57 . 2009-12-02 17:12	--------	d-----w-	c:\program files\QuickMediaConverter
2010-02-10 02:28 . 2009-08-05 19:43	--------	d-----w-	c:\programdata\Microsoft Help
2010-02-07 12:49 . 2010-02-07 12:49	--------	d-----w-	c:\programdata\ChessBase
2010-02-07 12:37 . 2010-02-07 12:36	--------	d-----w-	c:\program files\ChessBase
2010-02-07 08:56 . 2010-02-07 05:56	--------	d-----w-	c:\program files\VSO
2010-02-07 08:55 . 2010-02-07 05:56	47360	----a-w-	c:\users\JARA_2\AppData\Roaming\pcouffin.sys
2010-02-07 08:55 . 2010-02-07 05:56	47360	----a-w-	c:\users\JARA_2\AppData\Roaming\pcouffin.sys
2010-02-07 06:34 . 2010-02-07 06:34	--------	d-----w-	c:\programdata\vsosdk
2010-02-07 05:56 . 2010-02-07 05:56	47360	----a-w-	c:\windows\system32\drivers\pcouffin.sys
2010-01-31 21:19 . 2010-01-31 21:15	--------	d-----w-	c:\programdata\fssg
2010-01-31 04:26 . 2010-01-31 04:26	--------	d-----w-	c:\program files\CCleaner
2010-01-30 20:36 . 2010-01-30 20:36	--------	d-----w-	c:\programdata\Agnitum
2010-01-30 14:54 . 2010-01-30 14:53	--------	d-----w-	c:\program files\Ultimate Process Manager
2010-01-18 23:29 . 2010-02-10 02:16	365568	----a-w-	c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 02:16	85504	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 02:16	85504	----a-w-	c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 02:16	369152	----a-w-	c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 02:16	324608	----a-w-	c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 02:16	277504	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 02:16	320512	----a-w-	c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 02:16	280064	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2010-01-08 03:18 . 2010-02-10 02:16	221184	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 02:16	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-01-02 17:02 . 2009-08-05 19:57	36864	----a-w-	c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-01-02 15:16 . 2010-01-02 15:16	30264	----a-w-	c:\windows\system32\drivers\AsDsm.sys
2010-01-01 23:35 . 2009-11-02 11:05	125696	----a-w-	c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-01-01 20:07 . 2010-01-01 20:07	21496	----a-w-	c:\windows\system32\emptyregdb.dat
2010-01-01 19:08 . 2010-01-01 19:08	0	----a-w-	c:\windows\ativpsrm.bin
2010-01-01 16:27 . 2009-08-05 19:37	12	----a-w-	c:\windows\bthservsdp.dat
2010-01-01 16:18 . 2010-01-01 16:18	10134	----a-r-	c:\users\JARA_2\AppData\Roaming\Microsoft\Installer\{9372A5A0-DA43-0B28-6F7A-C02018D8C015}\ARPPRODUCTICON.exe
2009-04-08 09:31 . 2009-04-08 09:31	106496	----a-w-	c:\program files\Common Files\CPInstallAction.dll
2008-08-11 20:45 . 2008-08-11 20:45	155648	----a-w-	c:\program files\Common Files\MSIactionall.dll
2008-05-22 07:35 . 2008-05-22 07:35	51962	----a-w-	c:\program files\Common Files\banner.jpg
2007-06-12 08:34 . 2007-06-12 08:34	35822	----a-w-	c:\program files\Common Files\ASPG_icon.ico
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2010-01-08 02:17	700416	----a-w-	c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2010-01-08 700416]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-03-09 11:11	136704	----a-w-	c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2010-01-08 974848]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-05 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-29 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 11:30	272952	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-08-05 20:54	47672	----a-w-	c:\windows\AsScrProlog.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSTPE]
2007-10-12 04:44	106496	----a-w-	c:\windows\System32\ASUSTPE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2009-08-19 19:31	170624	----a-w-	c:\program files\ASUS\ATK Media\DMedia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2009-08-17 08:58	6859392	----a-w-	c:\program files\ASUS\ATKOSD2\ATKOSD2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03	152872	----a-w-	c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44	31072	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
2009-06-19 09:29	105016	----a-w-	c:\program files\ASUS\ATK Hotkey\HControlUser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-07-16 11:00	6253088	----a-w-	c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-07-16 11:01	1833504	----a-w-	c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-08-29 16:11	61440	----a-w-	c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-05 20:01	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-12-06 10:12	1029416	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
R3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2010-01-09 12112]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-03-09 51792]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2010-03-09 119200]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2009-12-24 311568]
S2 MDES;DVM Meta Data Export Service;c:\asus.sys\DVMExportService.exe [2008-10-21 307200]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 SiSGbeLH;SiS191/SiS190  ovlada NDIS 6.0 zazen st Ethernet;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]


--- Ostatn sluby/ovladae v pamti ---

*Deregistered* - cmdGuard
*Deregistered* - cmdHlp
*Deregistered* - inspect
*Deregistered* - sp_rsdrv2

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Obsah adrese 'Naplnovan lohy'

2010-03-18 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-03-01 12:38]

2009-11-25 c:\windows\Tasks\User_Feed_Synchronization-{98EEE44C-6E55-4FD8-900C-1E4FAB2CF1F0}.job
- c:\windows\system32\msfeedssync.exe [2009-07-13 01:14]

2009-11-02 c:\windows\Tasks\Wise Registry Cleaner 4.job
- c:\program files\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-12-17 22:48]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://google.flashget.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Stahnou vse FlashGet3
IE: Stahnout FlashGet3
IE: WikiKomente Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
Trusted Zone: kuaiche.com\software
TCP: {30DF29B2-9651-40C4-B658-E5BE739701EB} = 10.0.0.138
FF - ProfilePath - c:\users\JARA_2\AppData\Roaming\Mozilla\Firefox\Profiles\zfsqyflc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: c:\program files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVEN FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkov as: 2010-03-25  17:34:46
ComboFix-quarantined-files.txt  2010-03-25 16:34
ComboFix2.txt  2010-03-04 20:22
ComboFix3.txt  2010-03-02 17:13

Ped sputnm: Volnch bajt: 184662437888
Po sputn: Volnch bajt: 184623808512

- - End Of File - - D2F080281701083EBAAB9BCA66DCB290
