Pomoc - FB vir

Zpráva

Havi · #1 Příspěvek od **Havi** » 24 črc 2011 10:21

Dobrý den, z diskuzí jsem zjistil, že naše PC bylo infikováno virem z FB. Žádám Vás o kontrolu logu a následnou pomoc. Děkuji H.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Roman at 2011-08-23 11:16:00
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (9%) free of 78 GB
Total RAM: 1279 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:42:26, on 10. 1. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\HDDSvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Trust\WB-3500T USB2 Webcam\SnapTrap.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Hard Drive Inspector\HDInspector.exe
C:\Program Files\Corel\Corel GuideMenu\GuideMenu.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Documents and Settings\Roman\Data aplikací\Transcend\SJelite3\SJelite3Launch.exe
C:\PROGRA~1\ICQ6.5\ICQ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\trend micro\Roman.exe
C:\Program Files\trend micro\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [STICAP] C:\Program Files\Trust\WB-3500T USB2 Webcam\SnapTrap.exe
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GuideMenu] C:\Program Files\Corel\Corel GuideMenu\GuideMenu.exe -hide
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [SJelite3Launch] C:\Documents and Settings\Roman\Data aplikací\Transcend\SJelite3\SJelite3Launch.exe
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\WINDOWS\system32\HDDSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 9368 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\wr1yq0fa.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "cs@dictionaries.addons.mozilla.org:1.0.2, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, radiobar@toolbar:1.0.0, maps@ovi.com:4.0.12.12, {DDABDBA1-2377-4A30-A027-25697B99E254}:3.1, firebug@software.joehewitt.com:1.6.0, {ad48108d-92a6-4eb9-87e4-978aca1dbae4}:1.1.6, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... 2.0.0.6&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\firefox\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutCertError.js.moz-backup
aboutPrivateBrowsing.js.moz-backup
aboutRights.js.moz-backup
aboutRobots.js.moz-backup
aboutSessionRestore.js.moz-backup
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js.moz-backup
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npdeploytk.dll
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
npnul32.dll
nppdf32.dll
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\wr1yq0fa.default\extensions\
cs@dictionaries.addons.mozilla.org
firebug@software.joehewitt.com
langpack-af@firefox.mozilla.org
maps@ovi.com
radiobar@toolbar
{800b5000-a755-47e1-992b-48a1c1357f07}
{ad48108d-92a6-4eb9-87e4-978aca1dbae4}
{DDABDBA1-2377-4A30-A027-25697B99E254}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Documents and Settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\wr1yq0fa.default\searchplugins\
esk-kutilcz.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2009-12-14 1217896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2009-12-14 1217896]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-05-31 1817600]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]
"HDInspector.exe"=C:\Program Files\Hard Drive Inspector\HDInspector.exe [2008-04-14 1006344]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-22 77824]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"pdfSaver3"= []
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-3-0\svchost.exe [2011-08-19 1147392]
"tray_ico1"=C:\WINDOWS\update.tray-2-0\svchost.exe [2011-08-19 1147392]
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-08-23 247296]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-08-22 232960]
"73076856-loader2.exe"=C:\DOCUME~1\Roman\LOCALS~1\Temp\73076856-loader2.exe [2011-08-21 249344]
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-08-23 247296]
"2501920.exe"=C:\WINDOWS\TEMP\2501920.exe [2011-08-23 247296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SJelite3Launch"=C:\Documents and Settings\Roman\Data aplikací\Transcend\SJelite3\SJelite3Launch.exe [2009-09-18 176128]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=4294967295

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Games\The Battle for Middle-earth (tm) II\game.dat"="D:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"D:\Games\Football Manager 2008\fm.exe"="D:\Games\Football Manager 2008\fm.exe:*:Enabled:Football Manager 2008"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Games\Pro Evolution Soccer 2009\pes2009.exe"="D:\Games\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Documents and Settings\Roman\Local Settings\Temp\pes2009.exe"="C:\Documents and Settings\Roman\Local Settings\Temp\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"D:\Games\Zoo Tycoon 2\zt.exe"="D:\Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"D:\Games\FlatOut Ultimate Carnage\Fouc.exe"="D:\Games\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage"
"D:\Games\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Games\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Games\Sid Meier's Civilization 4\Civilization4.exe"="D:\Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AIM"
"D:\Games\Football Manager 2010\fm.exe"="D:\Games\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010"
"C:\Documents and Settings\Roman\Dokumenty\Stažené soubory\P1876832.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Roman\Dokumenty\Stažené soubory\facebook-pic000934519.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\Farming Simulator 2011\FarmingSimulator2011.exe"="C:\Program Files\Farming Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Farming Simulator 2011"
"C:\Program Files\Farming Simulator 2011\game.exe"="C:\Program Files\Farming Simulator 2011\game.exe:*:Enabled:Farming Simulator 2011"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Documents and Settings\Roman\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\Roman\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Roman\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.tray-3-0\svchost.exe"="C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe"
"C:\WINDOWS\update.tray-2-0\svchost.exe"="C:\WINDOWS\update.tray-2-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-2-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.ffds"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.mpegacm"=mpegacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"vidc.VP62"=vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-08-23 11:16:00 ----D---- C:\rsit
2011-08-22 09:28:36 ----D---- C:\Config.Msi
2011-08-20 14:56:05 ----D---- C:\WINDOWS\rpcminer
2011-08-20 14:56:05 ----D---- C:\WINDOWS\phoenix
2011-08-20 11:54:59 ----D---- C:\Program Files\AMD APP
2011-08-20 11:01:46 ----D---- C:\WINDOWS\ufa
2011-08-20 09:57:59 ----A---- C:\WINDOWS\l1rezerv.exe
2011-08-20 08:15:45 ----A---- C:\WINDOWS\ddh_iplist.txt
2011-08-20 08:15:19 ----A---- C:\WINDOWS\systemup.exe
2011-08-20 08:15:09 ----A---- C:\WINDOWS\unrar.exe
2011-08-20 08:15:04 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-08-20 08:14:26 ----HD---- C:\WINDOWS\update.2
2011-08-19 15:45:00 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-08-19 15:44:39 ----HD---- C:\WINDOWS\update.5.0
2011-08-19 15:44:39 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-08-19 15:44:30 ----A---- C:\WINDOWS\iplist.txt
2011-08-19 15:44:25 ----A---- C:\WINDOWS\sysdriver32.exe
2011-08-19 15:43:07 ----A---- C:\WINDOWS\front_ip_list.txt
2011-08-19 15:43:02 ----D---- C:\WINDOWS\av_ico
2011-08-19 15:40:46 ----HD---- C:\WINDOWS\update.1
2011-08-19 15:40:41 ----HD---- C:\WINDOWS\update.tray-3-0-lnk
2011-08-19 15:40:41 ----HD---- C:\WINDOWS\update.tray-3-0
2011-08-19 15:40:41 ----HD---- C:\WINDOWS\update.tray-2-0-lnk
2011-08-19 15:40:41 ----HD---- C:\WINDOWS\update.tray-2-0
2011-08-19 15:29:40 ----A---- C:\WINDOWS\winlog-ids.txt
2011-08-19 15:29:40 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-08-03 12:47:04 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2011-08-03 12:47:01 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2011-08-03 12:06:09 ----D---- C:\Program Files\MSECache

======List of files/folders modified in the last 1 month======

2011-08-23 11:16:03 ----D---- C:\Program Files\trend micro
2011-08-23 11:15:42 ----D---- C:\WINDOWS\Prefetch
2011-08-23 11:03:49 ----D---- C:\WINDOWS\Temp
2011-08-23 11:02:27 ----D---- C:\WINDOWS\system32
2011-08-23 11:02:26 ----D---- C:\Program Files\Mozilla Firefox
2011-08-23 10:50:45 ----D---- C:\WINDOWS
2011-08-23 10:48:55 ----D---- C:\WINDOWS\system32\drivers
2011-08-22 15:46:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-22 09:32:33 ----D---- C:\WINDOWS\system32\config
2011-08-22 09:30:38 ----D---- C:\WINDOWS\system32\wbem
2011-08-22 09:30:34 ----D---- C:\WINDOWS\Registration
2011-08-22 09:29:50 ----SHD---- C:\WINDOWS\Installer
2011-08-22 09:29:21 ----HD---- C:\WINDOWS\inf
2011-08-22 09:24:07 ----RD---- C:\Program Files
2011-08-22 09:23:49 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-20 17:28:36 ----D---- C:\Documents and Settings\Roman\Data aplikací\Spyware Terminator
2011-08-20 13:53:46 ----A---- C:\WINDOWS\wincmd.ini
2011-08-20 11:54:54 ----D---- C:\Program Files\ATI Technologies
2011-08-20 09:58:22 ----SHD---- C:\System Volume Information
2011-08-19 15:58:56 ----D---- C:\Program Files\Steam
2011-08-19 15:40:56 ----A---- C:\boot.ini
2011-08-16 21:01:40 ----D---- C:\Program Files\Crawler
2011-08-16 11:20:39 ----D---- C:\Program Files\Spyware Terminator
2011-08-03 12:47:17 ----D---- C:\Program Files\PDFCreator
2011-08-03 12:29:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-08-03 12:13:50 ----D---- C:\WINDOWS\system32\LogFiles
2011-08-03 12:06:16 ----D---- C:\Program Files\Common Files\Microsoft Shared

#2 Příspěvek od **Rudy** » 24 črc 2011 10:26

Log sice není kompletní, ale udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

#3 Příspěvek od **Rudy** » 24 črc 2011 10:34

Vy jste měnil systémový čas o měsíc dopředu?

Havi · #4 Příspěvek od **Havi** » 24 črc 2011 12:45

Nemůžu vyloučit, že systémové datum bylo nastaveno chybně.

MBAM jsem nainstaloval, ale po spuštění byla kontrola po 5 s zastavena a program ukončen. Když chci program spustit přes odkaz přímo z plochy, tak obdržím varovnou hlášku "Systém Windows nemá přístup k určenému zařízení, cestě nebo souboru. K přístupu k položce pravděpodobně nemáte patřičná oprávnění."

#5 Příspěvek od **Rudy** » 24 črc 2011 17:06

Zkuste to ještě v nouz. režimu.

Havi · #6 Příspěvek od **Havi** » 24 črc 2011 19:25

V nouzovém režimu se bohužel program chová úplně stejně. Zjistil jsem, že se takto chová i Spyware Terminator a RSIT, který již znovu nespustím. RSIT určitě neběžel až do konce, a proto byl log neúplný.

#7 Příspěvek od **Rudy** » 24 črc 2011 19:40

OK. Stáhněte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.exe . Postupujte podle kolegova návodu:

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Havi · #8 Příspěvek od **Havi** » 24 črc 2011 19:56

Přikládám požadovaný log

2011/07/23 20:53:43.0843 2728 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/23 20:53:44.0203 2728 ================================================================================
2011/07/23 20:53:44.0203 2728 SystemInfo:
2011/07/23 20:53:44.0203 2728
2011/07/23 20:53:44.0203 2728 OS Version: 5.1.2600 ServicePack: 2.0
2011/07/23 20:53:44.0203 2728 Product type: Workstation
2011/07/23 20:53:44.0203 2728 ComputerName: ROKATEK-CFF95EB
2011/07/23 20:53:44.0203 2728 UserName: Roman
2011/07/23 20:53:44.0203 2728 Windows directory: C:\WINDOWS
2011/07/23 20:53:44.0203 2728 System windows directory: C:\WINDOWS
2011/07/23 20:53:44.0203 2728 Processor architecture: Intel x86
2011/07/23 20:53:44.0203 2728 Number of processors: 1
2011/07/23 20:53:44.0203 2728 Page size: 0x1000
2011/07/23 20:53:44.0203 2728 Boot type: Normal boot
2011/07/23 20:53:44.0203 2728 ================================================================================
2011/07/23 20:53:46.0156 2728 Initialize success
2011/07/23 20:54:13.0281 2660 ================================================================================
2011/07/23 20:54:13.0281 2660 Scan started
2011/07/23 20:54:13.0281 2660 Mode: Manual;
2011/07/23 20:54:13.0281 2660 ================================================================================
2011/07/23 20:54:14.0015 2660 ACPI (fa2fbcda96d2385f773b059fe5a125a6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/23 20:54:14.0125 2660 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/23 20:54:14.0375 2660 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/07/23 20:54:14.0515 2660 AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/07/23 20:54:14.0671 2660 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/07/23 20:54:15.0171 2660 ALCXWDM (f5d4d3899e16e1f75398297844386226) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/07/23 20:54:15.0531 2660 AmdK8 (cc9344adedf0bd57014a05f2528ce862) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/07/23 20:54:15.0781 2660 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/23 20:54:16.0187 2660 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/23 20:54:16.0312 2660 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/23 20:54:16.0640 2660 ati2mtag (e69b295083419e13521f01df76f35db0) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/07/23 20:54:16.0843 2660 atksgt (5b80e84af6b02ecab72dae9afee06309) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/07/23 20:54:16.0968 2660 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/23 20:54:17.0109 2660 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/23 20:54:17.0234 2660 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/23 20:54:17.0390 2660 BlueletAudio (1d866faf96d7369a1817ab208c04cf55) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
2011/07/23 20:54:17.0546 2660 BlueletSCOAudio (8fc27b12a02b43947787f0ef1885df9b) C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
2011/07/23 20:54:17.0687 2660 Bridge (e4e6a0922e3d983728c9ad4e8d466954) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/07/23 20:54:17.0718 2660 BridgeMP (e4e6a0922e3d983728c9ad4e8d466954) C:\WINDOWS\system32\DRIVERS\bridge.sys
2011/07/23 20:54:17.0843 2660 BT (c5cce2b26f73f8cf7f3c82159e79aa08) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
2011/07/23 20:54:17.0953 2660 Btcsrusb (d5d025b5f704817b42d13a3e443f7893) C:\WINDOWS\system32\Drivers\btcusb.sys
2011/07/23 20:54:18.0078 2660 BthEnum (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/07/23 20:54:18.0203 2660 BTHidEnum (ce643d0918123d76a5caab008fca9663) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
2011/07/23 20:54:18.0328 2660 BTHidMgr (dfca4fe4c8aec786b4d0f432eb730f48) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
2011/07/23 20:54:18.0484 2660 BthPan (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/07/23 20:54:18.0625 2660 BTHPORT (28d8eb74c2f2480518c59807a59cd1e2) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/07/23 20:54:18.0750 2660 BTHUSB (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/07/23 20:54:18.0875 2660 BTNetFilter (4f26303becbb7cc5ca8ff39593124cf2) C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
2011/07/23 20:54:19.0015 2660 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/23 20:54:19.0171 2660 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/23 20:54:19.0406 2660 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/23 20:54:19.0546 2660 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/23 20:54:19.0656 2660 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/23 20:54:20.0062 2660 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
2011/07/23 20:54:20.0218 2660 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
2011/07/23 20:54:20.0578 2660 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/23 20:54:20.0718 2660 dmboot (e1968edec81c430108feb23ab07bdb14) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/23 20:54:20.0890 2660 dmio (1b1520a82e396e46b9ae9fa6b03ff6c6) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/23 20:54:21.0000 2660 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/23 20:54:21.0140 2660 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/23 20:54:21.0359 2660 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/23 20:54:21.0484 2660 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/07/23 20:54:21.0640 2660 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/07/23 20:54:21.0796 2660 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/07/23 20:54:21.0953 2660 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/23 20:54:22.0078 2660 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/23 20:54:22.0218 2660 FileObjInfo (3b172367379fa5cd6388f93657a7e9a4) C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator\FileObjInfo.sys
2011/07/23 20:54:22.0375 2660 Fips (266dab58619b17bdf37fabbd48d875ca) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/23 20:54:22.0500 2660 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/23 20:54:22.0625 2660 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/07/23 20:54:22.0750 2660 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/23 20:54:22.0859 2660 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/23 20:54:23.0015 2660 fwdrv (3a3929b7a0eeef83df3a6c81e43a1fa9) C:\WINDOWS\system32\drivers\fwdrv.sys
2011/07/23 20:54:23.0140 2660 gagp30kx (4216cd545e5c30807b560c5dcaa812e6) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
2011/07/23 20:54:23.0265 2660 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/23 20:54:23.0500 2660 GVCplDrv (f22bf7f345df95c09942951246aaa28d) C:\WINDOWS\system32\drivers\GVCplDrv.sys
2011/07/23 20:54:23.0656 2660 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/23 20:54:23.0859 2660 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
2011/07/23 20:54:24.0000 2660 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
2011/07/23 20:54:24.0187 2660 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/23 20:54:24.0328 2660 huadio (e9ae632aa701b9fcf7580af17b88320a) C:\WINDOWS\system32\huadio.tmp
2011/07/23 20:54:24.0656 2660 i8042prt (0f42de9909b5dbf2c48dd1a79d491af5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/23 20:54:24.0796 2660 Imapi (94d66cf57341cce64150b9fcc1daecaf) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/23 20:54:24.0796 2660 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\imapi.sys. Real md5: 94d66cf57341cce64150b9fcc1daecaf, Fake md5: f8aa320c6a0409c0380e5d8a99d76ec6
2011/07/23 20:54:24.0812 2660 Imapi - detected ForgedFile.Multi.Generic (1)
2011/07/23 20:54:25.0140 2660 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/07/23 20:54:25.0265 2660 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/23 20:54:25.0390 2660 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/23 20:54:25.0515 2660 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/23 20:54:25.0625 2660 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/23 20:54:25.0750 2660 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/23 20:54:25.0875 2660 isapnp (1091528512e4dd7ed5fddcc4df1c53d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/23 20:54:25.0984 2660 Iviaspi (4ac11b2250106774f694df2db4ffed61) C:\WINDOWS\system32\drivers\iviaspi.sys
2011/07/23 20:54:26.0125 2660 Kbdclass (6f877bf8dc01a550cd666f3bedb2213c) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/23 20:54:26.0250 2660 kbdhid (065b5a83aa78c0c7047bf22e0ab5c821) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/23 20:54:26.0359 2660 khips (d44c0f4fc254344bad74581632339963) C:\WINDOWS\system32\drivers\khips.sys
2011/07/23 20:54:26.0484 2660 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/23 20:54:26.0609 2660 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/23 20:54:26.0875 2660 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/07/23 20:54:27.0015 2660 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/07/23 20:54:27.0140 2660 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/23 20:54:27.0265 2660 Modem (60210deb037846afe521ebf349964f6b) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/23 20:54:27.0390 2660 Mouclass (b160ec94114715675509115986400fd9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/23 20:54:27.0593 2660 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/23 20:54:27.0718 2660 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/23 20:54:27.0953 2660 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/23 20:54:28.0093 2660 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/23 20:54:28.0265 2660 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/23 20:54:28.0406 2660 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/23 20:54:28.0531 2660 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/23 20:54:28.0656 2660 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/23 20:54:28.0781 2660 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/23 20:54:28.0890 2660 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/23 20:54:29.0015 2660 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/23 20:54:29.0140 2660 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/23 20:54:29.0281 2660 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/23 20:54:29.0406 2660 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/23 20:54:29.0531 2660 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/23 20:54:29.0656 2660 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/23 20:54:29.0781 2660 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/23 20:54:29.0906 2660 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/23 20:54:30.0046 2660 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/23 20:54:30.0156 2660 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/23 20:54:30.0328 2660 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/23 20:54:30.0531 2660 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/07/23 20:54:30.0687 2660 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/07/23 20:54:30.0828 2660 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011/07/23 20:54:30.0968 2660 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011/07/23 20:54:31.0109 2660 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/23 20:54:31.0250 2660 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/23 20:54:31.0421 2660 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/23 20:54:31.0578 2660 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/23 20:54:31.0703 2660 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/23 20:54:31.0843 2660 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/23 20:54:31.0984 2660 Parport (76a18caa2fefb28a4ced38d76837e86e) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/23 20:54:32.0109 2660 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/23 20:54:32.0203 2660 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/23 20:54:32.0343 2660 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/07/23 20:54:32.0484 2660 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/23 20:54:32.0718 2660 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/23 20:54:32.0875 2660 Pcmcia (90505755634407d4ef4c6dea60fc1df9) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/23 20:54:33.0562 2660 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/07/23 20:54:33.0968 2660 pfc (ed2e7f396b4098608c95bc3806bdf6fc) C:\WINDOWS\system32\drivers\pfc.sys
2011/07/23 20:54:34.0125 2660 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/23 20:54:34.0281 2660 Processor (9a10e4fd13824823da50d4758bd0a645) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/07/23 20:54:34.0437 2660 PRODIGY (65937a34c9a5741e3030a86905400d91) C:\WINDOWS\system32\Drivers\PRODIGY.SYS
2011/07/23 20:54:34.0578 2660 prodrv06 (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
2011/07/23 20:54:34.0703 2660 prohlp02 (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
2011/07/23 20:54:34.0843 2660 prosync1 (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
2011/07/23 20:54:34.0984 2660 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/23 20:54:35.0109 2660 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/23 20:54:35.0625 2660 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/23 20:54:35.0765 2660 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/23 20:54:35.0906 2660 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/23 20:54:36.0015 2660 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/23 20:54:36.0156 2660 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/23 20:54:36.0250 2660 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/23 20:54:36.0406 2660 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/23 20:54:36.0531 2660 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/23 20:54:36.0671 2660 redbook (aba13d33e1f888c9a68599a48a8840d6) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/23 20:54:36.0812 2660 RFCOMM (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/07/23 20:54:36.0937 2660 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/07/23 20:54:37.0093 2660 RT61 (da84c3ed2f31b1d5d68f775eba4ecb59) C:\WINDOWS\system32\DRIVERS\RT61.sys
2011/07/23 20:54:37.0218 2660 RTL8023xp (4a0ae7891fcf74acc848b109294cb80f) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2011/07/23 20:54:37.0343 2660 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/23 20:54:37.0484 2660 SANDRA (a4d65b2568f09ed2597bdb1f145153d7) C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\Sandra.sys
2011/07/23 20:54:37.0687 2660 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/23 20:54:37.0843 2660 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/23 20:54:37.0953 2660 Serial (c1ddbc85251551a840212999da3d95f3) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/23 20:54:38.0109 2660 sfdrv01 (00de597b81b381053cb5b21a7f20e365) C:\WINDOWS\system32\drivers\sfdrv01.sys
2011/07/23 20:54:38.0250 2660 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
2011/07/23 20:54:38.0375 2660 sfhlp02 (64b9ab76f1b16eb059cb6cdd906c067a) C:\WINDOWS\system32\drivers\sfhlp02.sys
2011/07/23 20:54:38.0500 2660 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/23 20:54:38.0625 2660 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\WINDOWS\system32\drivers\sfsync02.sys
2011/07/23 20:54:38.0843 2660 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/23 20:54:39.0156 2660 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/23 20:54:39.0312 2660 sp_rsdrv2 (ccd6e6c387e3efa3ba5fe0e7883821c1) C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011/07/23 20:54:39.0468 2660 SQTECH930B (e0a28d9a361a3edeef1fdb332b597e80) C:\WINDOWS\system32\Drivers\Capt930b.sys
2011/07/23 20:54:39.0593 2660 sr (a74035ea526db97d9d50d2143a55f5cf) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/23 20:54:39.0781 2660 Srv (7a0111577d8046633d5162a3ce15e9e1) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/23 20:54:39.0968 2660 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/23 20:54:40.0093 2660 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/23 20:54:40.0234 2660 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/23 20:54:40.0687 2660 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/23 20:54:40.0828 2660 Tcpip (90caff4b094573449a0872a0f919b178) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/23 20:54:41.0000 2660 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/23 20:54:41.0140 2660 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/23 20:54:41.0265 2660 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/23 20:54:41.0546 2660 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/23 20:54:41.0765 2660 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/07/23 20:54:41.0906 2660 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/23 20:54:42.0046 2660 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/07/23 20:54:42.0187 2660 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/23 20:54:42.0296 2660 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/23 20:54:42.0437 2660 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/23 20:54:42.0578 2660 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/07/23 20:54:42.0718 2660 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/23 20:54:42.0843 2660 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/23 20:54:42.0984 2660 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys
2011/07/23 20:54:43.0093 2660 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/07/23 20:54:43.0218 2660 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/23 20:54:43.0343 2660 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/23 20:54:43.0500 2660 VComm (51750b0539986186c6931fc40d171521) C:\WINDOWS\system32\DRIVERS\VComm.sys
2011/07/23 20:54:43.0640 2660 VcommMgr (6d9c891c0a761afed1f3609c2e56f2b9) C:\WINDOWS\system32\Drivers\VcommMgr.sys
2011/07/23 20:54:43.0781 2660 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/07/23 20:54:43.0906 2660 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/23 20:54:44.0031 2660 viamraid (0363e216e4eb5052969c96608934dbde) C:\WINDOWS\system32\DRIVERS\viamraid.sys
2011/07/23 20:54:44.0156 2660 VolSnap (cd8cce067f7e9cbd762c00bdddecaa34) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/23 20:54:44.0312 2660 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/23 20:54:44.0437 2660 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/07/23 20:54:44.0703 2660 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/23 20:54:44.0906 2660 WF23880 (6379da183b5a6c8a435aab6e9c61839f) C:\WINDOWS\system32\drivers\wf88vcap.sys
2011/07/23 20:54:45.0046 2660 WF88XBAR (765f72f8f8ce24e88f90694f34acbefb) C:\WINDOWS\system32\drivers\WF88XBAR.sys
2011/07/23 20:54:45.0156 2660 WFIOCTL (98e8be5afef76b3900e35b1c5dbfb0fd) C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS
2011/07/23 20:54:45.0296 2660 WFTUNE (480109853d84cd9efaf059a2a923c290) C:\WINDOWS\system32\drivers\WF88TUNE.sys
2011/07/23 20:54:45.0437 2660 winachsf (1225ebea76aac3c84df6c54fe5e5d8be) C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
2011/07/23 20:54:45.0734 2660 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/23 20:54:45.0906 2660 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/07/23 20:54:46.0031 2660 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/07/23 20:54:46.0187 2660 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/23 20:54:46.0328 2660 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/23 20:54:46.0562 2660 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/23 20:54:46.0718 2660 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
2011/07/23 20:54:46.0859 2660 Boot (0x1200) (ca0a845a2743c078f7e06e8d733fdd5e) \Device\Harddisk0\DR0\Partition0
2011/07/23 20:54:46.0875 2660 ================================================================================
2011/07/23 20:54:46.0875 2660 Scan finished
2011/07/23 20:54:46.0875 2660 ================================================================================
2011/07/23 20:54:46.0906 2044 Detected object count: 1
2011/07/23 20:54:46.0906 2044 Actual detected object count: 1
2011/07/23 20:55:02.0328 2044 ForgedFile.Multi.Generic(Imapi) - User select action: Skip

#9 Příspěvek od **Rudy** » 24 črc 2011 20:02

Máte navíc i TDSSrootkit. Zkuste spustit ComboFix v nouz. režimu:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Pokud by byl nějaký problém přejmenujte soubor třeba na cokoli.com .

Havi · #10 Příspěvek od **Havi** » 25 črc 2011 21:34

Přikládám I. část logu z Comba

ComboFix 11-07-25.02 - Administrator 24.07.2011 22:04:08.2.1 - x86 MINIMAL
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB49014$\3563923820
c:\windows\$NtUninstallKB49014$ . . . . nemohl být smazán
.
---- Předchozí spuštění -------
.
c:\windows\$NtUninstallKB49014$\2169029057\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
c:\windows\$NtUninstallKB49014$\2169029057\L\anuxuswu
c:\windows\btc_client_iplist.txt
c:\windows\daemon.dll
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\IsUn0405.exe
c:\windows\IsUn0407.exe
c:\windows\l1rezerv.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\repair.ini
c:\windows\rpcminer.rar
c:\windows\ST6UNST.000
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\system32\winlogon.bak
c:\windows\systemup.exe
c:\windows\TEMP\9354271.exe
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\update.tray-2-0\svchost.exe
c:\windows\update.tray-3-0\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRVIECHECK
-------\Legacy_SRVSYSDRIVER32
-------\Legacy_WXPDRIVERS
-------\Service_srviecheck
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
-------\Legacy_srvbtcclient
-------\Legacy_srvbtcclient
-------\Service_srvbtcclient
-------\Service_srvbtcclient
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-24 do 2011-07-24 )))))))))))))))))))))))))))))))
.
.
2011-08-23 09:16 . 2011-08-23 09:16 -------- d-----w- C:\rsit
2011-08-22 07:30 . 2011-08-22 07:30 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-20 12:56 . 2011-08-20 12:56 -------- d-----w- c:\windows\rpcminer
2011-08-20 12:56 . 2011-08-20 12:56 -------- d-----w- c:\windows\phoenix
2011-08-20 09:54 . 2011-08-20 09:54 -------- d-----w- c:\program files\AMD APP
2011-08-20 09:01 . 2011-08-20 12:56 -------- d-----w- c:\windows\ufa
2011-08-20 06:15 . 2011-08-20 12:56 246272 ----a-w- c:\windows\unrar.exe
2011-08-19 13:43 . 2011-08-19 13:43 -------- d-----w- c:\windows\av_ico
2011-08-19 13:40 . 2011-08-19 13:40 -------- d--h--w- c:\windows\update.tray-3-0-lnk
2011-08-19 13:40 . 2011-08-19 13:40 -------- d--h--w- c:\windows\update.tray-2-0-lnk
2011-08-19 13:40 . 2011-07-24 19:54 -------- d--h--w- c:\windows\update.tray-3-0
2011-08-19 13:40 . 2011-07-24 19:53 -------- d--h--w- c:\windows\update.tray-2-0
2011-08-19 13:29 . 2011-08-19 13:29 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-08-03 10:47 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-08-03 10:47 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-08-03 10:47 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-08-03 10:06 . 2011-08-03 10:06 -------- d-----w- c:\program files\MSECache
2011-07-24 19:28 . 2011-07-24 19:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\ABBYY
2011-07-23 17:59 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-23 17:59 . 2011-07-23 17:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-23 17:59 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2006-12-09 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SJelite3Launch"="c:\documents and settings\Roman\Data aplikací\Transcend\SJelite3\SJelite3Launch.exe" [2009-09-18 176128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-31 1817600]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-26 589824]
"HDInspector.exe"="c:\program files\Hard Drive Inspector\HDInspector.exe" [2008-04-14 1006344]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 77824]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-3-14 691984]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2008-9-4 118784]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2007-8-25 614400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\RpcAgentSrv.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Roman\\Dokumenty\\Stažené soubory\\P1876832.JPG-www.facebook.exe"= c:\\WINDOWS\\nvsvc32.exe
"c:\\Program Files\\Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Roman\\Dokumenty\\Stažené soubory\\facebook-pic000934519.exe"= c:\\windows\\nvsvc32.exe
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"c:\\Program Files\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\WINDOWS\\update.tray-2-0-lnk\\svchost.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [9. 12. 2006 16:18 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [9. 12. 2006 16:18 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21. 12. 2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21. 12. 2010 13:47 94872]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26. 4. 2007 10:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26. 4. 2007 10:21 72624]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [8. 8. 2007 20:01 141312]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [5. 3. 2010 21:38 246520]
R2 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe [9. 6. 2008 20:34 98488]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [26. 4. 2007 10:21 1234480]
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;c:\windows\system32\drivers\wf88vcap.sys [29. 3. 2008 10:35 209171]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;c:\windows\system32\drivers\WF88XBAR.sys [29. 3. 2008 10:36 9284]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;c:\windows\system32\drivers\wf88tune.sys [29. 3. 2008 10:36 36261]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8. 1. 2011 17:24 136176]
S3 FileObjInfo;STFileDriver;c:\documents and settings\All Users\Data aplikací\Spyware Terminator\fileobjinfo.sys [6. 1. 2007 12:36 5632]
S3 gtermddo;gtermddo;\??\c:\docume~1\VTEK~1\LOCALS~1\Temp\gtermddo.sys --> c:\docume~1\VTEK~1\LOCALS~1\Temp\gtermddo.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8. 1. 2011 17:24 136176]
S3 huadio;huadio;c:\windows\system32\huadio.tmp [11. 6. 2008 17:44 5318]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [14. 8. 2010 11:58 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [14. 8. 2010 11:58 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [14. 8. 2010 13:25 32377]
S3 SQTECH930B;Trust WB-3500T USB2 Webcam;c:\windows\system32\drivers\Capt930b.sys [25. 12. 2006 14:25 273982]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [29. 3. 2008 10:41 9510]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{35950d83-a78c-11df-851c-001583c93a03}]
\Shell\AutoRun\command - H:\Install_Nokia_Ovi_Suite.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 15:24]
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 15:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.bearshare.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: DhcpNameServer = 192.168.1.1
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\wr1yq0fa.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.6&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: ÄŚeskĂ© slovnĂky pro kontrolu pravopisu: cs@dictionaries.addons.mozilla.org - %profile%\extensions\cs@dictionaries.addons.mozilla.org
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: Ovi maps browser plugin: maps@ovi.com - %profile%\extensions\maps@ovi.com
FF - Ext: Facicons: {DDABDBA1-2377-4A30-A027-25697B99E254} - %profile%\extensions\{DDABDBA1-2377-4A30-A027-25697B99E254}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: AddonFox: {ad48108d-92a6-4eb9-87e4-978aca1dbae4} - %profile%\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - (no file)
HKLM-Run-pdfSaver3 - (no file)
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico0 - c:\windows\update.tray-3-0\svchost.exe
HKLM-Run-tray_ico1 - c:\windows\update.tray-2-0\svchost.exe
HKLM-Run-tray_ico2 - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
HKLM-Run-sysdriver32_.exe - c:\windows\sysdriver32_.exe
HKLM-Run-l1rezerv.exe - c:\windows\l1rezerv.exe
HKLM-Run-sysdriver32.exe - c:\windows\sysdriver32.exe
Notify-WgaLogon - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Condemned: Criminal Origins CZ - d:\games\Condemned - Criminal Origins\Uninstall Condemned_cz.exe
AddRemove-Easy-WebPrint - c:\windows\IsUn0405.exe
AddRemove-Moorhuhnjagd - c:\windows\IsUn0407.exe
AddRemove-Nokia PC Suite - c:\documents and settings\All Users\Data aplikací\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_EA.exe
AddRemove-Soldier of Fortune Platinum - d:\games\SOF PLATINUM\sofplat.isu
AddRemove-Steam App 211 - d:\games\Steam\steam.exe
AddRemove-Steam App 215 - d:\games\Steam\steam.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-24 22:18
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\huadio]
"ImagePath"="\??\c:\windows\system32\huadio.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 10]
"GameDir"=""
"ShortlistDir"=""
"ScreenshotsDir"=""
"SaveDir"=""
"HistoryDir"="d:\\Games\\Football Manager 2010\\Podpůrné programy\\FM Genie Scout 10\\History Points"
"LangDB"="d:\\Games\\Football Manager 2010\\data\\updates\\update-1030\\db\\1030\\lang_db.dat"
"LastSaveGame"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2010\\games\\Vitek.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:00009d92
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000074
"UniqueID"="B6-FCD5-04A1"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008]
"GameDir"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008"
"SaveDir"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008\\"
"HistoryDir"="c:\\Documents and Settings\\Roman\\Plocha\\fm_genie_scout_2008\\FM Genie Scout 2008\\History Points"
"LangDB"="d:\\Games\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat"
"LastSaveGame"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008\\games\\Vitek.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinID"=dword:00000001
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"WindowState"=dword:00000002
"Currency"=dword:00000056
"WindowHeight"=dword:000002ea
"WindowWidth"=dword:00000408
"WindowLeft"=dword:fffffffc
"WindowTop"=dword:fffffffc
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000037
"Position4"=dword:00000008
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000009
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:0000000a
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:0000000c
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:0000000d
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:0000000e
"Visible9"=dword:00000001
"Width9"=dword:00000050
"Position10"=dword:0000000f
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000010
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000011
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000012
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000013
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000014
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:00000015
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000016
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:00000017
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:00000018
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:00000019
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000001a
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:0000001b
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:0000001c
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:0000001d
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:0000001e
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:0000001f
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000020
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000021
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000022
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000023
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000024
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:00000025
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:00000026
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:00000027
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:00000028
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:00000029
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:0000002a
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:0000002b
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:0000002c
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:0000002d
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:0000002e
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:0000002f
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:00000030
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:00000031
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000032
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000033
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000034
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:00000035
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:00000036
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:00000037
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:00000038
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:00000039
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000003a
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:0000003b
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:0000003c
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:0000003d
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:0000003e
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:0000003f
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000040
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000041
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000042
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:00000043
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:00000044
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:00000045
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:00000046
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:00000047
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:00000048
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:00000049
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:0000004a
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:0000004b
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:0000004c
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:0000004d
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:0000004e
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:0000004f
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000050
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000051
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000052
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:00000053
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:00000054
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:00000055
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:00000056
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:00000057
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:00000058
"Visible83"=dword:00000001
"Width83"=dword:00000039
"Position84"=dword:00000059
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:0000005a
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:0000005b
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:0000005c
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:0000005d
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:0000005e
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:0000005f
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000060
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000061
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000062
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:00000063
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:00000064
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:00000065
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:00000066
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:00000067
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:00000068
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:00000069
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:0000006a
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:0000006b
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:0000006c
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:0000006d
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:0000006e
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:0000006f
"Visible106"=dword:00000001
"Width106"=dword:00000050
"Position107"=dword:0000000b
"Visible107"=dword:00000001
"Width107"=dword:0000002f
"Position108"=dword:00000070
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:00000071
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:00000072
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:00000073
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:00000074
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:00000075
"Visible113"=dword:00000000
"Width113"=dword:0000000a
"Position114"=dword:00000076
"Visible114"=dword:00000000
"Width114"=dword:0000000a
"Position115"=dword:00000077
"Visible115"=dword:00000000
"Width115"=dword:00000072
"Position116"=dword:00000078
"Visible116"=dword:00000000
"Width116"=dword:0000000a
"Position117"=dword:00000079
"Visible117"=dword:00000000
"Width117"=dword:0000000a
"Position118"=dword:0000007a
"Visible118"=dword:00000000
"Width118"=dword:0000000a
"Position119"=dword:0000007b
"Visible119"=dword:00000000
"Width119"=dword:0000000a
"Position120"=dword:0000007c
"Visible120"=dword:00000000
"Width120"=dword:0000000a
"Position121"=dword:0000007d
"Visible121"=dword:00000000
"Width121"=dword:0000000a
"Position122"=dword:0000007e
"Visible122"=dword:00000000
"Width122"=dword:0000000a
"Position123"=dword:0000007f
"Visible123"=dword:00000000
"Width123"=dword:0000000a
"Position124"=dword:00000080
"Visible124"=dword:00000000
"Width124"=dword:0000000a
"Position125"=dword:00000081
"Visible125"=dword:00000000
"Width125"=dword:0000000a
"Position126"=dword:00000082
"Visible126"=dword:00000000
"Width126"=dword:0000000a
"Position127"=dword:00000083
"Visible127"=dword:00000000
"Width127"=dword:0000000a
"Position128"=dword:00000084
"Visible128"=dword:00000000
"Width128"=dword:0000000a
"Position129"=dword:00000085
"Visible129"=dword:00000000
"Width129"=dword:0000000a
"Position130"=dword:00000086
"Visible130"=dword:00000000
"Width130"=dword:0000000a
"Position131"=dword:00000087
"Visible131"=dword:00000000
"Width131"=dword:0000000a
"Position132"=dword:00000088
"Visible132"=dword:00000000
"Width132"=dword:0000000a
"Position133"=dword:00000089
"Visible133"=dword:00000000
"Width133"=dword:0000000a
"Position134"=dword:0000008a
"Visible134"=dword:00000000
"Width134"=dword:0000000a
"Position135"=dword:0000008b
"Visible135"=dword:00000000
"Width135"=dword:0000000a
"Position136"=dword:0000008c
"Visible136"=dword:00000000
"Width136"=dword:0000000a
"Position137"=dword:0000008d
"Visible137"=dword:00000000
"Width137"=dword:0000000a
"Position138"=dword:0000008e
"Visible138"=dword:00000000
"Width138"=dword:0000000a
"Position139"=dword:0000008f
"Visible139"=dword:00000000
"Width139"=dword:0000000a
"Position140"=dword:00000090
"Visible140"=dword:00000000
"Width140"=dword:0000000a
"Position141"=dword:00000091
"Visible141"=dword:00000000
"Width141"=dword:0000000a
"Position142"=dword:00000092
"Visible142"=dword:00000000
"Width142"=dword:0000000a
"Position143"=dword:00000093
"Visible143"=dword:00000000
"Width143"=dword:0000000a
"Position144"=dword:00000094
"Visible144"=dword:00000000
"Width144"=dword:0000000a
"Position145"=dword:00000095
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000004
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:00000005
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000006
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000007
"Visible149"=dword:00000001
"Width149"=dword:00000028
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050

Havi · #11 Příspěvek od **Havi** » 25 črc 2011 21:36

.... a ještě II. část logu z Comba
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]
"GKWeightCoef"=dword:00000064
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:0000000a
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000a
"SWLeftFootCoef"=dword:00000005
"SWRightFootCoef"=dword:00000005
"SWAggressionCoef"=dword:00000014
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:0000003c
"SWConsistencyCoef"=dword:0000000a
"SWCreativityCoef"=dword:0000000a
"SWDecisionsCoef"=dword:00000014
"SWDeterminationCoef"=dword:0000000a
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000000
"SWImportantMatchesCoef"=dword:0000000a
"SWInfluenceCoef"=dword:0000000a
"SWOffTheBallCoef"=dword:0000000a
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:00000014
"SWAccelerationCoef"=dword:0000001e
"SWAgilityCoef"=dword:0000000a
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffffb
"SWJumpingCoef"=dword:00000064
"SWNaturalFitnessCoef"=dword:00000005
"SWPaceCoef"=dword:00000014
"SWStaminaCoef"=dword:0000000a
"SWStrengthCoef"=dword:00000050
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:00000005
"SWAmbitionCoef"=dword:0000000a
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:00000005
"SWPressureCoef"=dword:00000005
"SWProfessionalismCoef"=dword:00000005
"SWSportsmanshipCoef"=dword:00000005
"SWTemperamentCoef"=dword:00000005
"CBWeightCoef"=dword:00000064
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000000
"CBCrossingCoef"=dword:00000000
"CBDribblingCoef"=dword:00000000
"CBFinishingCoef"=dword:00000000
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:0000000a
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:0000000a
"CBLongThrowsCoef"=dword:00000000
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:00000014
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000a
"CBLeftFootCoef"=dword:00000005
"CBRightFootCoef"=dword:00000005
"CBAggressionCoef"=dword:00000014
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:00000014
"CBConcentrationCoef"=dword:00000028
"CBConsistencyCoef"=dword:0000000a
"CBCreativityCoef"=dword:0000000a
"CBDecisionsCoef"=dword:00000014
"CBDeterminationCoef"=dword:0000000a
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000000
"CBImportantMatchesCoef"=dword:0000000a
"CBInfluenceCoef"=dword:0000000a
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:00000014
"CBAccelerationCoef"=dword:00000028
"CBAgilityCoef"=dword:0000000a
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffffb
"CBJumpingCoef"=dword:00000064
"CBNaturalFitnessCoef"=dword:00000005
"CBPaceCoef"=dword:0000001e
"CBStaminaCoef"=dword:0000000a
"CBStrengthCoef"=dword:0000003c
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:00000005
"CBAmbitionCoef"=dword:0000000a
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:00000005
"CBPressureCoef"=dword:00000005
"CBProfessionalismCoef"=dword:00000005
"CBSportsmanshipCoef"=dword:00000005
"CBTemperamentCoef"=dword:00000005
"FBWeightCoef"=dword:00000069
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:0000000a
"FBCrossingCoef"=dword:0000001e
"FBDribblingCoef"=dword:00000014
"FBFinishingCoef"=dword:00000000
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:0000000a
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:0000003c
"FBPassingCoef"=dword:0000001e
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:00000014
"FBLeftFootCoef"=dword:00000005
"FBRightFootCoef"=dword:00000005
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:00000050
"FBBraveryCoef"=dword:00000014
"FBComposureCoef"=dword:0000000a
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:0000000a
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000014
"FBDeterminationCoef"=dword:0000000a
"FBDirtinessCoef"=dword:fffffff6
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:0000000a
"FBInfluenceCoef"=dword:0000000a
"FBOffTheBallCoef"=dword:00000014
"FBPositioningCoef"=dword:00000064
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:0000003c
"FBAgilityCoef"=dword:0000000a
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffffb
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:00000005
"FBPaceCoef"=dword:00000050
"FBStaminaCoef"=dword:0000003c
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:00000005
"FBAmbitionCoef"=dword:0000000a
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:00000005
"FBPressureCoef"=dword:00000005
"FBProfessionalismCoef"=dword:00000005
"FBSportsmanshipCoef"=dword:00000005
"FBTemperamentCoef"=dword:00000005
"WBWeightCoef"=dword:0000006c
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:0000000a
"WBCrossingCoef"=dword:0000003c
"WBDribblingCoef"=dword:00000028
"WBFinishingCoef"=dword:0000000a
"WBFirstTouchCoef"=dword:00000014
"WBFreeKicksCoef"=dword:0000000a
"WBHeadingCoef"=dword:00000028
"WBLongShotsCoef"=dword:00000014
"WBLongThrowsCoef"=dword:0000000a
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000064
"WBTechniqueCoef"=dword:00000028
"WBLeftFootCoef"=dword:00000005
"WBRightFootCoef"=dword:00000005
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000050
"WBBraveryCoef"=dword:0000000a
"WBComposureCoef"=dword:0000000a
"WBConcentrationCoef"=dword:00000014
"WBConsistencyCoef"=dword:0000000a
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:0000000a
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:0000000a
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:00000064
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:00000028
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:0000000a
"WBBalanceCoef"=dword:00000014
"WBInjuryPronenessCoef"=dword:fffffffb
"WBJumpingCoef"=dword:00000014
"WBNaturalFitnessCoef"=dword:00000005
"WBPaceCoef"=dword:00000064
"WBStaminaCoef"=dword:00000050
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:00000005
"WBAmbitionCoef"=dword:0000000a
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:00000005
"WBPressureCoef"=dword:00000005
"WBProfessionalismCoef"=dword:00000005
"WBSportsmanshipCoef"=dword:00000005
"WBTemperamentCoef"=dword:00000005
"DMWeightCoef"=dword:00000067
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:0000000a
"DMCrossingCoef"=dword:0000001e
"DMDribblingCoef"=dword:00000014
"DMFinishingCoef"=dword:0000000a
"DMFirstTouchCoef"=dword:0000001e
"DMFreeKicksCoef"=dword:0000000a
"DMHeadingCoef"=dword:00000028
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:00000005
"DMMarkingCoef"=dword:0000003c
"DMPassingCoef"=dword:00000028
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000064
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:00000005
"DMRightFootCoef"=dword:00000005
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:00000014
"DMComposureCoef"=dword:0000000a
"DMConcentrationCoef"=dword:00000014
"DMConsistencyCoef"=dword:0000000a
"DMCreativityCoef"=dword:00000014
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:0000000a
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000a
"DMImportantMatchesCoef"=dword:0000000a
"DMInfluenceCoef"=dword:0000000a
"DMOffTheBallCoef"=dword:0000001e
"DMPositioningCoef"=dword:00000050
"DMTeamworkCoef"=dword:00000028
"DMWorkRateCoef"=dword:00000050
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:0000000a
"DMBalanceCoef"=dword:0000000a
"DMInjuryPronenessCoef"=dword:fffffffb
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:00000005
"DMPaceCoef"=dword:00000028
"DMStaminaCoef"=dword:0000003c
"DMStrengthCoef"=dword:00000028
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:00000005
"DMAmbitionCoef"=dword:0000000a
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:00000005
"DMPressureCoef"=dword:00000005
"DMProfessionalismCoef"=dword:00000005
"DMSportsmanshipCoef"=dword:00000005
"DMTemperamentCoef"=dword:00000005
"MWeightCoef"=dword:00000068
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:0000000a
"MCrossingCoef"=dword:00000028
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000014
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:0000000a
"MHeadingCoef"=dword:0000001e
"MLongShotsCoef"=dword:00000014
"MLongThrowsCoef"=dword:00000005
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:00000046
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:0000003c
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:00000005
"MRightFootCoef"=dword:00000005
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:0000000a
"MConcentrationCoef"=dword:0000000a
"MConsistencyCoef"=dword:0000000a
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:0000001e
"MDeterminationCoef"=dword:0000000a
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:0000000a
"MImportantMatchesCoef"=dword:0000000a
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:00000028
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000032
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:00000032
"MAgilityCoef"=dword:0000000a
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffffb
"MJumpingCoef"=dword:00000028
"MNaturalFitnessCoef"=dword:00000005
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:0000001e
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:00000005
"MAmbitionCoef"=dword:0000000a
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:00000005
"MPressureCoef"=dword:00000005
"MProfessionalismCoef"=dword:00000005
"MSportsmanshipCoef"=dword:00000005
"MTemperamentCoef"=dword:00000005
"AMWeightCoef"=dword:00000068
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:0000000a
"AMCrossingCoef"=dword:0000003c
"AMDribblingCoef"=dword:00000050
"AMFinishingCoef"=dword:00000028
"AMFirstTouchCoef"=dword:0000001e
"AMFreeKicksCoef"=dword:0000000a
"AMHeadingCoef"=dword:00000014
"AMLongShotsCoef"=dword:00000014
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000a
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:00000005
"AMRightFootCoef"=dword:00000005
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:0000001e
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:0000000a
"AMConcentrationCoef"=dword:0000000a
"AMConsistencyCoef"=dword:0000000a
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000028
"AMDeterminationCoef"=dword:0000000a
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:00000014
"AMImportantMatchesCoef"=dword:0000000a
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:0000003c
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:0000003c
"AMWorkRateCoef"=dword:00000014
"AMAccelerationCoef"=dword:0000003c
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffffb
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:00000005
"AMPaceCoef"=dword:0000003c
"AMStaminaCoef"=dword:0000003c
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:00000005
"AMAmbitionCoef"=dword:0000000a
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:00000005
"AMPressureCoef"=dword:00000005
"AMProfessionalismCoef"=dword:00000005
"AMSportsmanshipCoef"=dword:00000005
"AMTemperamentCoef"=dword:00000005
"WWeightCoef"=dword:00000069
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:0000000a
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:0000000a
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000014
"WLongThrowsCoef"=dword:00000005
"WMarkingCoef"=dword:0000000a
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:0000000a
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:00000005
"WRightFootCoef"=dword:00000005
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000014
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:0000000a
"WConcentrationCoef"=dword:0000000a
"WConsistencyCoef"=dword:0000000a
"WCreativityCoef"=dword:0000003c
"WDecisionsCoef"=dword:00000014
"WDeterminationCoef"=dword:0000000a
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000000a
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:0000000a
"WOffTheBallCoef"=dword:0000003c
"WPositioningCoef"=dword:00000014
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffffb
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:00000005
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:0000003c
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:00000005
"WAmbitionCoef"=dword:0000000a
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:00000005
"WPressureCoef"=dword:00000005
"WProfessionalismCoef"=dword:00000005
"WSportsmanshipCoef"=dword:00000005
"WTemperamentCoef"=dword:00000005
"FSTWeightCoef"=dword:00000067
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:0000000a
"FSTCrossingCoef"=dword:0000000a
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:0000000a
"FSTHeadingCoef"=dword:00000028
"FSTLongShotsCoef"=dword:00000014
"FSTLongThrowsCoef"=dword:00000000
"FSTMarkingCoef"=dword:00000000
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:00000000
"FSTTechniqueCoef"=dword:00000050
"FSTLeftFootCoef"=dword:00000005
"FSTRightFootCoef"=dword:00000005
"FSTAggressionCoef"=dword:0000000a
"FSTAnticipationCoef"=dword:0000000a
"FSTBraveryCoef"=dword:0000000a
"FSTComposureCoef"=dword:0000000a
"FSTConcentrationCoef"=dword:0000000a
"FSTConsistencyCoef"=dword:0000000a
"FSTCreativityCoef"=dword:00000028
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:0000000a
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:0000000a
"FSTImportantMatchesCoef"=dword:0000000a
"FSTInfluenceCoef"=dword:0000000a
"FSTOffTheBallCoef"=dword:00000050
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:00000028
"FSTBalanceCoef"=dword:0000000a
"FSTInjuryPronenessCoef"=dword:fffffffb
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:00000005
"FSTPaceCoef"=dword:00000064
"FSTStaminaCoef"=dword:00000028
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:00000005
"FSTAmbitionCoef"=dword:0000000a
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:00000005
"FSTPressureCoef"=dword:00000005
"FSTProfessionalismCoef"=dword:00000005
"FSTSportsmanshipCoef"=dword:00000005
"FSTTemperamentCoef"=dword:00000005
"TSTWeightCoef"=dword:00000067
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000000
"TSTCrossingCoef"=dword:0000000a
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:00000050
"TSTFirstTouchCoef"=dword:0000001e
"TSTFreeKicksCoef"=dword:0000000a
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:00000014
"TSTLongThrowsCoef"=dword:00000000
"TSTMarkingCoef"=dword:00000000
"TSTPassingCoef"=dword:00000028
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:00000000
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:00000005
"TSTRightFootCoef"=dword:00000005
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:0000000a
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:0000000a
"TSTConcentrationCoef"=dword:0000000a
"TSTConsistencyCoef"=dword:0000000a
"TSTCreativityCoef"=dword:00000014
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:0000000a
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:0000000a
"TSTImportantMatchesCoef"=dword:0000000a
"TSTInfluenceCoef"=dword:0000000a
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:00000014
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffffb
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:00000005
"TSTPaceCoef"=dword:00000028
"TSTStaminaCoef"=dword:00000014
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:00000005
"TSTAmbitionCoef"=dword:0000000a
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:00000005
"TSTPressureCoef"=dword:00000005
"TSTProfessionalismCoef"=dword:00000005
"TSTSportsmanshipCoef"=dword:00000005
"TSTTemperamentCoef"=dword:00000005
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (S-1-5-21-790525478-1708537768-682003330-1003)
@Allowed: (Read) (S-1-5-21-790525478-1708537768-682003330-1003)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dd,02,d4,8a,bd,28,69,7c,5c,a3,13,7e,be,69,bb,63,85,20,f1,55,5b,57,19,
52,0b,07,63,2c,0a,f7,88,2b,95,48,16,55,f4,3e,44,a4,b6,99,6e,47,88,63,73,e4,\
"??"=hex:1b,98,93,39,b0,82,1b,18,fa,37,83,82,0c,4d,a1,4e
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:73,d2,92,29,89,c6,bc,e8,3a,ea,d3,96,4c,01,d4,6e,81,e2,be,24,ce,
f8,d8,ea,89,55,16,31,c4,2c,4f,97,24,ff,3e,42,da,b9,d9,62,87,10,ec,59,6e,5b,\
"rkeysecu"=hex:6e,9d,dd,6b,c7,cd,d8,10,4d,13,bd,7f,ea,c3,5c,d3
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(4052)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\HDDSvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Common Files\Protexis\License Service\PSIService.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\UAService7.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\windows\SOUNDMAN.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-07-24 22:25:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-24 20:25
.
Před spuštěním: 6 587 571 200
Po spuštění: 6 535 742 976
.
- - End Of File - - 2B3567041EC58E9B086B508BACAF95C6

#12 Příspěvek od **Rudy** » 25 črc 2011 21:54

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\unrar.exe
c:\docume~1\VTEK~1\LOCALS~1\Temp\gtermddo.sys
c:\windows\system32\huadio.tmp

Folder::
c:\windows\ufa
c:\windows\av_ico
c:\windows\update.tray-3-0-lnk
c:\windows\update.tray-2-0-lnk
c:\windows\update.tray-3-0
c:\windows\update.tray-2-0

Driver::
gtermddo
huadio

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Havi · #13 Příspěvek od **Havi** » 26 črc 2011 20:35

Tak posílám nový log z Comba

Část I

ComboFix 11-07-25.02 - Roman . 07. 2011 21:06:51.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1279.877 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
FW: Sunbelt Personal Firewall *Enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
file zipped: c:\windows\system32\huadio.tmp
file zipped: c:\windows\unrar.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Roman\Data aplikací\64dlls.exe
c:\documents and settings\Roman\Data aplikací\intel64.exe
c:\documents and settings\Roman\Data aplikací\Kernel32.exe
c:\documents and settings\Roman\Data aplikací\localsys64.exe
c:\documents and settings\Roman\Data aplikací\ntos.exe
c:\documents and settings\Roman\Data aplikací\oembios.exe
c:\documents and settings\Roman\Data aplikací\sdra64.exe
c:\documents and settings\Roman\Data aplikací\sdra73.exe
c:\documents and settings\Roman\Data aplikací\swin32.exe
c:\documents and settings\Roman\Data aplikací\twex.exe
c:\documents and settings\Roman\Data aplikací\twext.exe
c:\documents and settings\Roman\Data aplikací\wsnpoema.exe
c:\documents and settings\Roman\WINDOWS
c:\windows\av_ico
c:\windows\av_ico\ico_NOD_AV_START.ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\system32\huadio.tmp
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-2-0-lnk
c:\windows\update.tray-2-0-lnk\svchost.exe
c:\windows\update.tray-2-0
c:\windows\update.tray-3-0-lnk
c:\windows\update.tray-3-0-lnk\svchost.exe
c:\windows\update.tray-3-0
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GTERMDDO
-------\Legacy_HUADIO
-------\Service_gtermddo
-------\Service_huadio
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-08-23 09:16 . 2011-08-23 09:16 -------- d-----w- C:\rsit
2011-08-22 07:30 . 2011-08-22 07:30 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-20 12:56 . 2011-08-20 12:56 -------- d-----w- c:\windows\rpcminer
2011-08-20 12:56 . 2011-08-20 12:56 -------- d-----w- c:\windows\phoenix
2011-08-20 09:54 . 2011-08-20 09:54 -------- d-----w- c:\program files\AMD APP
2011-08-19 13:29 . 2011-08-19 13:29 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-08-03 10:47 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-08-03 10:47 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-08-03 10:47 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-08-03 10:06 . 2011-08-03 10:06 -------- d-----w- c:\program files\MSECache
2011-07-24 19:28 . 2011-07-24 19:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\ABBYY
2011-07-23 17:59 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-23 17:59 . 2011-07-23 17:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-23 17:59 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2006-12-09 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-07-24_20.20.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-26 19:23 . 2011-07-26 19:23 16384 c:\windows\temp\Perflib_Perfdata_71c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SJelite3Launch"="c:\documents and settings\Roman\Data aplikací\Transcend\SJelite3\SJelite3Launch.exe" [2009-09-18 176128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-31 1817600]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-26 589824]
"HDInspector.exe"="c:\program files\Hard Drive Inspector\HDInspector.exe" [2008-04-14 1006344]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 77824]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-3-14 691984]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2008-9-4 118784]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2007-8-25 614400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\RpcAgentSrv.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Roman\\Dokumenty\\Stažené soubory\\P1876832.JPG-www.facebook.exe"= c:\\WINDOWS\\nvsvc32.exe
"c:\\Program Files\\Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Roman\\Dokumenty\\Stažené soubory\\facebook-pic000934519.exe"= c:\\windows\\nvsvc32.exe
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"c:\\Program Files\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [9. 12. 2006 16:18 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [9. 12. 2006 16:18 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21. 12. 2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21. 12. 2010 13:47 94872]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26. 4. 2007 10:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26. 4. 2007 10:21 72624]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [8. 8. 2007 20:01 141312]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [5. 3. 2010 21:38 246520]
R2 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe [9. 6. 2008 20:34 98488]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [26. 4. 2007 10:21 1234480]
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;c:\windows\system32\drivers\wf88vcap.sys [29. 3. 2008 10:35 209171]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;c:\windows\system32\drivers\WF88XBAR.sys [29. 3. 2008 10:36 9284]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;c:\windows\system32\drivers\wf88tune.sys [29. 3. 2008 10:36 36261]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8. 1. 2011 17:24 136176]
S3 FileObjInfo;STFileDriver;c:\documents and settings\All Users\Data aplikací\Spyware Terminator\fileobjinfo.sys [6. 1. 2007 12:36 5632]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8. 1. 2011 17:24 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [14. 8. 2010 11:58 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [14. 8. 2010 11:58 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [14. 8. 2010 13:25 32377]
S3 SQTECH930B;Trust WB-3500T USB2 Webcam;c:\windows\system32\drivers\Capt930b.sys [25. 12. 2006 14:25 273982]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [29. 3. 2008 10:41 9510]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 15:24]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 15:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.bearshare.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: DhcpNameServer = 192.168.1.1
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\wr1yq0fa.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.6&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: ÄŚeskĂ© slovnĂky pro kontrolu pravopisu: cs@dictionaries.addons.mozilla.org - %profile%\extensions\cs@dictionaries.addons.mozilla.org
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: Ovi maps browser plugin: maps@ovi.com - %profile%\extensions\maps@ovi.com
FF - Ext: Facicons: {DDABDBA1-2377-4A30-A027-25697B99E254} - %profile%\extensions\{DDABDBA1-2377-4A30-A027-25697B99E254}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: AddonFox: {ad48108d-92a6-4eb9-87e4-978aca1dbae4} - %profile%\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 21:24
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 10]
"GameDir"=""
"ShortlistDir"=""
"ScreenshotsDir"=""
"SaveDir"=""
"HistoryDir"="d:\\Games\\Football Manager 2010\\Podpůrné programy\\FM Genie Scout 10\\History Points"
"LangDB"="d:\\Games\\Football Manager 2010\\data\\updates\\update-1030\\db\\1030\\lang_db.dat"
"LastSaveGame"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2010\\games\\Vitek.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:00009d92
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000074
"UniqueID"="B6-FCD5-04A1"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008]
"GameDir"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008"
"SaveDir"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008\\"
"HistoryDir"="c:\\Documents and Settings\\Roman\\Plocha\\fm_genie_scout_2008\\FM Genie Scout 2008\\History Points"
"LangDB"="d:\\Games\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat"
"LastSaveGame"="c:\\Documents and Settings\\Roman\\Dokumenty\\Sports Interactive\\Football Manager 2008\\games\\Vitek.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinID"=dword:00000001
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"WindowState"=dword:00000002
"Currency"=dword:00000056
"WindowHeight"=dword:000002ea
"WindowWidth"=dword:00000408
"WindowLeft"=dword:fffffffc
"WindowTop"=dword:fffffffc
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000037
"Position4"=dword:00000008
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000009
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:0000000a
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:0000000c
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:0000000d
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:0000000e
"Visible9"=dword:00000001
"Width9"=dword:00000050
"Position10"=dword:0000000f
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000010
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000011
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000012
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000013
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000014
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:00000015
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000016
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:00000017
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:00000018
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:00000019
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000001a
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:0000001b
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:0000001c
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:0000001d
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:0000001e
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:0000001f
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000020
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000021
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000022
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000023
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000024
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:00000025
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:00000026
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:00000027
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:00000028
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:00000029
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:0000002a
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:0000002b
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:0000002c
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:0000002d
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:0000002e
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:0000002f
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:00000030
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:00000031
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000032
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000033
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000034
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:00000035
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:00000036
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:00000037
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:00000038
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:00000039
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000003a
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:0000003b
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:0000003c
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:0000003d
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:0000003e
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:0000003f
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000040
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000041
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000042
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:00000043
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:00000044
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:00000045
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:00000046
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:00000047
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:00000048
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:00000049
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:0000004a
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:0000004b
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:0000004c
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:0000004d
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:0000004e
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:0000004f
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000050
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000051
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000052
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:00000053
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:00000054
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:00000055
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:00000056
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:00000057
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:00000058
"Visible83"=dword:00000001
"Width83"=dword:00000039
"Position84"=dword:00000059
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:0000005a
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:0000005b
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:0000005c
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:0000005d
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:0000005e
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:0000005f
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000060
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000061
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000062
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:00000063
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:00000064
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:00000065
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:00000066
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:00000067
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:00000068
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:00000069
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:0000006a
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:0000006b
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:0000006c
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:0000006d
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:0000006e
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:0000006f
"Visible106"=dword:00000001
"Width106"=dword:00000050
"Position107"=dword:0000000b
"Visible107"=dword:00000001
"Width107"=dword:0000002f
"Position108"=dword:00000070
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:00000071
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:00000072
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:00000073
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:00000074
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:00000075
"Visible113"=dword:00000000
"Width113"=dword:0000000a
"Position114"=dword:00000076
"Visible114"=dword:00000000
"Width114"=dword:0000000a
"Position115"=dword:00000077
"Visible115"=dword:00000000
"Width115"=dword:00000072
"Position116"=dword:00000078
"Visible116"=dword:00000000
"Width116"=dword:0000000a
"Position117"=dword:00000079
"Visible117"=dword:00000000
"Width117"=dword:0000000a
"Position118"=dword:0000007a
"Visible118"=dword:00000000
"Width118"=dword:0000000a
"Position119"=dword:0000007b
"Visible119"=dword:00000000
"Width119"=dword:0000000a
"Position120"=dword:0000007c
"Visible120"=dword:00000000
"Width120"=dword:0000000a
"Position121"=dword:0000007d
"Visible121"=dword:00000000
"Width121"=dword:0000000a
"Position122"=dword:0000007e
"Visible122"=dword:00000000
"Width122"=dword:0000000a
"Position123"=dword:0000007f
"Visible123"=dword:00000000
"Width123"=dword:0000000a
"Position124"=dword:00000080
"Visible124"=dword:00000000
"Width124"=dword:0000000a
"Position125"=dword:00000081
"Visible125"=dword:00000000
"Width125"=dword:0000000a
"Position126"=dword:00000082
"Visible126"=dword:00000000
"Width126"=dword:0000000a
"Position127"=dword:00000083
"Visible127"=dword:00000000
"Width127"=dword:0000000a
"Position128"=dword:00000084
"Visible128"=dword:00000000
"Width128"=dword:0000000a
"Position129"=dword:00000085
"Visible129"=dword:00000000
"Width129"=dword:0000000a
"Position130"=dword:00000086
"Visible130"=dword:00000000
"Width130"=dword:0000000a
"Position131"=dword:00000087
"Visible131"=dword:00000000
"Width131"=dword:0000000a
"Position132"=dword:00000088
"Visible132"=dword:00000000
"Width132"=dword:0000000a
"Position133"=dword:00000089
"Visible133"=dword:00000000
"Width133"=dword:0000000a
"Position134"=dword:0000008a
"Visible134"=dword:00000000
"Width134"=dword:0000000a
"Position135"=dword:0000008b
"Visible135"=dword:00000000
"Width135"=dword:0000000a
"Position136"=dword:0000008c
"Visible136"=dword:00000000
"Width136"=dword:0000000a
"Position137"=dword:0000008d
"Visible137"=dword:00000000
"Width137"=dword:0000000a
"Position138"=dword:0000008e
"Visible138"=dword:00000000
"Width138"=dword:0000000a
"Position139"=dword:0000008f
"Visible139"=dword:00000000
"Width139"=dword:0000000a
"Position140"=dword:00000090
"Visible140"=dword:00000000
"Width140"=dword:0000000a
"Position141"=dword:00000091
"Visible141"=dword:00000000
"Width141"=dword:0000000a
"Position142"=dword:00000092
"Visible142"=dword:00000000
"Width142"=dword:0000000a
"Position143"=dword:00000093
"Visible143"=dword:00000000
"Width143"=dword:0000000a
"Position144"=dword:00000094
"Visible144"=dword:00000000
"Width144"=dword:0000000a
"Position145"=dword:00000095
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000004
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:00000005
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000006
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000007
"Visible149"=dword:00000001
"Width149"=dword:00000028
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050

Havi · #14 Příspěvek od **Havi** » 26 črc 2011 20:36

Část II

[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]
"GKWeightCoef"=dword:00000064
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:0000000a
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000a
"SWLeftFootCoef"=dword:00000005
"SWRightFootCoef"=dword:00000005
"SWAggressionCoef"=dword:00000014
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:0000003c
"SWConsistencyCoef"=dword:0000000a
"SWCreativityCoef"=dword:0000000a
"SWDecisionsCoef"=dword:00000014
"SWDeterminationCoef"=dword:0000000a
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000000
"SWImportantMatchesCoef"=dword:0000000a
"SWInfluenceCoef"=dword:0000000a
"SWOffTheBallCoef"=dword:0000000a
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:00000014
"SWAccelerationCoef"=dword:0000001e
"SWAgilityCoef"=dword:0000000a
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffffb
"SWJumpingCoef"=dword:00000064
"SWNaturalFitnessCoef"=dword:00000005
"SWPaceCoef"=dword:00000014
"SWStaminaCoef"=dword:0000000a
"SWStrengthCoef"=dword:00000050
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:00000005
"SWAmbitionCoef"=dword:0000000a
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:00000005
"SWPressureCoef"=dword:00000005
"SWProfessionalismCoef"=dword:00000005
"SWSportsmanshipCoef"=dword:00000005
"SWTemperamentCoef"=dword:00000005
"CBWeightCoef"=dword:00000064
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000000
"CBCrossingCoef"=dword:00000000
"CBDribblingCoef"=dword:00000000
"CBFinishingCoef"=dword:00000000
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:0000000a
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:0000000a
"CBLongThrowsCoef"=dword:00000000
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:00000014
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000a
"CBLeftFootCoef"=dword:00000005
"CBRightFootCoef"=dword:00000005
"CBAggressionCoef"=dword:00000014
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:00000014
"CBConcentrationCoef"=dword:00000028
"CBConsistencyCoef"=dword:0000000a
"CBCreativityCoef"=dword:0000000a
"CBDecisionsCoef"=dword:00000014
"CBDeterminationCoef"=dword:0000000a
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000000
"CBImportantMatchesCoef"=dword:0000000a
"CBInfluenceCoef"=dword:0000000a
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:00000014
"CBAccelerationCoef"=dword:00000028
"CBAgilityCoef"=dword:0000000a
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffffb
"CBJumpingCoef"=dword:00000064
"CBNaturalFitnessCoef"=dword:00000005
"CBPaceCoef"=dword:0000001e
"CBStaminaCoef"=dword:0000000a
"CBStrengthCoef"=dword:0000003c
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:00000005
"CBAmbitionCoef"=dword:0000000a
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:00000005
"CBPressureCoef"=dword:00000005
"CBProfessionalismCoef"=dword:00000005
"CBSportsmanshipCoef"=dword:00000005
"CBTemperamentCoef"=dword:00000005
"FBWeightCoef"=dword:00000069
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:0000000a
"FBCrossingCoef"=dword:0000001e
"FBDribblingCoef"=dword:00000014
"FBFinishingCoef"=dword:00000000
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:0000000a
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:0000003c
"FBPassingCoef"=dword:0000001e
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:00000014
"FBLeftFootCoef"=dword:00000005
"FBRightFootCoef"=dword:00000005
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:00000050
"FBBraveryCoef"=dword:00000014
"FBComposureCoef"=dword:0000000a
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:0000000a
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000014
"FBDeterminationCoef"=dword:0000000a
"FBDirtinessCoef"=dword:fffffff6
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:0000000a
"FBInfluenceCoef"=dword:0000000a
"FBOffTheBallCoef"=dword:00000014
"FBPositioningCoef"=dword:00000064
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:0000003c
"FBAgilityCoef"=dword:0000000a
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffffb
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:00000005
"FBPaceCoef"=dword:00000050
"FBStaminaCoef"=dword:0000003c
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:00000005
"FBAmbitionCoef"=dword:0000000a
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:00000005
"FBPressureCoef"=dword:00000005
"FBProfessionalismCoef"=dword:00000005
"FBSportsmanshipCoef"=dword:00000005
"FBTemperamentCoef"=dword:00000005
"WBWeightCoef"=dword:0000006c
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:0000000a
"WBCrossingCoef"=dword:0000003c
"WBDribblingCoef"=dword:00000028
"WBFinishingCoef"=dword:0000000a
"WBFirstTouchCoef"=dword:00000014
"WBFreeKicksCoef"=dword:0000000a
"WBHeadingCoef"=dword:00000028
"WBLongShotsCoef"=dword:00000014
"WBLongThrowsCoef"=dword:0000000a
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000064
"WBTechniqueCoef"=dword:00000028
"WBLeftFootCoef"=dword:00000005
"WBRightFootCoef"=dword:00000005
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000050
"WBBraveryCoef"=dword:0000000a
"WBComposureCoef"=dword:0000000a
"WBConcentrationCoef"=dword:00000014
"WBConsistencyCoef"=dword:0000000a
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:0000000a
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:0000000a
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:00000064
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:00000028
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:0000000a
"WBBalanceCoef"=dword:00000014
"WBInjuryPronenessCoef"=dword:fffffffb
"WBJumpingCoef"=dword:00000014
"WBNaturalFitnessCoef"=dword:00000005
"WBPaceCoef"=dword:00000064
"WBStaminaCoef"=dword:00000050
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:00000005
"WBAmbitionCoef"=dword:0000000a
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:00000005
"WBPressureCoef"=dword:00000005
"WBProfessionalismCoef"=dword:00000005
"WBSportsmanshipCoef"=dword:00000005
"WBTemperamentCoef"=dword:00000005
"DMWeightCoef"=dword:00000067
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:0000000a
"DMCrossingCoef"=dword:0000001e
"DMDribblingCoef"=dword:00000014
"DMFinishingCoef"=dword:0000000a
"DMFirstTouchCoef"=dword:0000001e
"DMFreeKicksCoef"=dword:0000000a
"DMHeadingCoef"=dword:00000028
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:00000005
"DMMarkingCoef"=dword:0000003c
"DMPassingCoef"=dword:00000028
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000064
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:00000005
"DMRightFootCoef"=dword:00000005
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:00000014
"DMComposureCoef"=dword:0000000a
"DMConcentrationCoef"=dword:00000014
"DMConsistencyCoef"=dword:0000000a
"DMCreativityCoef"=dword:00000014
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:0000000a
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000a
"DMImportantMatchesCoef"=dword:0000000a
"DMInfluenceCoef"=dword:0000000a
"DMOffTheBallCoef"=dword:0000001e
"DMPositioningCoef"=dword:00000050
"DMTeamworkCoef"=dword:00000028
"DMWorkRateCoef"=dword:00000050
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:0000000a
"DMBalanceCoef"=dword:0000000a
"DMInjuryPronenessCoef"=dword:fffffffb
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:00000005
"DMPaceCoef"=dword:00000028
"DMStaminaCoef"=dword:0000003c
"DMStrengthCoef"=dword:00000028
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:00000005
"DMAmbitionCoef"=dword:0000000a
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:00000005
"DMPressureCoef"=dword:00000005
"DMProfessionalismCoef"=dword:00000005
"DMSportsmanshipCoef"=dword:00000005
"DMTemperamentCoef"=dword:00000005
"MWeightCoef"=dword:00000068
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:0000000a
"MCrossingCoef"=dword:00000028
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000014
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:0000000a
"MHeadingCoef"=dword:0000001e
"MLongShotsCoef"=dword:00000014
"MLongThrowsCoef"=dword:00000005
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:00000046
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:0000003c
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:00000005
"MRightFootCoef"=dword:00000005
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:0000000a
"MConcentrationCoef"=dword:0000000a
"MConsistencyCoef"=dword:0000000a
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:0000001e
"MDeterminationCoef"=dword:0000000a
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:0000000a
"MImportantMatchesCoef"=dword:0000000a
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:00000028
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000032
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:00000032
"MAgilityCoef"=dword:0000000a
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffffb
"MJumpingCoef"=dword:00000028
"MNaturalFitnessCoef"=dword:00000005
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:0000001e
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:00000005
"MAmbitionCoef"=dword:0000000a
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:00000005
"MPressureCoef"=dword:00000005
"MProfessionalismCoef"=dword:00000005
"MSportsmanshipCoef"=dword:00000005
"MTemperamentCoef"=dword:00000005
"AMWeightCoef"=dword:00000068
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:0000000a
"AMCrossingCoef"=dword:0000003c
"AMDribblingCoef"=dword:00000050
"AMFinishingCoef"=dword:00000028
"AMFirstTouchCoef"=dword:0000001e
"AMFreeKicksCoef"=dword:0000000a
"AMHeadingCoef"=dword:00000014
"AMLongShotsCoef"=dword:00000014
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000a
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:00000005
"AMRightFootCoef"=dword:00000005
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:0000001e
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:0000000a
"AMConcentrationCoef"=dword:0000000a
"AMConsistencyCoef"=dword:0000000a
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000028
"AMDeterminationCoef"=dword:0000000a
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:00000014
"AMImportantMatchesCoef"=dword:0000000a
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:0000003c
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:0000003c
"AMWorkRateCoef"=dword:00000014
"AMAccelerationCoef"=dword:0000003c
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffffb
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:00000005
"AMPaceCoef"=dword:0000003c
"AMStaminaCoef"=dword:0000003c
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:00000005
"AMAmbitionCoef"=dword:0000000a
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:00000005
"AMPressureCoef"=dword:00000005
"AMProfessionalismCoef"=dword:00000005
"AMSportsmanshipCoef"=dword:00000005
"AMTemperamentCoef"=dword:00000005
"WWeightCoef"=dword:00000069
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:0000000a
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:0000000a
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000014
"WLongThrowsCoef"=dword:00000005
"WMarkingCoef"=dword:0000000a
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:0000000a
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:00000005
"WRightFootCoef"=dword:00000005
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000014
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:0000000a
"WConcentrationCoef"=dword:0000000a
"WConsistencyCoef"=dword:0000000a
"WCreativityCoef"=dword:0000003c
"WDecisionsCoef"=dword:00000014
"WDeterminationCoef"=dword:0000000a
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000000a
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:0000000a
"WOffTheBallCoef"=dword:0000003c
"WPositioningCoef"=dword:00000014
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffffb
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:00000005
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:0000003c
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:00000005
"WAmbitionCoef"=dword:0000000a
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:00000005
"WPressureCoef"=dword:00000005
"WProfessionalismCoef"=dword:00000005
"WSportsmanshipCoef"=dword:00000005
"WTemperamentCoef"=dword:00000005
"FSTWeightCoef"=dword:00000067
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:0000000a
"FSTCrossingCoef"=dword:0000000a
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:0000000a
"FSTHeadingCoef"=dword:00000028
"FSTLongShotsCoef"=dword:00000014
"FSTLongThrowsCoef"=dword:00000000
"FSTMarkingCoef"=dword:00000000
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:00000000
"FSTTechniqueCoef"=dword:00000050
"FSTLeftFootCoef"=dword:00000005
"FSTRightFootCoef"=dword:00000005
"FSTAggressionCoef"=dword:0000000a
"FSTAnticipationCoef"=dword:0000000a
"FSTBraveryCoef"=dword:0000000a
"FSTComposureCoef"=dword:0000000a
"FSTConcentrationCoef"=dword:0000000a
"FSTConsistencyCoef"=dword:0000000a
"FSTCreativityCoef"=dword:00000028
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:0000000a
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:0000000a
"FSTImportantMatchesCoef"=dword:0000000a
"FSTInfluenceCoef"=dword:0000000a
"FSTOffTheBallCoef"=dword:00000050
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:00000028
"FSTBalanceCoef"=dword:0000000a
"FSTInjuryPronenessCoef"=dword:fffffffb
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:00000005
"FSTPaceCoef"=dword:00000064
"FSTStaminaCoef"=dword:00000028
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:00000005
"FSTAmbitionCoef"=dword:0000000a
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:00000005
"FSTPressureCoef"=dword:00000005
"FSTProfessionalismCoef"=dword:00000005
"FSTSportsmanshipCoef"=dword:00000005
"FSTTemperamentCoef"=dword:00000005
"TSTWeightCoef"=dword:00000067
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000000
"TSTCrossingCoef"=dword:0000000a
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:00000050
"TSTFirstTouchCoef"=dword:0000001e
"TSTFreeKicksCoef"=dword:0000000a
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:00000014
"TSTLongThrowsCoef"=dword:00000000
"TSTMarkingCoef"=dword:00000000
"TSTPassingCoef"=dword:00000028
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:00000000
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:00000005
"TSTRightFootCoef"=dword:00000005
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:0000000a
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:0000000a
"TSTConcentrationCoef"=dword:0000000a
"TSTConsistencyCoef"=dword:0000000a
"TSTCreativityCoef"=dword:00000014
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:0000000a
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:0000000a
"TSTImportantMatchesCoef"=dword:0000000a
"TSTInfluenceCoef"=dword:0000000a
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:00000014
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffffb
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:00000005
"TSTPaceCoef"=dword:00000028
"TSTStaminaCoef"=dword:00000014
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:00000005
"TSTAmbitionCoef"=dword:0000000a
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:00000005
"TSTPressureCoef"=dword:00000005
"TSTProfessionalismCoef"=dword:00000005
"TSTSportsmanshipCoef"=dword:00000005
"TSTTemperamentCoef"=dword:00000005
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (S-1-5-21-790525478-1708537768-682003330-1003)
@Allowed: (Read) (S-1-5-21-790525478-1708537768-682003330-1003)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:dd,02,d4,8a,bd,28,69,7c,5c,a3,13,7e,be,69,bb,63,85,20,f1,55,5b,57,19,
52,0b,07,63,2c,0a,f7,88,2b,95,48,16,55,f4,3e,44,a4,b6,99,6e,47,88,63,73,e4,\
"??"=hex:1b,98,93,39,b0,82,1b,18,fa,37,83,82,0c,4d,a1,4e
.
[HKEY_USERS\S-1-5-21-790525478-1708537768-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:73,d2,92,29,89,c6,bc,e8,3a,ea,d3,96,4c,01,d4,6e,81,e2,be,24,ce,
f8,d8,ea,89,55,16,31,c4,2c,4f,97,24,ff,3e,42,da,b9,d9,62,87,10,ec,59,6e,5b,\
"rkeysecu"=hex:6e,9d,dd,6b,c7,cd,d8,10,4d,13,bd,7f,ea,c3,5c,d3
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3588)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\HDDSvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Common Files\Protexis\License Service\PSIService.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\UAService7.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\windows\SOUNDMAN.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 21:30:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 19:30
ComboFix2.txt 2011-07-24 20:26
.
Před spuštěním: 6 405 319 168
Po spuštění: 6 384 310 784
.
- - End Of File - - 501F82AF2418B6973046896F086417C8
Nahr nˇ probŘhlo ŁspŘçnŘ

#15 Příspěvek od **Rudy** » 26 črc 2011 21:27

Soubor c:\windows\system32\winlogon.exe otestujte online na www.virustotal.com .

VIRY.CZ

Pomoc - FB vir

Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir

Re: Pomoc - FB vir