Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Facebook vir

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir

#16 Příspěvek od vyosek »

Tak na to pujdem jinak :James008:

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
  • Provedte aktualizaci - treti zalozka
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#17 Příspěvek od ondrau »

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7310

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.7.2011 19:15:44
mbam-log-2011-07-28 (19-15-40).txt

Typ: Úplná kontrola (C:\|D:\|E:\|)
Kontrolované objekty: 407433
Uplynulý čas: 51 minut, 39 sekund

Infikované procesy v paměti: 5
Infikované moduly v paměti: 0
Infikované klíče v registru: 9
Infikované hodnoty v registru: 7
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 29

Infikované procesy v paměti:
c:\Windows\update.2\svchost.exe (Trojan.Downloader.H) -> 844 -> No action taken.
c:\Windows\update.2\svchost.exe (Trojan.Downloader.H) -> 2884 -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 2264 -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 4180 -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 1092 -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Trojan.Downloader.H) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10387177-loader2.exe (Trojan.Agent) -> Value: 10387177-loader2.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\w_distrib.exe (Trojan.Agent) -> Value: w_distrib.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> No action taken.

Infikované soubory:
c:\Windows\update.2\svchost.exe (Trojan.Downloader.H) -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Users\Ondra\AppData\Local\Temp\10387177-loader2.exe (Trojan.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\l1rezerv.exe.vir (Backdoor.Delf) -> No action taken.
c:\Qoobox\quarantine\C\Windows\services32.exe.vir (Trojan.Dropper) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.1\svchost.exe.vir (Trojan.Dropper) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.2\svchost.exe.vir (Trojan.Downloader.H) -> No action taken.
c:\Users\Ondra\AppData\Local\Temp\5777264.exe (Trojan.Agent) -> No action taken.
c:\Users\Ondra\AppData\Local\Temp\8161150.exe (Trojan.Agent) -> No action taken.
c:\Users\Ondra\AppData\Local\Temp\8640811.exe (Trojan.Downloader) -> No action taken.
c:\Users\Ondra\downloads\flash-player.exe (Trojan.Dropper) -> No action taken.
c:\Windows\l1rezerv.exe (Backdoor.Delf) -> No action taken.
c:\Windows\services32.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\update.3\svchost.exe (Trojan.Agent) -> No action taken.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir

#18 Příspěvek od vyosek »

Nalezy smazte, objevi se log, ten bych rad videl
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#19 Příspěvek od ondrau »

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7310

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.7.2011 19:29:22
mbam-log-2011-07-28 (19-29-22).txt

Typ: Úplná kontrola (C:\|D:\|E:\|)
Kontrolované objekty: 407433
Uplynulý čas: 51 minut, 39 sekund

Infikované procesy v paměti: 5
Infikované moduly v paměti: 0
Infikované klíče v registru: 9
Infikované hodnoty v registru: 7
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 29

Infikované procesy v paměti:
c:\Windows\update.2\svchost.exe (Trojan.Downloader.H) -> 844 -> Unloaded process successfully.
c:\Windows\update.2\svchost.exe (Trojan.Downloader.H) -> 2884 -> Failed to unload process.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 2264 -> Failed to unload process.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 4180 -> Failed to unload process.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 1092 -> Unloaded process successfully.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Trojan.Downloader.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Agent) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10387177-loader2.exe (Trojan.Agent) -> Value: 10387177-loader2.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\w_distrib.exe (Trojan.Agent) -> Value: w_distrib.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> Quarantined and deleted successfully.

Infikované soubory:
c:\Windows\update.2\svchost.exe (Trojan.Downloader.H) -> Quarantined and deleted successfully.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Ondra\AppData\Local\Temp\10387177-loader2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\l1rezerv.exe.vir (Backdoor.Delf) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\services32.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\update.1\svchost.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\update.2\svchost.exe.vir (Trojan.Downloader.H) -> Quarantined and deleted successfully.
c:\Users\Ondra\AppData\Local\Temp\5777264.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Ondra\AppData\Local\Temp\8161150.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Ondra\AppData\Local\Temp\8640811.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Ondra\downloads\flash-player.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\l1rezerv.exe (Backdoor.Delf) -> Quarantined and deleted successfully.
c:\Windows\services32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\update.3\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir

#20 Příspěvek od vyosek »

Zkuste nyni spustit ComboFix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#21 Příspěvek od ondrau »

Stale nic. Ale musel jsem obnovovat spousteni systemu windows. Psal neco o tom ze se vrati do doby kdy to fungovalo
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir

#22 Příspěvek od vyosek »

Dejte mi novy log z RSIT
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#23 Příspěvek od ondrau »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ondra at 2011-07-28 20:46:02
Microsoft Windows 7 Home Premium
System drive C: has 247 GB (41%) free of 596 GB
Total RAM: 3894 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:46:04, on 28.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\QIP Infium RičrdssonPack\xchat\gate.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files (x86)\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Windows\update.1\svchost.exe
C:\Windows\update.3\svchost.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Users\Ondra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ondra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ondra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ondra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Ondra\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ondra\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Ondra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files (x86)\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\update.1\svchost.exe
O4 - HKLM\..\Run: [w_distrib.exe] "C:\Windows\update.3\svchost.exe" stand
O4 - HKLM\..\Run: [10387177-loader2.exe] "C:\Users\Ondra\AppData\Local\Temp\10387177-loader2.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [osk.exe] osk.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [osk.exe] osk.exe (User 'Default user')
O4 - Startup: Xchat.cz QIP Infium chat.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\System32\ezSharedSvcHost.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files (x86)\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe

--
End of file - 13932 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70956993-34390427-3090788439-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70956993-34390427-3090788439-1000UA.job
C:\Windows\tasks\HPCeeScheduleForOndra.job
C:\Windows\tasks\One-Click Tweak.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\eczb27hj.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-02 98304]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-01-25 61112]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"KMCONFIG"=C:\Program Files (x86)\Keyboard & Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-11-30 74752]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"wxpdrv"=C:\Windows\update.1\svchost.exe [2011-07-20 1147392]
"w_distrib.exe"=C:\Windows\update.3\svchost.exe [2011-07-21 272896]
"10387177-loader2.exe"=C:\Users\Ondra\AppData\Local\Temp\10387177-loader2.exe [2011-07-21 245760]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe rezerv []
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe rezerv []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Google Update"=C:\Users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe /c []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-10-09 25623336]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"NokiaOviSuite2"=C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xchat.cz QIP Infium chat.lnk - C:\Program Files\QIP Infium RičrdssonPack\xchat\gate.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-04-21 52920]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-28 18:12:25 ----D---- C:\Users\Ondra\AppData\Roaming\Malwarebytes
2011-07-28 18:12:09 ----D---- C:\ProgramData\Malwarebytes
2011-07-28 18:12:06 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-27 23:04:49 ----SD---- C:\32788R22FWJFW
2011-07-27 09:34:50 ----D---- C:\ProgramData\Recovery
2011-07-26 22:52:51 ----D---- C:\Windows\ERDNT
2011-07-26 18:25:16 ----A---- C:\Windows\SysWOW64\exehelperlog.txt
2011-07-26 17:31:08 ----D---- C:\rsit
2011-07-26 17:31:08 ----D---- C:\Program Files (x86)\trend micro
2011-07-26 15:37:14 ----SD---- C:\ComboFix
2011-07-26 15:35:11 ----D---- C:\Qoobox
2011-07-26 12:26:43 ----D---- C:\Users\Ondra\AppData\Roaming\SUPERAntiSpyware.com
2011-07-26 12:26:43 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-07-22 15:39:40 ----D---- C:\Program Files (x86)\InCode Solutions
2011-07-21 15:25:16 ----D---- C:\Windows\Roaming
2011-07-21 15:25:16 ----D---- C:\ProgramData\Motive
2011-07-21 15:04:11 ----A---- C:\Windows\w_distrib_iplist.txt
2011-07-21 15:03:54 ----D---- C:\Windows\system64
2011-07-21 15:03:48 ----HD---- C:\Windows\update.3
2011-07-20 16:08:22 ----D---- C:\Windows\ufa
2011-07-20 16:08:22 ----D---- C:\Windows\rpcminer
2011-07-20 16:08:22 ----D---- C:\Windows\phoenix
2011-07-20 16:06:36 ----A---- C:\Windows\l1rezerv.exe
2011-07-20 16:06:14 ----A---- C:\Windows\ddh_iplist.txt
2011-07-20 15:56:42 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-20 15:56:23 ----HD---- C:\Windows\update.2
2011-07-20 15:54:36 ----A---- C:\Windows\unrar.exe
2011-07-20 15:54:28 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-20 15:54:07 ----HD---- C:\Windows\update.5.0
2011-07-20 15:54:03 ----A---- C:\Windows\iplist.txt
2011-07-20 15:53:40 ----A---- C:\Windows\front_ip_list.txt
2011-07-20 15:53:35 ----HD---- C:\Windows\update.1
2011-07-20 15:53:34 ----A---- C:\Windows\services32.exe
2011-07-13 04:29:26 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 04:29:26 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 04:29:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-13 04:29:16 ----A---- C:\Windows\SysWOW64\kernel32.dll
2011-07-13 04:29:15 ----A---- C:\Windows\SysWOW64\wow32.dll
2011-07-13 04:29:15 ----A---- C:\Windows\SysWOW64\setup16.exe
2011-07-13 04:29:15 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2011-07-13 04:29:15 ----A---- C:\Windows\SysWOW64\instnm.exe
2011-07-13 04:29:14 ----A---- C:\Windows\SysWOW64\user.exe
2011-06-29 10:41:12 ----A---- C:\Windows\SysWOW64\drvinst.exe
2011-06-29 10:41:12 ----A---- C:\Windows\SysWOW64\devrtl.dll
2011-06-29 10:41:12 ----A---- C:\Windows\SysWOW64\devobj.dll
2011-06-29 10:41:12 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll
2011-06-29 10:41:10 ----A---- C:\Windows\SysWOW64\mssrch.dll
2011-06-29 10:41:09 ----A---- C:\Windows\SysWOW64\tquery.dll
2011-06-29 10:41:08 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-06-29 10:41:08 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2011-06-29 10:41:08 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2011-06-29 10:41:08 ----A---- C:\Windows\SysWOW64\mssvp.dll
2011-06-29 10:41:08 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2011-06-29 10:41:08 ----A---- C:\Windows\SysWOW64\mssph.dll
2011-06-29 10:41:08 ----A---- C:\Windows\SysWOW64\msscntrs.dll

======List of files/folders modified in the last 1 month======

2011-07-29 06:38:06 ----D---- C:\Windows\Tasks
2011-07-29 06:38:06 ----D---- C:\Windows\SysWOW64
2011-07-29 06:38:06 ----D---- C:\Windows
2011-07-29 06:38:05 ----D---- C:\Windows\System32
2011-07-29 06:38:04 ----D---- C:\Windows\AppCompat
2011-07-29 06:37:53 ----D---- C:\Windows\registration
2011-07-29 06:37:19 ----HD---- C:\ProgramData
2011-07-29 06:37:18 ----SHD---- C:\$Recycle.Bin
2011-07-29 06:37:18 ----D---- C:\Program Files (x86)
2011-07-29 06:34:22 ----SHD---- C:\System Volume Information
2011-07-28 20:46:03 ----D---- C:\Windows\Temp
2011-07-28 20:43:56 ----D---- C:\Users\Ondra\AppData\Roaming\Skype
2011-07-28 20:39:07 ----A---- C:\Windows\SysWOW64\log.txt
2011-07-28 19:34:48 ----D---- C:\Windows\Prefetch
2011-07-28 04:09:11 ----D---- C:\Windows\inf
2011-07-27 09:42:16 ----D---- C:\Windows\winsxs
2011-07-27 09:42:15 ----D---- C:\Users\Ondra\AppData\Roaming\vlc
2011-07-27 09:39:15 ----RD---- C:\Program Files
2011-07-25 23:28:11 ----D---- C:\Windows\Minidump
2011-07-22 15:52:21 ----D---- C:\Users\Ondra\AppData\Roaming\dvdcss
2011-07-22 01:12:51 ----D---- C:\Users\Ondra\AppData\Roaming\uTorrent
2011-07-21 16:56:12 ----D---- C:\Program Files (x86)\QIP 2010
2011-07-21 12:23:24 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2011-07-20 16:36:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-07-14 23:40:35 ----D---- C:\Windows\AppPatch
2011-06-30 16:11:12 ----D---- C:\Windows\Microsoft.NET
2011-06-30 16:11:10 ----RSD---- C:\Windows\assembly
2011-06-30 13:54:27 ----RSD---- C:\Windows\Fonts
2011-06-30 13:38:06 ----SHD---- C:\Windows\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys []
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.SYS [2003-07-19 18848]
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\Windows\system32\MLPTDR_Q.SYS [2003-07-22 18848]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
S3 aih57dyq;aih57dyq; C:\Windows\SysWOW64\drivers\aih57dyq.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-23 225280]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 873248]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-10-15 120832]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
R2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-10-13 354840]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files (x86)\Keyboard & Mouse Driver\KMWDSrv.exe [2007-04-05 208896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-07-21 340992]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-07-20 483328]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe [2011-07-20 1147392]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-02-08 230968]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ezSharedSvc;Easybits Services for Windows; C:\Windows\System32\ezSharedSvcHost.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-28 136176]
S2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe srv []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-28 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir

#24 Příspěvek od vyosek »

:arrow: Stahnete OTM (viz muj podpis)
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
""=-
"QuickTime Task"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"WinampAgent"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"SunJavaUpdateSched"=-
"NokiaMServer"=-
"wxpdrv"=-
"w_distrib.exe"=-
"10387177-loader2.exe"=-
"sysdriver32.exe"=-
"sysdriver32_.exe"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"Skype"=-
"DAEMON Tools Lite"=-
"NokiaOviSuite2"=-
""=-
:services
srvbtcclient
srviecheck
wxpdrivers
ezSharedSvc
gupdate
srvsysdriver32
gupdatem

:files
C:\Windows\System32\ezSharedSvcHost.exe
C:\Windows\w_distrib_iplist.txt
C:\Windows\update.3
C:\Windows\ufa
C:\Windows\rpcminer
C:\Windows\phoenix
C:\Windows\l1rezerv.exe
C:\Windows\ddh_iplist.txt
C:\Windows\iecheck_iplist.txt
C:\Windows\update.2
C:\Windows\unrar.exe
C:\Windows\btc_client_iplist.txt
C:\Windows\update.5.0
C:\Windows\iplist.txt
C:\Windows\front_ip_list.txt
C:\Windows\update.1
C:\Windows\services32.exe
C:\Windows\update.3
C:\Windows\update.1
C:\Users\Ondra\AppData\Local\Temp
C:\Windows\sysdriver32_.exe
C:\Windows\sysdriver32.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70956993-34390427-3090788439-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70956993-34390427-3090788439-1000UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Kliknete na cervene tlacitko MoveIt!
  • Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#25 Příspěvek od ondrau »

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaMServer deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\w_distrib.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\10387177-loader2.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaOviSuite2 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service srvbtcclient stopped successfully!
Service srvbtcclient deleted successfully!
Service srviecheck stopped successfully!
Service srviecheck deleted successfully!
Service wxpdrivers stopped successfully!
Service wxpdrivers deleted successfully!
Service ezSharedSvc stopped successfully!
Service ezSharedSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service srvsysdriver32 stopped successfully!
Service srvsysdriver32 deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\System32\ezSharedSvcHost.exe not found.
C:\Windows\w_distrib_iplist.txt moved successfully.
C:\Windows\update.3 folder moved successfully.
Folder move failed. C:\Windows\ufa scheduled to be moved on reboot.
C:\Windows\rpcminer folder moved successfully.
C:\Windows\phoenix\kernels\poclbm folder moved successfully.
C:\Windows\phoenix\kernels\phatk folder moved successfully.
C:\Windows\phoenix\kernels folder moved successfully.
C:\Windows\phoenix folder moved successfully.
C:\Windows\l1rezerv.exe moved successfully.
C:\Windows\ddh_iplist.txt moved successfully.
C:\Windows\iecheck_iplist.txt moved successfully.
C:\Windows\update.2 folder moved successfully.
C:\Windows\unrar.exe moved successfully.
C:\Windows\btc_client_iplist.txt moved successfully.
C:\Windows\update.5.0 folder moved successfully.
C:\Windows\iplist.txt moved successfully.
C:\Windows\front_ip_list.txt moved successfully.
C:\Windows\update.1 folder moved successfully.
C:\Windows\services32.exe moved successfully.
File/Folder C:\Windows\update.3 not found.
File/Folder C:\Windows\update.1 not found.
C:\Users\Ondra\AppData\Local\Temp\{D5878294-C113-43c5-A24F-FC333C52015A} folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\{24F5E85A-B464-45E7-B7C0-C0362AF5F3C0} folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\WPDNSE folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\wizard\WinXP folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\wizard\Win9X folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\wizard\Win2000 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\wizard folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Win2K_XP folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Temporary Internet Files\Content.IE5\TJ2PXOWD folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Temporary Internet Files\Content.IE5\4180FUMG folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Temporary Internet Files\Content.IE5\3S0TSI01 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Temporary Internet Files\Content.IE5\1YZNZNVN folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Temporary Internet Files\Content.IE5 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Temporary Internet Files folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Setup00001bb4 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Setup0000154c folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\RarSFX0\procs folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\RarSFX0\nird folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\RarSFX0\h folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\RarSFX0 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Rar$EX00.563 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Rar$EX00.453 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\printmon folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\nettool folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\WSPK9E2G folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\8F4FMIU1 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5330B0TS folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\1MUWTT3O folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\Temporary Internet Files folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\History\History.IE5 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low\History folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\Low folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\History\History.IE5 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\History folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\shaders folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\res\flightsim\planet folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\res\flightsim\keyboard folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\res\flightsim\hud folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\res\flightsim\controller folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\res\flightsim\aircraft folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\res\flightsim folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin\res folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth\plugin folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google\Google Earth folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files\Google folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60\program files folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msigeplugin60 folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\shaders folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\res\flightsim\planet folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\res\flightsim\keyboard folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\res\flightsim\hud folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\res\flightsim\controller folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\res\flightsim\aircraft folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\res\flightsim folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\res folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\shaders folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\res\flightsim\planet folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\res\flightsim\keyboard folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\res\flightsim\hud folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\res\flightsim\controller folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\res\flightsim\aircraft folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\res\flightsim folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\res folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google\Google Earth folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files\Google folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60\program files folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp\._msige60 folder moved successfully.
Folder move failed. C:\Users\Ondra\AppData\Local\Temp scheduled to be moved on reboot.
File/Folder C:\Windows\sysdriver32_.exe not found.
File/Folder C:\Windows\sysdriver32.exe not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70956993-34390427-3090788439-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-70956993-34390427-3090788439-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\msdownld.tmp folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Ondra
->Temp folder emptied: 5650288 bytes
->Temporary Internet Files folder emptied: 337886577 bytes
->Java cache emptied: 227756 bytes
->FireFox cache emptied: 75376991 bytes
->Google Chrome cache emptied: 347210485 bytes
->Flash cache emptied: 168919 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33897 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 731,00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 07292011_151337

Files moved on Reboot...
C:\Windows\ufa folder moved successfully.
C:\Users\Ondra\AppData\Local\Temp folder moved successfully.
File C:\Users\Ondra\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Ondra\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb not found!
File C:\Users\Ondra\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb not found!
C:\Windows\temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb moved successfully.
C:\Windows\temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb moved successfully.

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir

#26 Příspěvek od vyosek »

Jak se chova PC :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#27 Příspěvek od ondrau »

Zatim normalne. Predtim se mi tu spoustel v ruznych intervalech nejaky " ufa.exe " a tim mi bezelo CPU na plny pecky takze se mi zacal prehrejvat notas .... ted zatim nic.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir

#28 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Nainstalujte Avast free http://www.avast.com/cs-cz/free-antivirus-download

:arrow: Napiste co PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#29 Příspěvek od ondrau »

Tak jsem vse provedl.
Nahoru
ondrau
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 črc 2011 16:38

Re: Facebook vir

#30 Příspěvek od ondrau »

Jo a pc je rekl bych ze v pohode.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“