Prosím o kontrolu logu

[bartak505]

Dobrý večer prosím o kontrolu logu mám podezdření na pár havětí.. PC se mi začalo zpomalovat a startup trvá dýl a dýl

Kód: Vybrat vše

Logfile of random's system information tool 1.09 (written by random/random)
Run by Caesar at 2012-10-05 20:35:01
Microsoft Windows 7 Ultimate  
System drive C: has 44 GB (11%) free of 382 GB
Total RAM: 3326 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:35:06, on 5.10.2012
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\8 Skin Pack\Aura\Aura.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Program Files\QIP 2012\qip.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Caesar\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Caesar\Downloads\RSIT.exe
C:\Users\Caesar\Downloads\Caesar.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Caesar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\System Files 32\Antivirus,C:\Windows\system32\System Files 32\Antivirus,C:\Windows\system32\System Files 32\Antivirus
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Caesar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Aura.lnk = C:\Windows\8 Skin Pack\Aura\Aura.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: K&ontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:  wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: QipGuard - QIP.ru - C:\Program Files\QipGuard\QipGuard.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

--
End of file - 11017 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000Core.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default

prefs.js - "browser.startup.homepage" -  "http://qip.ru"
prefs.js - "extensions.enabledItems" -  "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8, {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3, plugin@gameplaylabs.com:1.0, fdm_ffext@freedownloadmanager.org:1.3.4, AstroToolbar@toolbarnet.com:1.1.7.0234, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" -  "http://search.qip.ru/search?from=FF&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{6E19037A-12E3-4295-8915-ED48BC341614}"=C:\Program Files\RelevantKnowledge
"virtualKeyboard@kaspersky.ru"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru
"linkfilter@kaspersky.ru"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.96.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.96.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@protectdisc.com/NPMPDRM]
"Description"=MPDRM License Acquisition Plugin
"Path"=C:\Program Files\Common Files\mpDRM\NPMPDRM.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
linkfilter@kaspersky.ru
linkfilter@kaspersky.ru_bak
{1004ba6a-334d-5ed4-882c-80021f166d3f}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
FlashGet3.xpi
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
fcmdSrchostpl.xml
fcmdSrchw7th.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\
AstroToolbar@toolbarnet.com
fdm_ffext@freedownloadmanager.org
ffxtlbr@babylon.com
ffxtlbr@Facemoods.com
plugin@gameplaylabs.com
plugin@yontoo.com
toolbar@ask.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\searchplugins\
absearch-search.xml
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll [2010-07-01 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Caesar\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-11-23 142288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll [2010-07-01 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files\Yontoo\YontooIEClient.dll [2012-08-11 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-08-26 10828392]
""= []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Antivirus]
C:\Windows\system32\System Files 32\Antivirus [2009-06-10 1169224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe [2011-10-05 1051760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT PLP]
C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [2010-05-17 121456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files\Origin\Origin.exe [2012-08-09 3414680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Caesar\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
C:\Program Files\Spyware Doctor\pctsTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2009-06-03 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Caesar\AppData\Roaming\QipGuard\QipGuard.exe /p []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoccatKova+]
C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [2011-03-17 539688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RockMelt Update]
C:\Users\Caesar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-07-06 136336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2009-06-03 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-02-09 2216960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-02-09 3318784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svcdotnet]
C:\Windows\svcdotnet\svcdotnet.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]
C:\ProgramData\SystemKey\SystemKey.dll [2006-04-07 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files\TightVNC\tvnserver.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TaskbarUserTile.lnk]
C:\Windows\8SKINP~1\TASKBA~1\UserTile.exe [2011-04-06 26624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
C:\Users\Caesar\AppData\Local\Facebook\MESSEN~1\214587~1.0\FACEBO~1.EXE  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^G-Recorder.lnk]
C:\PROGRA~1\G-RECO~1\G-RECO~1.EXE  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
C:\PROGRA~1\Hamachi\hamachi.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MultiSkypeLauncher.lnk]
C:\PROGRA~1\MULTIS~1\MULTIS~1.EXE [2011-02-23 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk]
C:\PROGRA~1\PDANET~1\PdaNetPC.exe  []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aura.lnk - C:\Windows\8 Skin Pack\Aura\Aura.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2010-07-01 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableInstallerDetection"=0
"legalnoticetext"=
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Users\Caesar\AppData\Local\Temp\Rar$EX00.827\Stealth.KeyLogger.3.1.patch.by.CORE.exe"="C:\Users\Caesar\AppData\Local\Temp\Rar$EX00.827\Stealth.KeyLogger.3.1.patch.by.CORE.exe:*:Enabled:Stealth.KeyLogger.3.1.patch.by.CORE"
"C:\Users\Caesar\AppData\Local\Temp\Rar$EX01.442\Stealth.KeyLogger.3.1.patch.by.CORE.exe"="C:\Users\Caesar\AppData\Local\Temp\Rar$EX01.442\Stealth.KeyLogger.3.1.patch.by.CORE.exe:*:Enabled:Stealth.KeyLogger.3.1.patch.by.CORE"
"C:\Users\Caesar\Desktop\Stealth.KeyLogger.3.1.patch.by.CORE.exe"="C:\Users\Caesar\Desktop\Stealth.KeyLogger.3.1.patch.by.CORE.exe:*:Enabled:Stealth.KeyLogger.3.1.patch.by.CORE"
"C:\Users\Caesar\AppData\Local\Temp\Rar$EX00.337\Stealth_KeyLogger_3_1_patch.exe"="C:\Users\Caesar\AppData\Local\Temp\Rar$EX00.337\Stealth_KeyLogger_3_1_patch.exe:*:Enabled:Stealth_KeyLogger_3_1_patch"
"C:\Users\Caesar\AppData\Local\Temp\Rar$EX65.136\Stealth_KeyLogger_3_1_patch.exe"="C:\Users\Caesar\AppData\Local\Temp\Rar$EX65.136\Stealth_KeyLogger_3_1_patch.exe:*:Enabled:Stealth_KeyLogger_3_1_patch"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.dvsd"=pdvcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-05 20:32:00 ----D---- C:\rsit
2012-10-05 20:23:43 ----D---- C:\Program Files\TorrentHandler
2012-10-05 20:23:39 ----D---- C:\Program Files\1ClickDownload
2012-10-03 19:47:06 ----D---- C:\Program Files\MP3 to WAV Converter
2012-10-02 23:17:36 ----D---- C:\Program Files\LogMeIn Hamachi
2012-10-02 19:46:06 ----D---- C:\Program Files\Common Files\SWF Studio
2012-10-02 10:51:45 ----D---- C:\ProgramData\Firefly Studios
2012-10-01 17:40:58 ----D---- C:\Program Files\Mp3 File Editor
2012-10-01 17:40:58 ----A---- C:\Windows\iun506.exe
2012-10-01 13:25:01 ----A---- C:\Windows\system32\CmdLineExt03.dll
2012-10-01 13:22:23 ----D---- C:\Program Files\Sierra
2012-09-26 14:13:41 ----D---- C:\Program Files\1C
2012-09-22 12:26:43 ----D---- C:\Program Files\uTorrent
2012-09-22 12:25:45 ----D---- C:\Users\Caesar\AppData\Roaming\uTorrent
2012-09-19 17:22:00 ----D---- C:\ProgramData\RELOADED
2012-09-19 17:21:39 ----D---- C:\Users\Caesar\AppData\Roaming\Galaxy on Fire 2 Full HD
2012-09-19 17:18:54 ----D---- C:\Program Files\Galaxy On Fire 2
2012-09-17 13:39:45 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2012-09-17 13:38:57 ----D---- C:\Program Files\iPod
2012-09-17 13:38:56 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-17 13:38:56 ----D---- C:\Program Files\iTunes
2012-09-15 10:03:27 ----D---- C:\Users\Caesar\AppData\Roaming\Subversion

======List of files/folders modified in the last 1 month======

2012-10-05 20:35:06 ----D---- C:\Windows\Temp
2012-10-05 20:34:49 ----D---- C:\Windows\Prefetch
2012-10-05 20:24:53 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-10-05 20:23:43 ----RD---- C:\Program Files
2012-10-05 20:19:40 ----D---- C:\Users\Caesar\AppData\Roaming\Skype
2012-10-05 18:35:40 ----D---- C:\ProgramData\NVIDIA
2012-10-05 08:42:49 ----D---- C:\Windows\system32\config
2012-10-04 23:37:36 ----D---- C:\Users\Caesar\AppData\Roaming\ICQ
2012-10-04 09:10:13 ----D---- C:\Windows\System32
2012-10-04 09:10:13 ----D---- C:\Windows\inf
2012-10-04 09:10:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-03 23:08:01 ----D---- C:\Program Files\Steam
2012-10-03 13:59:12 ----SHD---- C:\Windows\Installer
2012-10-03 13:59:12 ----SHD---- C:\Config.Msi
2012-10-03 01:19:04 ----RSD---- C:\Windows\assembly
2012-10-03 01:15:53 ----D---- C:\Program Files\Firefly Studios
2012-10-03 01:15:49 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-02 23:17:38 ----D---- C:\Windows\system32\drivers
2012-10-02 19:46:06 ----D---- C:\Program Files\Common Files
2012-10-02 10:51:45 ----HD---- C:\ProgramData
2012-10-02 10:50:10 ----D---- C:\Windows
2012-09-30 09:52:23 ----D---- C:\Downloads
2012-09-28 00:55:52 ----D---- C:\Program Files\Activision
2012-09-26 00:51:31 ----D---- C:\Windows\system32\catroot2
2012-09-20 19:51:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-09-19 23:01:48 ----D---- C:\Windows\system32\catroot
2012-09-19 11:12:25 ----D---- C:\Program Files\Bonjour
2012-09-18 22:20:29 ----D---- C:\Windows\Minidump
2012-09-18 21:46:24 ----D---- C:\Program Files\Movie Subtitles Searcher
2012-09-18 21:44:23 ----D---- C:\Program Files\AlienGUIse
2012-09-17 13:39:45 ----DC---- C:\Windows\system32\DRVSTORE
2012-09-17 13:38:57 ----D---- C:\Program Files\Common Files\Apple
2012-09-17 13:35:55 ----D---- C:\Windows\system32\DriverStore
2012-09-15 10:02:45 ----D---- C:\Windows\system32\directx
2012-09-15 10:02:40 ----HD---- C:\Windows\msdownld.tmp
2012-09-12 23:13:45 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-07-03 18544]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-07-03 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-21 218688]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-05-16 495192]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-02-09 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 57656]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 73216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-08-30 3659240]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\System32\Drivers\PdiPorts.sys [2010-04-16 17136]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2009-06-10 14080]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2009-06-10 36992]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-21 431672]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ewusbmbb;HUAWEI USB-WWAN miniport; C:\Windows\system32\DRIVERS\ewusbwwan.sys [2011-05-31 349184]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2010-10-08 25856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-05-03 194816]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 SaiH0255;SaiH0255; C:\Windows\system32\DRIVERS\SaiH0255.sys [2007-05-01 132232]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2011-08-19 26112]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 98560]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 100224]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 14848]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 123776]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 100224]
S3 WinUSB;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 37704]
S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe [2010-05-17 121456]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 1385896]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 645440]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-06-28 76888]
R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2011-11-23 191440]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-02-09 496128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-24 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 AVP;Služba Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-07-01 357096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-24 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-04-20 489256]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-03 1343400]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 71680]

-----------------EOF-----------------

[Rudy]

Zdravím!
Keylogger máte v PC vědomě?

[bartak505]

No to vůbec. Ani netuším kdy bych ho tam nevědomě dával

[Rudy]

OK. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[bartak505]

Kód: Vybrat vše

ComboFix 12-10-04.02 - Caesar 05.10.2012  21:05:52.1.4 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.420.1029.18.3326.2171 [GMT 2:00]
Spuštěný z: c:\users\Caesar\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvořen nový Bod Obnovení
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\install.exe
c:\windows\system32\System Files 32
c:\windows\system32\System Files 32\Antivirus
c:\windows\system32\tmp4EF9.tmp
c:\windows\system32\tmp4F0A.tmp
c:\windows\system32\tmp5AC6.tmp
c:\windows\system32\tmp5AC7.tmp
c:\windows\system32\tmp9CAC.tmp
c:\windows\system32\tmp9CAD.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2012-09-05 do 2012-10-05  )))))))))))))))))))))))))))))))
.
.
2012-10-05 19:15 . 2012-10-05 19:15	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-10-05 19:15 . 2012-10-05 19:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-10-05 18:32 . 2012-10-05 18:32	--------	d-----w-	C:\rsit
2012-10-05 18:23 . 2012-10-05 18:23	--------	d-----w-	c:\program files\TorrentHandler
2012-10-03 17:47 . 2012-10-03 17:47	--------	d-----w-	c:\program files\MP3 to WAV Converter
2012-10-02 21:17 . 2012-10-02 21:17	--------	d-----w-	c:\program files\LogMeIn Hamachi
2012-10-02 17:46 . 2012-10-02 17:46	--------	d-----w-	c:\program files\Common Files\SWF Studio
2012-10-02 08:51 . 2012-10-02 23:20	--------	d-----w-	c:\programdata\Firefly Studios
2012-10-01 15:40 . 2012-10-01 15:40	--------	d-----w-	c:\program files\Mp3 File Editor
2012-10-01 15:40 . 2012-10-01 15:40	286720	----a-w-	c:\windows\iun506.exe
2012-10-01 11:25 . 2012-10-01 11:25	43520	----a-w-	c:\windows\system32\CmdLineExt03.dll
2012-10-01 11:22 . 2012-10-01 11:22	--------	d-----w-	c:\program files\Sierra
2012-09-27 23:03 . 2012-09-27 23:03	--------	d-----w-	c:\users\Caesar\AppData\Local\Activision
2012-09-26 12:13 . 2012-09-26 12:13	--------	d-----w-	c:\program files\1C
2012-09-22 10:26 . 2012-09-22 10:26	--------	d-----w-	c:\program files\uTorrent
2012-09-22 10:25 . 2012-10-05 18:59	--------	d-----w-	c:\users\Caesar\AppData\Roaming\uTorrent
2012-09-19 15:22 . 2012-09-19 15:22	--------	d-----w-	c:\programdata\RELOADED
2012-09-19 15:21 . 2012-09-19 15:33	--------	d-----w-	c:\users\Caesar\AppData\Roaming\Galaxy on Fire 2 Full HD
2012-09-19 15:18 . 2012-09-19 15:26	--------	d-----w-	c:\program files\Galaxy On Fire 2
2012-09-17 13:45 . 2012-09-17 13:45	--------	d-----w-	c:\users\Caesar\AppData\Local\FANiSO
2012-09-17 11:39 . 2012-08-21 11:01	26840	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-17 11:38 . 2012-09-17 11:38	--------	d-----w-	c:\program files\iPod
2012-09-17 11:38 . 2012-09-17 11:39	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-17 11:38 . 2012-09-17 11:39	--------	d-----w-	c:\program files\iTunes
2012-09-15 08:03 . 2012-09-15 08:03	--------	d-----w-	c:\users\Caesar\AppData\Roaming\Subversion
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 17:51 . 2012-03-30 08:10	696240	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-20 17:51 . 2011-05-31 06:23	73136	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 18:24 . 2012-07-16 09:31	477168	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-08-28 18:24 . 2010-12-21 22:37	473072	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-26 16:58 . 2010-12-26 12:05	140800	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2012-08-26 16:58 . 2011-02-01 17:16	283304	----a-w-	c:\windows\system32\PnkBstrB.xtr
2012-08-26 16:58 . 2010-12-26 12:05	283304	----a-w-	c:\windows\system32\PnkBstrB.exe
2012-08-26 16:58 . 2010-12-26 12:05	280904	----a-w-	c:\windows\system32\PnkBstrB.ex0
2012-08-21 11:01 . 2012-08-15 15:32	106928	----a-w-	c:\windows\system32\GEARAspi.dll
2012-08-21 09:13 . 2012-07-13 20:47	355632	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-07-13 20:47	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-07-13 20:47	729752	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-07-13 20:47	44784	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-07-13 20:47	58680	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-07-13 20:47	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-07-13 20:47	41224	----a-w-	c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-07-13 20:47	227648	----a-w-	c:\windows\system32\aswBoot.exe
2012-07-09 11:42 . 2012-07-09 11:42	4547984	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-07-09 11:42 . 2012-07-09 11:42	44032	----a-w-	c:\windows\system32\drivers\usbaapl.sys
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12	121528	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-08-26 10828392]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aura.lnk - c:\windows\8 Skin Pack\Aura\Aura.exe [2011-4-7 468480]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 105160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\wbsys.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0aswBoot.exe /M:308e63d729
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TaskbarUserTile.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TaskbarUserTile.lnk
backup=c:\windows\pss\TaskbarUserTile.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
backup=c:\windows\pss\Facebook Messenger.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^G-Recorder.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\G-Recorder.lnk
backup=c:\windows\pss\G-Recorder.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
backup=c:\windows\pss\hamachi.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MultiSkypeLauncher.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
backup=c:\windows\pss\MultiSkypeLauncher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
backup=c:\windows\pss\PdaNet Desktop.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Antivirus]
c:\windows\system32\System Files 32\Antivirus [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51	919008	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-08-27 19:32	59280	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
2011-10-05 18:18	1051760	----a-w-	c:\programdata\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
2007-06-29 14:03	36864	----a-w-	c:\program files\GameSpy\Comrade\Comrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT PLP]
2010-05-17 10:03	121456	----a-w-	c:\program files\Common Files\Portrait Displays\Shared\DT_Startup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
2012-08-09 20:18	3414680	----a-w-	c:\program files\Origin\Origin.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-09 21:30	421776	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-08-29 10:03	1996200	----a-w-	c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2009-09-18 15:48	2412032	----a-w-	c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
2009-06-03 08:49	237568	----a-w-	c:\program files\Saitek\SD6\Software\ProfilerU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoccatKova+]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RockMelt Update]
2012-07-06 21:21	136336	----atw-	c:\users\Caesar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
2009-06-03 08:49	131072	----a-w-	c:\program files\Saitek\SD6\Software\SaiMfd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33	17418928	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2011-02-09 15:04	2216960	----a-w-	c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2011-02-09 15:04	3318784	----a-w-	c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2010-06-14 15:10	153672	----a-w-	c:\program files\Logitech\Gaming Software\LWEMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]
2006-04-07 07:58	339968	----a-w-	c:\programdata\SystemKey\SystemKey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 07:21	648072	----a-w-	c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSIDLL"=rundll32.exe msicgq32.dll,bBMVnanMfD
"Steam"="c:\program files\Steam\steam.exe" -silent
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"winsvc"=c:\windows\system32\winsvc.exe
"SystemKey"=c:\windows\system32\rundll32.exe "c:\programdata\SystemKey\SystemKey.dll" rdl
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 SaiH0255;SaiH0255;c:\windows\system32\DRIVERS\SaiH0255.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [x]
R3 vwmfbus;Vertex Wireless Composite Device driver (WDM);c:\windows\system32\DRIVERS\vwmfbus.sys [x]
R3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM);c:\windows\system32\DRIVERS\vwmfdiag.sys [x]
R3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~;c:\windows\system32\DRIVERS\vwmfmdfl.sys [x]
R3 vwmfmdm;Vertex Wireless CDC Modem Driver;c:\windows\system32\DRIVERS\vwmfmdm.sys [x]
R3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM);c:\windows\system32\DRIVERS\vwmfserd.sys [x]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:51]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-24 17:40]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-24 17:40]
.
2012-10-04 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000Core.job
- c:\users\Caesar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-07-06 21:21]
.
2012-10-05 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000UA.job
- c:\users\Caesar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-07-06 21:21]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: ????3?? - c:\users\Caesar\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Caesar\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
FF - ProfilePath - c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Astroburn Toolbar: AstroToolbar@toolbarnet.com - %profile%\extensions\AstroToolbar@toolbarnet.com
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.id - dab7b743000000000000001fd09f1e05
FF - user.js: extensions.BabylonToolbar_i.hardId - dab7b743000000000000001fd09f1e05
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15401
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:56
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111248
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extentions.y2layers.installId - 4fcc98d4-71f7-4ac9-91f6-b158b423f184
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube,YontooNewOffers
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
Notify-WB - c:\program files\AlienGUIse\fastload.dll
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-Facebook Update - c:\users\Caesar\AppData\Local\Facebook\Update\FacebookUpdate.exe
MSConfigStartUp-ISTray - c:\program files\Spyware Doctor\pctsTray.exe
MSConfigStartUp-QIP Internet Guardian - c:\users\Caesar\AppData\Roaming\QipGuard\QipGuard.exe
MSConfigStartUp-svcdotnet - c:\windows\svcdotnet\svcdotnet.exe
MSConfigStartUp-tvncontrol - c:\program files\TightVNC\tvnserver.exe
AddRemove-LockOn Flaming Cliffs 2_is1 - c:\users\Caesar\Downloads\LockOn Flaming Cliffs 1.2.1\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Caesar\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Caesar\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:eb,7e,d4,38,78,81,23,e8,5b,49,78,f8,39,de,8a,ad,69,cf,b4,7e,65,ee,8f,
   64,3d,57,fd,88,87,c7,f8,dd,1c,2e,08,ee,b2,4c,c7,2a,b6,3c,f5,cf,12,f0,fd,50,\
"??"=hex:fb,54,f7,36,6f,94,a7,1a,28,7a,05,13,4d,1f,17,1a
.
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\SecuROM\License information*]
"datasecu"=hex:54,70,df,31,47,b2,94,7b,f3,b9,da,1c,d8,b5,cf,bc,c7,1c,d1,90,69,
   02,ac,38,67,d5,9a,f0,91,c6,66,9f,0a,48,84,c4,ac,3f,44,38,10,ec,6d,59,1b,39,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1236)
c:\program files\RocketDock\RocketDock.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Portrait Displays\Shared\dtsrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2012-10-05  21:21:11 - počítač byl restartován
ComboFix-quarantined-files.txt  2012-10-05 19:21
.
Před spuštěním: Volných bajtů: 48 298 905 600
Po spuštění: Volných bajtů: 48 353 312 768
.
- - End Of File - - 9238569D551CD494477786017E553274

[Rudy]

1. V PC jsou 2 produkty InternetSecurity. Jeden z nich odinstalujte.

2. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\programdata\Badoo

Collect::
c:\windows\system32\winsvc.exe

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000Core.job
c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000UA.job

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"winsvc"=-

Firefox::
FF - ProfilePath - c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Astroburn Toolbar: AstroToolbar@toolbarnet.com - %profile%\extensions\AstroToolbar@toolbarnet.com
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.id - dab7b743000000000000001fd09f1e05
FF - user.js: extensions.BabylonToolbar_i.hardId - dab7b743000000000000001fd09f1e05
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15401
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:56
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111248
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extentions.y2layers.installId - 4fcc98d4-71f7-4ac9-91f6-b158b423f184
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube,YontooNewOffers

RegLock::
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Regnull::
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\SecuROM\License information*]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[bartak505]

Výsledný log:

Kód: Vybrat vše

ComboFix 12-10-04.02 - Caesar 05.10.2012  22:19:46.2.4 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.420.1029.18.3326.2126 [GMT 2:00]
Spuštěný z: c:\users\Caesar\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Caesar\Desktop\CFScript.txt
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000Core.job"
"c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000UA.job"
.
file zipped: c:\windows\system32\winsvc.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png
c:\programdata\Badoo
c:\programdata\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
c:\programdata\Badoo\Badoo Desktop\1.6.48.1082\htmlayout.dll
c:\programdata\Badoo\Badoo Desktop\1.6.48.1082\search.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\components\Initializer.js
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\defaults\patterns.ini
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\defaults\preferences\adblockplus.js
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\chrome.manifest
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\chrome\adblockplus.jar
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\icon.png
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\icon64.png
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\install.rdf
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\META-INF\manifest.mf
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\META-INF\zigbert.rsa
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\META-INF\zigbert.sf
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\AppIntegration.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\AppIntegrationFennec.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\Bootstrap.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\ContentPolicy.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\ContentPolicyRemote.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\ElemHide.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\ElemHideRemote.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\FilterClasses.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\FilterListener.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\FilterStorage.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\Matcher.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\ObjectTabs.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\Prefs.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\Public.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\RequestNotifier.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\SubscriptionClasses.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\Synchronizer.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\modules\Utils.jsm
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\ABToolbarFF.dll
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\ABToolbarFF.xpt
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\ABToolbarFF4.dll
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\ABToolbarFF4.xpt
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\about.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\AboutWindow.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\accept.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\AddRadioStation.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\as.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\as.png
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\astro.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\astro_audio.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\astro_lite.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\astroburn_site.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\az.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\b1.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\b1.png
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\burn_files.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\burn_image.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\BurnImage.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\buy.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\cal.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Config.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\d.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\d2.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dot_disabled.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dot_enabled.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dot_on_over.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\download.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\ds.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dsearch.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt-home.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt_buy.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt_download.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt_feedback.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt_forum.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt_line.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt_manual.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\dt_pro.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\DTPro.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Dwnl.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\emulation.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\ENG.xml
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\faq.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\favicon.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\fb.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\features.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\feedback.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\forum.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GameCentrix.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GameCentrixCristals.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GameCentrixDownload.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GameCentrixPlayOnline.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GameCentrixTop.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GameS.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\games_search.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\games_search_SA.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GameSA.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\gct16.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\gd.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\genre.xml
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\globe.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\GrabImage.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\hb.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\hb.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\help.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\hide.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\home.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\ImageS.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\ImageSA.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\ip.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\lang.xml
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\lingvo.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\m.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mail.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mail_disable.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mail_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mail_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mail_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mailc.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mailc_disable.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mailc_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mailc_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\mailc_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\manual.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\map.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\MenuRadioConfig.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\MenuRadioStation.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\MenuRSCur.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\MenuTr.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\next.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\next_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\next_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\next_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\none.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\none_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\op.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\play.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\play.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\play_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\play_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\play_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\pragma.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\prev.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\prev_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\prev_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\prev_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\prod.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Radio.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioBg.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioBg.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioBgMask.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioDisp.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioDisp_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioDown.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioDown.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioDown_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioDown_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioDown_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioE.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioG.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioL.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioLDotMask.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioLeft.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioLeftMask.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioLM.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioM.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioN.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioR.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioR.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioRM.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioRU.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioVolume.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioVolume_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioVolume_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioVolume_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RadioW.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\rbcheck.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\rbtxt.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\refresh.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\refresh_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\refresh_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\refresh_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Rss.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Rss1.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RssA.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RssA1.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\rssClose.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\rssL.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\rssOpen.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RssRefresh.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\RUS.xml
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\s2.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\search.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\show.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\size.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\size_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\skins.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\soft24.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\soft24_SA.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\spt.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\stop.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\stop.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\stop_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\stop_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\stop_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\style.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\SupportRequest.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\timer.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\TitleIcon.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\toolbar.xml
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\trans.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Trash.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Trash_disable.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Trash_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Trash_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\Trash_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\u.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\uninstall.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_back.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_dott.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_dott_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_mute.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_mute_check.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\vol_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtClose.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtClose_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtClose_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtClose_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtText.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtText_down.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtText_m.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wBtText_under.bmp
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\WebS.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\WebSa.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi0.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi1.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi10.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi11.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi12.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi13.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi14.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi2.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi3.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi4.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi5.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi6.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi7.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi8.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\components\Resources\wi9.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome.manifest
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome\content\AboutWindow.ico
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome\content\base.js
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome\content\contents.rdf
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome\content\dttoolbar.js
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome\content\dttoolbar.xul
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome\content\gadget.xul
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\chrome\content\options.xul
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\AstroToolbar@toolbarnet.com\install.rdf
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\defaults\preferences\prefs.js
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\chrome.manifest
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\chrome\content\ff-overlay.xul
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\chrome\content\icon.png
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\chrome\content\overlay.js
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\chrome\locale\en-US\overlay.properties
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\install.rdf
c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\extensions\plugin@gameplaylabs.com\setup.ini
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2012-09-05 do 2012-10-05  )))))))))))))))))))))))))))))))
.
.
2012-10-05 20:30 . 2012-10-05 20:32	--------	d-----w-	c:\users\Caesar\AppData\Local\temp
2012-10-05 20:30 . 2012-10-05 20:30	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-10-05 20:30 . 2012-10-05 20:30	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-10-05 18:32 . 2012-10-05 18:32	--------	d-----w-	C:\rsit
2012-10-05 18:23 . 2012-10-05 18:23	--------	d-----w-	c:\program files\TorrentHandler
2012-10-03 17:47 . 2012-10-03 17:47	--------	d-----w-	c:\program files\MP3 to WAV Converter
2012-10-02 21:17 . 2012-10-02 21:17	--------	d-----w-	c:\program files\LogMeIn Hamachi
2012-10-02 17:46 . 2012-10-02 17:46	--------	d-----w-	c:\program files\Common Files\SWF Studio
2012-10-02 08:51 . 2012-10-02 23:20	--------	d-----w-	c:\programdata\Firefly Studios
2012-10-01 15:40 . 2012-10-01 15:40	--------	d-----w-	c:\program files\Mp3 File Editor
2012-10-01 15:40 . 2012-10-01 15:40	286720	----a-w-	c:\windows\iun506.exe
2012-10-01 11:25 . 2012-10-01 11:25	43520	----a-w-	c:\windows\system32\CmdLineExt03.dll
2012-10-01 11:22 . 2012-10-01 11:22	--------	d-----w-	c:\program files\Sierra
2012-09-27 23:03 . 2012-09-27 23:03	--------	d-----w-	c:\users\Caesar\AppData\Local\Activision
2012-09-26 12:13 . 2012-09-26 12:13	--------	d-----w-	c:\program files\1C
2012-09-22 10:26 . 2012-09-22 10:26	--------	d-----w-	c:\program files\uTorrent
2012-09-22 10:25 . 2012-10-05 18:59	--------	d-----w-	c:\users\Caesar\AppData\Roaming\uTorrent
2012-09-19 15:22 . 2012-09-19 15:22	--------	d-----w-	c:\programdata\RELOADED
2012-09-19 15:21 . 2012-09-19 15:33	--------	d-----w-	c:\users\Caesar\AppData\Roaming\Galaxy on Fire 2 Full HD
2012-09-19 15:18 . 2012-09-19 15:26	--------	d-----w-	c:\program files\Galaxy On Fire 2
2012-09-17 13:45 . 2012-09-17 13:45	--------	d-----w-	c:\users\Caesar\AppData\Local\FANiSO
2012-09-17 11:39 . 2012-08-21 11:01	26840	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-17 11:38 . 2012-09-17 11:38	--------	d-----w-	c:\program files\iPod
2012-09-17 11:38 . 2012-09-17 11:39	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-17 11:38 . 2012-09-17 11:39	--------	d-----w-	c:\program files\iTunes
2012-09-15 08:03 . 2012-09-15 08:03	--------	d-----w-	c:\users\Caesar\AppData\Roaming\Subversion
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 17:51 . 2012-03-30 08:10	696240	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-20 17:51 . 2011-05-31 06:23	73136	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 18:24 . 2012-07-16 09:31	477168	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-08-28 18:24 . 2010-12-21 22:37	473072	----a-w-	c:\windows\system32\deployJava1.dll
2012-08-26 16:58 . 2010-12-26 12:05	140800	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2012-08-26 16:58 . 2011-02-01 17:16	283304	----a-w-	c:\windows\system32\PnkBstrB.xtr
2012-08-26 16:58 . 2010-12-26 12:05	283304	----a-w-	c:\windows\system32\PnkBstrB.exe
2012-08-26 16:58 . 2010-12-26 12:05	280904	----a-w-	c:\windows\system32\PnkBstrB.ex0
2012-08-21 11:01 . 2012-08-15 15:32	106928	----a-w-	c:\windows\system32\GEARAspi.dll
2012-08-21 09:13 . 2012-07-13 20:47	355632	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-07-13 20:47	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-07-13 20:47	729752	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-07-13 20:47	44784	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-07-13 20:47	58680	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-07-13 20:47	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-07-13 20:47	41224	----a-w-	c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-07-13 20:47	227648	----a-w-	c:\windows\system32\aswBoot.exe
2012-07-09 11:42 . 2012-07-09 11:42	4547984	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-07-09 11:42 . 2012-07-09 11:42	44032	----a-w-	c:\windows\system32\drivers\usbaapl.sys
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12	121528	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-08-26 10828392]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aura.lnk - c:\windows\8 Skin Pack\Aura\Aura.exe [2011-4-7 468480]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 105160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\wbsys.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0aswBoot.exe /M:308e63d729
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk
backup=c:\windows\pss\Air Mouse.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TaskbarUserTile.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TaskbarUserTile.lnk
backup=c:\windows\pss\TaskbarUserTile.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
backup=c:\windows\pss\Facebook Messenger.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^G-Recorder.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\G-Recorder.lnk
backup=c:\windows\pss\G-Recorder.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
backup=c:\windows\pss\hamachi.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MultiSkypeLauncher.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
backup=c:\windows\pss\MultiSkypeLauncher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Caesar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk]
path=c:\users\Caesar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
backup=c:\windows\pss\PdaNet Desktop.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Antivirus]
c:\windows\system32\System Files 32\Antivirus [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51	919008	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-08-27 19:32	59280	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
2007-06-29 14:03	36864	----a-w-	c:\program files\GameSpy\Comrade\Comrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT PLP]
2010-05-17 10:03	121456	----a-w-	c:\program files\Common Files\Portrait Displays\Shared\DT_Startup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
2012-08-09 20:18	3414680	----a-w-	c:\program files\Origin\Origin.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-09 21:30	421776	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-08-29 10:03	1996200	----a-w-	c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2009-09-18 15:48	2412032	----a-w-	c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
2009-06-03 08:49	237568	----a-w-	c:\program files\Saitek\SD6\Software\ProfilerU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoccatKova+]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RockMelt Update]
2012-07-06 21:21	136336	----atw-	c:\users\Caesar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
2009-06-03 08:49	131072	----a-w-	c:\program files\Saitek\SD6\Software\SaiMfd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33	17418928	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2011-02-09 15:04	2216960	----a-w-	c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2011-02-09 15:04	3318784	----a-w-	c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2010-06-14 15:10	153672	----a-w-	c:\program files\Logitech\Gaming Software\LWEMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]
2006-04-07 07:58	339968	----a-w-	c:\programdata\SystemKey\SystemKey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 07:21	648072	----a-w-	c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSIDLL"=rundll32.exe msicgq32.dll,bBMVnanMfD
"Steam"="c:\program files\Steam\steam.exe" -silent
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SystemKey"=c:\windows\system32\rundll32.exe "c:\programdata\SystemKey\SystemKey.dll" rdl
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 CFcatchme;CFcatchme;c:\users\Caesar\AppData\Local\Temp\CFcatchme.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 SaiH0255;SaiH0255;c:\windows\system32\DRIVERS\SaiH0255.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [x]
R3 vwmfbus;Vertex Wireless Composite Device driver (WDM);c:\windows\system32\DRIVERS\vwmfbus.sys [x]
R3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM);c:\windows\system32\DRIVERS\vwmfdiag.sys [x]
R3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~;c:\windows\system32\DRIVERS\vwmfmdfl.sys [x]
R3 vwmfmdm;Vertex Wireless CDC Modem Driver;c:\windows\system32\DRIVERS\vwmfmdm.sys [x]
R3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM);c:\windows\system32\DRIVERS\vwmfserd.sys [x]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:51]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-24 17:40]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-24 17:40]
.
2012-10-04 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000Core.job
- c:\users\Caesar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-07-06 21:21]
.
2012-10-05 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-1166832375-3663192737-3976912733-1000UA.job
- c:\users\Caesar\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-07-06 21:21]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: ????3?? - c:\users\Caesar\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Caesar\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Caesar\AppData\Roaming\Mozilla\Firefox\Profiles\54c46ocd.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.id - dab7b743000000000000001fd09f1e05
FF - user.js: extensions.BabylonToolbar_i.hardId - dab7b743000000000000001fd09f1e05
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15401
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1723:56
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111248
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extentions.y2layers.installId - 4fcc98d4-71f7-4ac9-91f6-b158b423f184
FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube,YontooNewOffers
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Caesar\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-1166832375-3663192737-3976912733-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Caesar\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5700)
c:\program files\RocketDock\RocketDock.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Portrait Displays\Shared\dtsrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2012-10-05  22:35:13 - počítač byl restartován
ComboFix-quarantined-files.txt  2012-10-05 20:35
ComboFix2.txt  2012-10-05 19:21
.
Před spuštěním: Volných bajtů: 48 937 455 616
Po spuštění: Volných bajtů: 48 893 759 488
.
- - End Of File - - A60BD52FA7B1995AB672CF15508C79EF
Nahr nˇ probŘhlo ŁspŘçnŘ 

[Rudy]

OK. Nastala nějaká změna?

[bartak505]

Star win cca o 20 sec rychleji, nabihani aplikaci taky urychleno, rainmeter se rozbrazil okamžitě akorát RockMeIt mi najednou neumí zobrazit písmena tipu ž,ý, apod ale to je v pohodě to mě nějak netrápí. Každopádně díky za pomoc

[Rudy]

Nemáte zač!