Prosím o kontrolu

Zpráva

Filis · #1 Příspěvek od **Filis** » 01 bře 2011 22:41

ComboFix 11-02-28.07 - Filip 01.03.2011 22:18:17.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2813.1116 [GMT 1:00]
Spuštěný z: f:\debordelizace\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
AV: McAfee® Total Protection™ Service *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee® Total Protection™ Service *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: McAfee® Total Protection™ Service *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-01 do 2011-03-01 )))))))))))))))))))))))))))))))
.

2011-02-25 14:43 . 2011-02-25 14:57 -------- d-----w- C:\Záloha
2011-02-23 05:04 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 04:58 . 2011-01-07 07:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 04:58 . 2011-01-07 07:31 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 20:09 . 2011-02-22 20:31 -------- d-----w- C:\Mikiny Nosferatu
2011-02-15 18:40 . 2011-02-21 16:39 -------- d-----w- C:\Videa
2011-02-12 16:42 . 2011-02-15 22:06 -------- d-----w- c:\users\Filip\AppData\Roaming\skypePM
2011-02-12 15:41 . 2011-02-12 15:41 -------- d-----w- c:\program files\Common Files\Skype
2011-02-10 13:00 . 2011-02-10 13:00 -------- d-----w- C:\Arkanoid
2011-02-08 22:13 . 2011-02-16 17:44 -------- d-----w- C:\Pat a Mat

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-27 06:17 . 2010-10-17 08:58 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1515576]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-02-22 2363392]
"SpywareTerminatorUpdate"="f:\debordelizace\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-13 3037696]
"SpybotSD TeaTimer"="f:\debordelizace\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"McAfee Managed Services Tray"="c:\program files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe" [2010-02-17 476480]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-08 102400]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-17 495708]
"estar"="c:\system.sav\Util\HideDOS.EXE" [2006-11-28 77824]
"Nuance PDF Reader-reminder"="c:\program files\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"NortonOnlineBackupReminder"="c:\program files\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2009-12-03 3331944]
"SpywareTerminator"="f:\debordelizace\Spyware Terminator\SpywareTerminatorShield.exe" [2010-03-13 2166784]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]

c:\users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HP SimpleSave Monitor.lnk - c:\users\Filip\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [2011-1-15 481176]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

R2 BackupService;BackupService;c:\users\Filip\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 136176]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-02-08 83912]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-15 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-08-12 64288]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-23 142592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-08 172032]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-04 135336]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-01-16 1375992]
S2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]
S2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-04-08 5429760]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-08 157184]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-01-16 15264]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 00:06 78848]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 18:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-03-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 22:19]

2011-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 19:41]

2011-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 19:41]

2011-02-15 c:\windows\Tasks\HPCeeScheduleForFilip.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]

2011-03-01 c:\windows\Tasks\Norton Security Scan for Filip.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-01-05 08:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
mStart Page = hxxp://www.bing.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
Trusted Zone: siteadvisor.com\www
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2n9qac67.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://centrum.cz/firefox
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: McAfee SiteAdvisor Enterprise: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor Enterprise
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-McAfee Managed Firewall - c:\program files\McAfee\Managed VirusScan\Agent\myinx
AddRemove-MVS - c:\program files\McAfee\Managed VirusScan\Agent\myinx
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-01 22:28:09
ComboFix-quarantined-files.txt 2011-03-01 21:28

Před spuštěním: Volných bajtů: 255 293 939 712
Po spuštění: Volných bajtů: 254 963 990 528

- - End Of File - - 65DC9D80D8707AA5636E5701CE7D34DE

#2 Příspěvek od **motji** » 03 bře 2011 18:18

Dobrý večer

Máte nějak moc antivirů, ponechte jen jeden.

Poprosím o log ze rsitu, viz můj podpis.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Filis · #3 Příspěvek od **Filis** » 03 bře 2011 22:44

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5947

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

3.3.2011 22:34:31
mbam-log-2011-03-03 (22-34-21).txt

Typ kontroly: Rychlý test
Testované objekty: 156141
Uplynulý čas: 2 minut, 41 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Filip\AppData\Roaming\asdsada.bat (Malware.Trace) -> No action taken.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Filip at 2011-03-03 22:20:37
Microsoft Windows 7 Home Premium
System drive C: has 243 GB (53%) free of 459 GB
Total RAM: 2813 MB (60% free)

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForFilip.job
C:\windows\tasks\Norton Security Scan for Filip.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - F:\Debordelizace\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100531174951.dll [2010-02-04 73288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"McAfee Managed Services Tray"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe [2010-02-17 476480]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-08 102400]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-17 495708]
"estar"=C:\System.Sav\Util\HideDOS.EXE [2006-11-28 77824]
"Nuance PDF Reader-reminder"=C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"NortonOnlineBackupReminder"=C:\Program Files\Symantec\Norton Online Backup\Activation\NOBuActivation.exe [2009-12-03 3331944]
"SpywareTerminator"=F:\Debordelizace\Spyware Terminator\SpywareTerminatorShield.exe [2010-03-13 2166784]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-10 1515576]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]
"SpywareTerminatorUpdate"=F:\Debordelizace\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-03-13 3037696]
"SpybotSD TeaTimer"=F:\Debordelizace\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HP SimpleSave Monitor.lnk - C:\Users\Filip\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-03-03 22:17:14 ----D---- C:\rsit
2011-03-02 15:53:34 ----D---- C:\Program Files\Citrix
2011-03-01 22:28:14 ----SHD---- C:\$RECYCLE.BIN
2011-03-01 22:28:11 ----D---- C:\windows\temp
2011-03-01 22:28:09 ----A---- C:\ComboFix.txt
2011-03-01 22:16:52 ----A---- C:\windows\zip.exe
2011-03-01 22:16:52 ----A---- C:\windows\SWSC.exe
2011-03-01 22:16:52 ----A---- C:\windows\SWREG.exe
2011-03-01 22:16:52 ----A---- C:\windows\sed.exe
2011-03-01 22:16:52 ----A---- C:\windows\PEV.exe
2011-03-01 22:16:52 ----A---- C:\windows\NIRCMD.exe
2011-03-01 22:16:52 ----A---- C:\windows\MBR.exe
2011-03-01 22:16:52 ----A---- C:\windows\grep.exe
2011-03-01 22:16:43 ----D---- C:\windows\ERDNT
2011-03-01 22:10:49 ----D---- C:\Qoobox
2011-03-01 22:10:28 ----A---- C:\windows\SWXCACLS.exe
2011-02-25 15:43:58 ----D---- C:\Záloha
2011-02-23 06:04:21 ----A---- C:\windows\system32\wcncsvc.dll
2011-02-23 05:58:41 ----A---- C:\windows\system32\XpsPrint.dll
2011-02-23 05:58:41 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-02-22 21:09:50 ----D---- C:\Mikiny Nosferatu
2011-02-18 08:11:41 ----RASH---- C:\MSDOS.SYS
2011-02-18 08:11:41 ----RASH---- C:\IO.SYS
2011-02-15 19:40:33 ----D---- C:\Videa
2011-02-12 17:42:36 ----D---- C:\Users\Filip\AppData\Roaming\skypePM
2011-02-12 16:41:45 ----D---- C:\Program Files\Common Files\Skype
2011-02-10 14:00:20 ----D---- C:\Arkanoid
2011-02-09 15:38:44 ----A---- C:\windows\system32\win32k.sys
2011-02-09 15:38:42 ----A---- C:\windows\system32\kerberos.dll
2011-02-09 15:38:40 ----A---- C:\windows\system32\vbscript.dll
2011-02-09 15:38:40 ----A---- C:\windows\system32\jscript.dll
2011-02-09 15:38:38 ----A---- C:\windows\system32\mshtml.dll
2011-02-09 15:38:34 ----A---- C:\windows\system32\msfeeds.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\mstime.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\mshtmled.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\msfeedsbs.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\licmgr10.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\iertutil.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\iepeers.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\iedkcs32.dll
2011-02-09 15:38:32 ----A---- C:\windows\system32\msfeedssync.exe
2011-02-09 15:38:30 ----A---- C:\windows\system32\atmfd.dll
2011-02-09 15:38:29 ----A---- C:\windows\system32\atmlib.dll
2011-02-09 15:38:28 ----A---- C:\windows\system32\ntoskrnl.exe
2011-02-09 15:38:28 ----A---- C:\windows\system32\ntdll.dll
2011-02-09 15:38:27 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-02-09 15:38:22 ----A---- C:\windows\system32\upnp.dll
2011-02-09 15:38:21 ----A---- C:\windows\system32\urlmon.dll
2011-02-09 15:38:21 ----A---- C:\windows\system32\msxml6.dll
2011-02-09 15:38:20 ----A---- C:\windows\system32\wininet.dll
2011-02-09 15:38:20 ----A---- C:\windows\system32\msxml3.dll
2011-02-09 15:38:20 ----A---- C:\windows\system32\ieframe.dll
2011-02-09 15:38:19 ----A---- C:\windows\system32\winhttp.dll
2011-02-09 15:38:19 ----A---- C:\windows\system32\WebClnt.dll
2011-02-09 15:38:19 ----A---- C:\windows\system32\davclnt.dll
2011-02-09 15:38:18 ----A---- C:\windows\system32\wscsvc.dll
2011-02-09 15:38:18 ----A---- C:\windows\system32\wscapi.dll
2011-02-09 15:38:18 ----A---- C:\windows\system32\slwga.dll
2011-02-09 15:38:15 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2011-02-08 23:13:41 ----D---- C:\Pat a Mat

======List of files/folders modified in the last 1 months======

2011-03-03 22:20:37 ----D---- C:\Program Files\trend micro
2011-03-03 22:14:42 ----D---- C:\Windows
2011-03-03 22:12:33 ----D---- C:\windows\system32\config
2011-03-03 22:11:46 ----RD---- C:\Program Files
2011-03-03 22:09:37 ----D---- C:\ProgramData
2011-03-03 22:09:36 ----D---- C:\windows\system32\drivers
2011-03-03 22:08:40 ----D---- C:\Program Files\McAfee
2011-03-03 22:08:39 ----SHD---- C:\windows\Installer
2011-03-03 22:08:37 ----D---- C:\ProgramData\McAfee
2011-03-03 22:04:18 ----D---- C:\ProgramData\Lavasoft
2011-03-03 22:04:17 ----DC---- C:\windows\system32\DRVSTORE
2011-03-03 22:04:15 ----D---- C:\windows\System32
2011-03-03 22:02:15 ----D---- C:\windows\system32\Tasks
2011-03-03 21:57:20 ----D---- C:\windows\Tasks
2011-03-03 21:57:02 ----D---- C:\Users\Filip\AppData\Roaming\Spyware Terminator
2011-03-03 17:06:31 ----D---- C:\ProgramData\Spyware Terminator
2011-03-02 22:44:28 ----D---- C:\Users\Filip\AppData\Roaming\ICQ
2011-03-01 22:25:52 ----A---- C:\windows\system.ini
2011-03-01 22:25:44 ----D---- C:\windows\system32\drivers\etc
2011-03-01 22:21:48 ----D---- C:\windows\AppPatch
2011-03-01 22:21:46 ----D---- C:\Program Files\Common Files
2011-03-01 17:57:44 ----SHD---- C:\System Volume Information
2011-02-28 14:58:57 ----D---- C:\windows\inf
2011-02-28 14:58:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-02-25 23:09:14 ----D---- C:\windows\system32\NDF
2011-02-23 06:04:34 ----D---- C:\windows\winsxs
2011-02-23 06:04:27 ----D---- C:\windows\system32\catroot
2011-02-23 05:58:15 ----D---- C:\windows\system32\catroot2
2011-02-22 21:31:03 ----D---- C:\Users\Filip\AppData\Roaming\XnView
2011-02-20 22:19:10 ----D---- C:\Users\Filip\AppData\Roaming\vlc
2011-02-19 08:23:04 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-15 23:28:52 ----D---- C:\Users\Filip\AppData\Roaming\Skype
2011-02-15 22:06:48 ----D---- C:\Týnfest
2011-02-15 21:17:51 ----D---- C:\windows\debug
2011-02-12 21:01:01 ----SD---- C:\Users\Filip\AppData\Roaming\Microsoft
2011-02-12 16:41:45 ----RD---- C:\Program Files\Skype
2011-02-09 20:11:54 ----D---- C:\Program Files\Internet Explorer
2011-02-09 17:18:58 ----A---- C:\windows\system32\MRT.exe
2011-02-09 17:18:25 ----D---- C:\ProgramData\Microsoft Help
2011-02-09 08:21:14 ----D---- C:\Texty moje

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 14392]
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2010-02-08 385184]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 MPFP;MPFP; C:\windows\System32\Drivers\Mpfp.sys [2009-04-09 130424]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-23 142592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-11-02 1163328]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-04-08 5429760]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-04-08 157184]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-08-06 2709056]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-07 86056]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-01-07 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-07 18472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 21560]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys [2010-02-08 95728]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2010-02-08 152736]
R3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2010-02-08 51720]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 78848]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt.sys [2010-03-17 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-02-26 242992]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 catchme;catchme; \??\C:\Users\Filip\AppData\Local\Temp\catchme.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 mferkdet;McAfee Inc. mferkdet; C:\windows\system32\drivers\mferkdet.sys [2010-02-08 83912]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys []
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-11-02 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-04-08 172032]
R2 BackupService;BackupService; C:\Users\Filip\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 595232]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-02-04 170144]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-05-08 893112]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; F:\Debordelizace\Spyware Terminator\sp_rsser.exe [2010-03-13 488960]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [2010-03-17 229458]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-13 136176]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-09-15 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#4 Příspěvek od **motji** » 03 bře 2011 22:51

Smažte a udělejte uplný sken mbam

Filis · #5 Příspěvek od **Filis** » 04 bře 2011 08:11

Teď asi nerozumím. Co mám smazat a scan mbab se jedná o kompletní scan, tedy ne rychlou kontrolu?
Díky

#6 Příspěvek od **motji** » 04 bře 2011 08:41

Mbam už máte asi vypnutý, takže nemažte nic a udělejte kompletní sken mbamem

Filis · #7 Příspěvek od **Filis** » 04 bře 2011 14:10

Už jsem v obraze

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5947

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

4.3.2011 14:08:46
mbam-log-2011-03-04 (14-08-39).txt

Typ kontroly: Úplný test (C:\|D:\|F:\|)
Testované objekty: 308947
Uplynulý čas: 33 minut, 43 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Filip\AppData\Roaming\asdsada.bat (Malware.Trace) -> No action taken.

#8 Příspěvek od **motji** » 04 bře 2011 21:28

Můžete smazat v mbamu.

Jaký antivir jste si nechal?
Jak to vypadá s počítačem? Poprosím znovu o nový log ze rsitu po odinstalování antivirů, dočistíme zbytky.

Filis · #9 Příspěvek od **Filis** » 04 bře 2011 21:53

Nechal jsem spyware terminátor

Logfile of random's system information tool 1.08 (written by random/random)
Run by Filip at 2011-03-04 21:50:11
Microsoft Windows 7 Home Premium
System drive C: has 241 GB (53%) free of 459 GB
Total RAM: 2813 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:18, on 4.3.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe
C:\Program Files\IDT\WDM\sttray.exe
F:\Debordelizace\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
F:\Debordelizace\Spyware Terminator\SpywareTerminatorUpdate.exe
F:\Debordelizace\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\totalcmd\TOTALCMD.EXE
F:\Malwarebytes' Anti-Malware\mbam.exe
F:\videa\SMPlayer\smplayer.exe
C:\Program Files\ICQ7.2\ICQ.exe
F:\videa\SMPlayer\mplayer\mplayer.exe
C:\windows\system32\conhost.exe
F:\RSIT.exe
C:\Program Files\trend micro\Filip.exe
C:\windows\system32\rundll32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\Debordelizace\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100531174951.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [estar] C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [SpywareTerminator] "F:\Debordelizace\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "F:\Debordelizace\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Debordelizace\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: HP SimpleSave Monitor.lnk = C:\Users\Filip\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Debordelizace\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Debordelizace\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: BackupService - ArcSoft, Inc. - C:\Users\Filip\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - F:\Debordelizace\Spyware Terminator\sp_rsser.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 12272 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForFilip.job
C:\windows\tasks\Norton Security Scan for Filip.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - F:\Debordelizace\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100531174951.dll [2010-02-04 73288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"McAfee Managed Services Tray"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe [2010-02-17 476480]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-08 102400]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-17 495708]
"estar"=C:\System.Sav\Util\HideDOS.EXE [2006-11-28 77824]
"Nuance PDF Reader-reminder"=C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"NortonOnlineBackupReminder"=C:\Program Files\Symantec\Norton Online Backup\Activation\NOBuActivation.exe [2009-12-03 3331944]
"SpywareTerminator"=F:\Debordelizace\Spyware Terminator\SpywareTerminatorShield.exe [2010-03-13 2166784]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-10 1515576]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]
"SpywareTerminatorUpdate"=F:\Debordelizace\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-03-13 3037696]
"SpybotSD TeaTimer"=F:\Debordelizace\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HP SimpleSave Monitor.lnk - C:\Users\Filip\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-03-04 06:03:01 ----D---- C:\Program Files\Common Files\Java
2011-03-04 06:02:49 ----A---- C:\windows\system32\javaws.exe
2011-03-04 06:02:49 ----A---- C:\windows\system32\javaw.exe
2011-03-04 06:02:49 ----A---- C:\windows\system32\java.exe
2011-03-03 22:27:04 ----D---- C:\Users\Filip\AppData\Roaming\Malwarebytes
2011-03-03 22:26:59 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-03-03 22:26:58 ----D---- C:\ProgramData\Malwarebytes
2011-03-03 22:26:55 ----A---- C:\windows\system32\drivers\mbam.sys
2011-03-03 22:17:14 ----D---- C:\rsit
2011-03-02 15:53:34 ----D---- C:\Program Files\Citrix
2011-03-01 22:28:14 ----SHD---- C:\$RECYCLE.BIN
2011-03-01 22:28:11 ----D---- C:\windows\temp
2011-03-01 22:28:09 ----A---- C:\ComboFix.txt
2011-03-01 22:16:52 ----A---- C:\windows\zip.exe
2011-03-01 22:16:52 ----A---- C:\windows\SWSC.exe
2011-03-01 22:16:52 ----A---- C:\windows\SWREG.exe
2011-03-01 22:16:52 ----A---- C:\windows\sed.exe
2011-03-01 22:16:52 ----A---- C:\windows\PEV.exe
2011-03-01 22:16:52 ----A---- C:\windows\NIRCMD.exe
2011-03-01 22:16:52 ----A---- C:\windows\MBR.exe
2011-03-01 22:16:52 ----A---- C:\windows\grep.exe
2011-03-01 22:16:43 ----D---- C:\windows\ERDNT
2011-03-01 22:10:49 ----D---- C:\Qoobox
2011-03-01 22:10:28 ----A---- C:\windows\SWXCACLS.exe
2011-02-25 15:43:58 ----D---- C:\Záloha
2011-02-23 06:04:21 ----A---- C:\windows\system32\wcncsvc.dll
2011-02-23 05:58:41 ----A---- C:\windows\system32\XpsPrint.dll
2011-02-23 05:58:41 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-02-22 21:09:50 ----D---- C:\Mikiny Nosferatu
2011-02-18 08:11:41 ----RASH---- C:\MSDOS.SYS
2011-02-18 08:11:41 ----RASH---- C:\IO.SYS
2011-02-15 19:40:33 ----D---- C:\Videa
2011-02-12 17:42:36 ----D---- C:\Users\Filip\AppData\Roaming\skypePM
2011-02-12 16:41:45 ----D---- C:\Program Files\Common Files\Skype
2011-02-10 14:00:20 ----D---- C:\Arkanoid
2011-02-09 15:38:44 ----A---- C:\windows\system32\win32k.sys
2011-02-09 15:38:42 ----A---- C:\windows\system32\kerberos.dll
2011-02-09 15:38:40 ----A---- C:\windows\system32\vbscript.dll
2011-02-09 15:38:40 ----A---- C:\windows\system32\jscript.dll
2011-02-09 15:38:38 ----A---- C:\windows\system32\mshtml.dll
2011-02-09 15:38:34 ----A---- C:\windows\system32\msfeeds.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\mstime.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\mshtmled.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\msfeedsbs.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\licmgr10.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\iertutil.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\iepeers.dll
2011-02-09 15:38:33 ----A---- C:\windows\system32\iedkcs32.dll
2011-02-09 15:38:32 ----A---- C:\windows\system32\msfeedssync.exe
2011-02-09 15:38:30 ----A---- C:\windows\system32\atmfd.dll
2011-02-09 15:38:29 ----A---- C:\windows\system32\atmlib.dll
2011-02-09 15:38:28 ----A---- C:\windows\system32\ntoskrnl.exe
2011-02-09 15:38:28 ----A---- C:\windows\system32\ntdll.dll
2011-02-09 15:38:27 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-02-09 15:38:22 ----A---- C:\windows\system32\upnp.dll
2011-02-09 15:38:21 ----A---- C:\windows\system32\urlmon.dll
2011-02-09 15:38:21 ----A---- C:\windows\system32\msxml6.dll
2011-02-09 15:38:20 ----A---- C:\windows\system32\wininet.dll
2011-02-09 15:38:20 ----A---- C:\windows\system32\msxml3.dll
2011-02-09 15:38:20 ----A---- C:\windows\system32\ieframe.dll
2011-02-09 15:38:19 ----A---- C:\windows\system32\winhttp.dll
2011-02-09 15:38:19 ----A---- C:\windows\system32\WebClnt.dll
2011-02-09 15:38:19 ----A---- C:\windows\system32\davclnt.dll
2011-02-09 15:38:18 ----A---- C:\windows\system32\wscsvc.dll
2011-02-09 15:38:18 ----A---- C:\windows\system32\wscapi.dll
2011-02-09 15:38:18 ----A---- C:\windows\system32\slwga.dll
2011-02-09 15:38:15 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2011-02-08 23:13:41 ----D---- C:\Pat a Mat

======List of files/folders modified in the last 1 months======

2011-03-04 21:50:12 ----D---- C:\Program Files\trend micro
2011-03-04 21:25:32 ----D---- C:\Users\Filip\AppData\Roaming\ICQ
2011-03-04 16:32:18 ----D---- C:\ProgramData\Spyware Terminator
2011-03-04 14:17:45 ----SHD---- C:\System Volume Information
2011-03-04 14:08:34 ----D---- C:\windows\system32\config
2011-03-04 06:03:02 ----SHD---- C:\windows\Installer
2011-03-04 06:03:01 ----D---- C:\Program Files\Common Files
2011-03-04 06:02:49 ----D---- C:\windows\System32
2011-03-04 06:02:32 ----D---- C:\Program Files\Java
2011-03-04 05:55:43 ----D---- C:\Windows
2011-03-03 22:26:59 ----D---- C:\windows\system32\drivers
2011-03-03 22:26:58 ----D---- C:\ProgramData
2011-03-03 22:11:46 ----RD---- C:\Program Files
2011-03-03 22:08:40 ----D---- C:\Program Files\McAfee
2011-03-03 22:08:37 ----D---- C:\ProgramData\McAfee
2011-03-03 22:04:18 ----D---- C:\ProgramData\Lavasoft
2011-03-03 22:04:17 ----DC---- C:\windows\system32\DRVSTORE
2011-03-03 22:02:15 ----D---- C:\windows\system32\Tasks
2011-03-03 21:57:20 ----D---- C:\windows\Tasks
2011-03-03 21:57:02 ----D---- C:\Users\Filip\AppData\Roaming\Spyware Terminator
2011-03-01 22:25:52 ----A---- C:\windows\system.ini
2011-03-01 22:25:44 ----D---- C:\windows\system32\drivers\etc
2011-03-01 22:21:48 ----D---- C:\windows\AppPatch
2011-02-28 14:58:57 ----D---- C:\windows\inf
2011-02-28 14:58:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-02-25 23:09:14 ----D---- C:\windows\system32\NDF
2011-02-23 06:04:34 ----D---- C:\windows\winsxs
2011-02-23 06:04:27 ----D---- C:\windows\system32\catroot
2011-02-23 05:58:15 ----D---- C:\windows\system32\catroot2
2011-02-22 21:31:03 ----D---- C:\Users\Filip\AppData\Roaming\XnView
2011-02-20 22:19:10 ----D---- C:\Users\Filip\AppData\Roaming\vlc
2011-02-19 08:23:04 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-15 23:28:52 ----D---- C:\Users\Filip\AppData\Roaming\Skype
2011-02-15 22:06:48 ----D---- C:\Týnfest
2011-02-15 21:17:51 ----D---- C:\windows\debug
2011-02-12 21:01:01 ----SD---- C:\Users\Filip\AppData\Roaming\Microsoft
2011-02-12 16:41:45 ----RD---- C:\Program Files\Skype
2011-02-09 20:11:54 ----D---- C:\Program Files\Internet Explorer
2011-02-09 17:18:58 ----A---- C:\windows\system32\MRT.exe
2011-02-09 17:18:25 ----D---- C:\ProgramData\Microsoft Help
2011-02-09 08:21:14 ----D---- C:\Texty moje

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 14392]
R0 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2010-02-08 385184]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 MPFP;MPFP; C:\windows\System32\Drivers\Mpfp.sys [2009-04-09 130424]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-23 142592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-11-02 1163328]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-04-08 5429760]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-04-08 157184]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-08-06 2709056]
R3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-07 86056]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-01-07 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-07 18472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 21560]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\windows\system32\drivers\mfeapfk.sys [2010-02-08 95728]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\windows\system32\drivers\mfeavfk.sys [2010-02-08 152736]
R3 mfebopk;McAfee Inc. mfebopk; C:\windows\system32\drivers\mfebopk.sys [2010-02-08 51720]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 78848]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt.sys [2010-03-17 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-02-26 242992]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 catchme;catchme; \??\C:\Users\Filip\AppData\Local\Temp\catchme.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 mferkdet;McAfee Inc. mferkdet; C:\windows\system32\drivers\mferkdet.sys [2010-02-08 83912]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys []
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-11-02 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-04-08 172032]
R2 BackupService;BackupService; C:\Users\Filip\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 595232]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-02-04 170144]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-05-08 893112]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; F:\Debordelizace\Spyware Terminator\sp_rsser.exe [2010-03-13 488960]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [2010-03-17 229458]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-13 136176]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-09-15 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#10 Příspěvek od **motji** » 04 bře 2011 22:35

Odinstalujte Spybota, stačí Spyware terminátor.
V logu vidím antivir od McAfee.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše


File::
C:\windows\tasks\Norton Security Scan for Filip.job

Folder::
C:\Program Files\Symantec

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

DDS::
mStart Page = hxxp://www.bing.com
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
Trusted Zone: siteadvisor.com\www

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Filis · #11 Příspěvek od **Filis** » 06 bře 2011 22:55

McAfee se mám taky zbavit?

ComboFix 11-03-05.02 - Filip 06.03.2011 22:13:23.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2813.1689 [GMT 1:00]
Spuštěný z: f:\debordelizace\ComboFix.exe
Použité ovládací přepínače :: c:\users\Filip\Desktop\CFScript.txt
AV: McAfee® Total Protection™ Service *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee® Total Protection™ Service *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee® Total Protection™ Service *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\Norton Security Scan for Filip.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-06 do 2011-03-06 )))))))))))))))))))))))))))))))
.
.
2011-03-06 21:39 . 2011-03-06 21:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-06 09:51 . 2011-03-06 11:06 -------- d-----w- c:\users\Filip\AppData\Roaming\vlc
2011-03-05 07:24 . 2011-03-06 21:39 -------- d-----w- c:\users\Filip\AppData\Local\temp
2011-03-04 05:03 . 2011-03-04 05:03 -------- d-----w- c:\program files\Common Files\Java
2011-03-03 21:27 . 2011-03-03 21:27 -------- d-----w- c:\users\Filip\AppData\Roaming\Malwarebytes
2011-03-03 21:26 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-03 21:26 . 2011-03-03 21:26 -------- d-----w- c:\programdata\Malwarebytes
2011-03-03 21:26 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-03 21:17 . 2011-03-03 21:20 -------- d-----w- C:\rsit
2011-03-02 14:53 . 2011-03-02 14:53 -------- d-----w- c:\program files\Citrix
2011-02-25 14:43 . 2011-02-25 14:57 -------- d-----w- C:\Záloha
2011-02-23 05:04 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 04:58 . 2011-01-07 07:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 04:58 . 2011-01-07 07:31 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 20:09 . 2011-02-22 20:31 -------- d-----w- C:\Mikiny Nosferatu
2011-02-15 18:40 . 2011-03-06 12:00 -------- d-----w- C:\Videa
2011-02-12 16:42 . 2011-02-15 22:06 -------- d-----w- c:\users\Filip\AppData\Roaming\skypePM
2011-02-12 15:41 . 2011-02-12 15:41 -------- d-----w- c:\program files\Common Files\Skype
2011-02-10 13:00 . 2011-02-10 13:00 -------- d-----w- C:\Arkanoid
2011-02-08 22:13 . 2011-02-16 17:44 -------- d-----w- C:\Pat a Mat
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 20:40 . 2010-12-21 12:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1515576]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-02-22 2363392]
"SpywareTerminatorUpdate"="f:\debordelizace\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-13 3037696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"McAfee Managed Services Tray"="c:\program files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe" [2010-02-17 476480]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-08 102400]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-17 495708]
"estar"="c:\system.sav\Util\HideDOS.EXE" [2006-11-28 77824]
"Nuance PDF Reader-reminder"="c:\program files\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"SpywareTerminator"="f:\debordelizace\Spyware Terminator\SpywareTerminatorShield.exe" [2010-03-13 2166784]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HP SimpleSave Monitor.lnk - c:\users\Filip\AppData\Roaming\HP SimpleSave Application\StartHelper.exe [2011-1-15 481176]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
R2 BackupService;BackupService;c:\users\Filip\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 136176]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-02-08 83912]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-15 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-23 142592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-08 172032]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]
S2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-04-08 5429760]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-08 157184]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 00:06 78848]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 18:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 19:41]
.
2011-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-13 19:41]
.
2011-02-15 c:\windows\Tasks\HPCeeScheduleForFilip.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2n9qac67.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://centrum.cz/firefox
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(11056)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
.
Celkový čas: 2011-03-06 22:41:46
ComboFix-quarantined-files.txt 2011-03-06 21:41
ComboFix2.txt 2011-03-05 07:24
ComboFix3.txt 2011-03-01 21:28
.
Před spuštěním: Volných bajtů: 251 380 256 768
Po spuštění: Volných bajtů: 251 361 660 928
.
- - End Of File - - 369ECF36B1EC32CE3BC6DBFB2F50DC0D

#12 Příspěvek od **motji** » 06 bře 2011 23:01

Spyware Terminátor je Antispyware, takže MC afee si klidně nechejte.
Jak to vypadá s počítačem?

Filis · #13 Příspěvek od **Filis** » 06 bře 2011 23:14

Nefunguje mi tv web od Starnetu http://webtv.starnet.cz/ a nepodařilo se to vyřešit ani po konzultaci s technickou podporou. Instaloval jsem VLC přesně podle návodu a nefunguje. Jiný problém jsem nezaznamenal

#14 Příspěvek od **motji** » 06 bře 2011 23:16

S tím Vám asi bohužel neporadím

.

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Filis · #15 Příspěvek od **Filis** » 06 bře 2011 23:31

Po druhém potvrzení stiknutím A se objeví tabulka "Windows script host":
Skript: F:/SR.vbs
Řádek: 1
Znak: Acces denied
Kód: 80041003
Zdroj: SWbemObjectEX

když stisknu o.k. přestane cleaner pracovat

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu