Prosím o kontrolu logu

Zpráva

Zuben45 · #1 Příspěvek od **Zuben45** » 12 srp 2010 18:35

Logfile of random's system information tool 1.08 (written by random/random)
Run by Zuben at 2010-08-12 19:32:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (1%) free of 238 GB
Total RAM: 3582 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:32:34, on 12.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\svchost.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe
C:\xampp\FileZillaFTP\FileZilla server.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\xampp\xampp_service_mercury.exe
C:\xampp\MercuryMail\mercury.exe
C:\xampp\mysql\bin\mysqld.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\xampp\apache\bin\httpd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zuben\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Zuben.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garena.com/downloads.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Zuben\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Zuben\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Zuben\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [DriverCD] D:\Run.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files\Frag Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-18 Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O8 - Extra context menu item: &Save Flash In This Page by Flash Saver - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra button: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra 'Tools' menuitem: Flash Saver - {09EA1F80-F40A-11D1-B792-444553540001} - C:\PROGRA~1\FLASHS~1\save.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Zuben\Nabídka Start\Programy\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{39779B8E-094A-45EE-920C-26EA8BEEBA63}: NameServer = 89.235.9.9,82.100.0.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{39779B8E-094A-45EE-920C-26EA8BEEBA63}: NameServer = 89.235.9.9,82.100.0.6
O17 - HKLM\System\CS3\Services\Tcpip\..\{39779B8E-094A-45EE-920C-26EA8BEEBA63}: NameServer = 89.235.9.9,82.100.0.6
O17 - HKLM\System\CS4\Services\Tcpip\..\{39779B8E-094A-45EE-920C-26EA8BEEBA63}: NameServer = 89.235.9.9,82.100.0.6
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Documents and Settings\Zuben\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe
O23 - Service: FileZilla Server - FileZilla Project - C:\xampp\FileZillaFTP\FileZilla server.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: hpdj - HP - C:\DOCUME~1\Zuben\LOCALS~1\Temp\hpdj.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mercury - Apache Friends - C:\xampp\xampp_service_mercury.exe
O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: MySQL501 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: uvnc_service - UltraVNC - C:\Documents and Settings\Zuben\Local Settings\Data aplikací\CrossLoop\winvnc.exe

--
End of file - 16134 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\expressburnSevenDaysInit.job
C:\WINDOWS\tasks\expressburnShakeIcon.job
C:\WINDOWS\tasks\goldenvideosSevenDays.job
C:\WINDOWS\tasks\goldenvideosShakeIcon.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-562591055-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-562591055-839522115-1003UA.job
C:\WINDOWS\tasks\mixpadSevenDays.job
C:\WINDOWS\tasks\mixpadSevenDaysInit.job
C:\WINDOWS\tasks\photostageShakeIcon.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Zuben\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-04-30 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Zuben\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-03-12 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll [2005-04-22 328275]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DriverCD"=D:\Run.exe []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-06-13 16377344]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-11 172032]
"DeviceDiscovery"=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2002-12-02 40960]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-02-11 241664]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

C:\Documents and Settings\Zuben\Nabídka Start\Programy\Po spuštění
No-IP DUC.lnk - C:\Program Files\No-IP\DUC20.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-07-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\FarmHelper\FVBot.exe"="E:\FarmHelper\FVBot.exe:*:Enabled:FVBot"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe"="C:\Program Files\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe:*:Enabled:Cerberus FTP Server"
"C:\Documents and Settings\Zuben\Local Settings\Data aplikací\CrossLoop\vncviewer.exe"="C:\Documents and Settings\Zuben\Local Settings\Data aplikací\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Program Files\VALVe\Garry's Mod\hl2.exe"="C:\Program Files\VALVe\Garry's Mod\hl2.exe:*:Enabled:Garry's_Mod"
"C:\Program Files\VALVe\Garry's Mod\srcds.exe"="C:\Program Files\VALVe\Garry's Mod\srcds.exe:*:Enabled:Garry's_Mod_Dedicated_Server"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\PacSteamT\SteamApps\common\aliens vs predator dedicated server\AvP_CLI.exe"="C:\PacSteamT\SteamApps\common\aliens vs predator dedicated server\AvP_CLI.exe:*:Enabled:Aliens vs Predator Dedicated Server"
"C:\PacSteamT-nonsteam\SteamApps\gomezcz45\counter-strike source\hl2.exe"="C:\PacSteamT-nonsteam\SteamApps\gomezcz45\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\PacSteamT\Steam.exe"="C:\PacSteamT\Steam.exe:*:Enabled:Steam"
"C:\PacSteamT\SteamApps\killerzuben\counter-strike\hl.exe"="C:\PacSteamT\SteamApps\killerzuben\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"E:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="E:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"E:\Program Files\EA GAMES\The Battle for Middle-earth (tm)_1-02\game.dat"="E:\Program Files\EA GAMES\The Battle for Middle-earth (tm)_1-02\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\PacSteamT\SteamApps\common\alien swarm\swarm.exe"="C:\PacSteamT\SteamApps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"
"C:\PacSteamT\SteamApps\common\alien swarm\srcds.exe"="C:\PacSteamT\SteamApps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"C:\PacSteamT\SteamApps\killerzuben\counter-strike source\hl2.exe"="C:\PacSteamT\SteamApps\killerzuben\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"E:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="E:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\Codemasters\DiRT2\dirt2_game.exe"="E:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2"
"C:\PacSteamT\SteamApps\common\alien swarm\bin\SDKLauncher.exe"="C:\PacSteamT\SteamApps\common\alien swarm\bin\SDKLauncher.exe:*:Enabled:Alien Swarm - SDK"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======File associations======

.js - edit -
.js - open - ""

======List of files/folders created in the last 1 months======

2010-08-12 19:30:09 ----D---- C:\rsit
2010-08-12 19:30:09 ----D---- C:\Program Files\trend micro
2010-08-11 23:54:30 ----D---- C:\WINDOWS\LastGood
2010-08-11 23:54:25 ----D---- C:\Program Files\Hamachi
2010-08-10 15:05:50 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Command & Conquer 3 Tiberium Wars
2010-08-09 20:49:35 ----D---- C:\Program Files\FLVPlayer
2010-08-09 20:19:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Macromedia
2010-08-09 20:19:13 ----D---- C:\Program Files\Macromedia
2010-08-09 20:19:13 ----D---- C:\Program Files\Common Files\Macromedia
2010-08-09 20:18:42 ----D---- C:\WINDOWS\Downloaded Installations
2010-08-09 04:45:29 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-08-09 04:43:44 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-08-09 04:41:27 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-08-09 03:28:38 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-08-09 03:16:08 ----A---- C:\WINDOWS\system32\Nucleus.dll
2010-08-09 03:16:08 ----A---- C:\WINDOWS\system32\dxgi.dll
2010-08-09 03:16:04 ----A---- C:\WINDOWS\system32\d3dx10d_33.dll
2010-08-09 03:16:04 ----A---- C:\WINDOWS\system32\d3dx10d.dll
2010-08-09 03:16:04 ----A---- C:\WINDOWS\system32\d3dx10.dll
2010-08-09 03:16:04 ----A---- C:\WINDOWS\system32\d3d10.dll
2010-08-09 02:38:01 ----RA---- C:\WINDOWS\system32\tmp1AD.tmp
2010-08-09 02:38:01 ----RA---- C:\WINDOWS\system32\tmp1AC.tmp
2010-08-08 19:40:12 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-08-08 19:40:12 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-08-08 19:40:12 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-08-08 19:40:12 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-08-08 19:40:11 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-08-08 19:40:11 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-08-08 19:40:11 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-08-08 19:40:10 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-08-08 19:12:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Codemasters
2010-08-08 19:11:51 ----D---- C:\Program Files\OpenAL
2010-08-08 19:11:51 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-08-08 19:11:13 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-08-08 19:11:13 ----A---- C:\WINDOWS\system32\mkl_vml_p4.dll
2010-08-08 19:11:13 ----A---- C:\WINDOWS\system32\mkl_vml_p3.dll
2010-08-08 19:11:13 ----A---- C:\WINDOWS\system32\mkl_vml_def.dll
2010-08-08 19:11:13 ----A---- C:\WINDOWS\system32\mkl_p4.dll
2010-08-08 19:11:12 ----A---- C:\WINDOWS\system32\rapture3d_oal.dll
2010-08-08 19:11:12 ----A---- C:\WINDOWS\system32\mkl_p3.dll
2010-08-08 19:11:12 ----A---- C:\WINDOWS\system32\mkl_lapack64.dll
2010-08-08 19:11:12 ----A---- C:\WINDOWS\system32\mkl_lapack32.dll
2010-08-08 19:11:12 ----A---- C:\WINDOWS\system32\mkl_def.dll
2010-08-08 19:11:12 ----A---- C:\WINDOWS\system32\libguide40.dll
2010-08-08 19:11:11 ----D---- C:\Program Files\BRS
2010-08-08 19:10:31 ----D---- C:\WINDOWS\system32\xlive
2010-08-08 19:10:30 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2010-08-08 12:53:44 ----D---- C:\Documents and Settings\Zuben\Data aplikací\My Battle for Middle-earth(tm) II Files
2010-08-05 23:18:11 ----D---- C:\Program Files\iWisoft Free Video Converter
2010-08-05 22:14:50 ----D---- C:\Program Files\XP Codec Pack
2010-08-05 22:13:48 ----A---- C:\XP-Codec-Pack-2.5.0.exe
2010-08-05 22:13:44 ----A---- C:\Vista-Codec-Package_5.4.3.exe
2010-08-05 22:04:13 ----A---- C:\WINDOWS\Uninstall Jade Empire.exe
2010-08-05 15:44:59 ----D---- C:\Program Files\directx
2010-08-05 13:58:09 ----A---- C:\WINDOWS\War3Unin.pif
2010-08-05 13:58:09 ----A---- C:\WINDOWS\War3Unin.exe
2010-08-05 13:21:25 ----D---- C:\w3ft
2010-08-04 20:02:02 ----A---- C:\WINDOWS\system32\npptNT2.sys
2010-08-04 20:01:52 ----D---- C:\Program Files\Common Files\INCA Shared
2010-08-04 16:53:41 ----D---- C:\Program Files\A4Tech
2010-08-04 11:37:24 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Xfire
2010-08-04 11:37:20 ----D---- C:\Program Files\Xfire
2010-08-04 04:42:05 ----D---- C:\Documents and Settings\Zuben\Data aplikací\ijjigame
2010-08-04 04:40:06 ----A---- C:\WINDOWS\system32\uc_wepic_launching.dll
2010-08-04 04:40:06 ----A---- C:\WINDOWS\system32\uc_sfighters_launching.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\uc_rohan_launching.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\uc_neosteam_launching.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\uc_luminary_launching.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\uc_karos_launching.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\uc_holybeast_launching.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\uc_atlantica_launching.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\ijjiSetup.exe
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\ijjiProcessRestarter.exe
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\ijjiPlugin2.dll
2010-08-04 04:40:05 ----A---- C:\WINDOWS\system32\ijjiChannelingPlugin.dll
2010-08-04 02:58:49 ----D---- C:\my flashes
2010-08-03 19:17:20 ----A---- C:\WINDOWS\system32\sqlite3.dll
2010-08-03 19:17:19 ----D---- C:\Program Files\Flash Saver
2010-08-03 09:37:32 ----D---- C:\Program Files\Common Files\Java
2010-08-02 03:04:34 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Turbine
2010-08-02 02:10:29 ----D---- C:\WINDOWS\system32\URTTEMP
2010-08-01 02:47:04 ----D---- C:\Program Files\Common Files\EasyInfo
2010-07-31 22:03:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2010-07-31 22:02:48 ----D---- C:\Program Files\Pando Networks
2010-07-31 21:54:26 ----A---- C:\WINDOWS\Worldbuilder.INI
2010-07-31 02:09:31 ----D---- C:\Documents and Settings\Zuben\Data aplikací\My Battle for Middle-earth Files
2010-07-30 23:44:48 ----D---- C:\Documents and Settings\Zuben\Data aplikací\GamezAdmin
2010-07-27 15:56:58 ----D---- C:\Program Files\Software Informer
2010-07-27 15:56:58 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Software Informer
2010-07-27 15:49:08 ----D---- C:\Program Files\Witeye
2010-07-27 15:38:41 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Haenlein-Software
2010-07-27 15:27:59 ----D---- C:\Program Files\DVRSoft
2010-07-27 00:09:12 ----D---- C:\Program Files\Garena
2010-07-24 17:56:19 ----D---- C:\Program Files\URUSoft
2010-07-23 20:53:30 ----D---- C:\Program Files\AMX Mod X
2010-07-23 01:48:46 ----D---- C:\WINDOWS\system32\QuickTime
2010-07-22 15:39:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania
2010-07-20 23:35:40 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2010-07-20 23:35:40 ----A---- C:\WINDOWS\system32\SIntf32.dll
2010-07-20 23:35:40 ----A---- C:\WINDOWS\system32\SIntf16.dll
2010-07-20 23:30:57 ----D---- C:\Sierra
2010-07-20 23:30:57 ----A---- C:\WINDOWS\SIERRA.INI
2010-07-20 23:00:07 ----D---- C:\music
2010-07-20 21:51:18 ----D---- C:\Program Files\GameSpy Arcade
2010-07-19 23:32:14 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Firefly Studios
2010-07-19 23:28:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Firefly Studios
2010-07-19 23:28:02 ----D---- C:\Program Files\Firefly Studios
2010-07-17 21:12:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Age of Empires 3
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\psisdecd.dll
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2010-07-17 03:44:58 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2010-07-17 03:44:57 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2010-07-17 03:44:57 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2010-07-17 03:44:57 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2010-07-17 03:44:54 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2010-07-17 01:44:49 ----D---- C:\WINDOWS\Prefetch
2010-07-17 01:39:49 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-07-17 01:39:49 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-07-17 01:39:49 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-07-17 01:39:49 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-07-17 01:39:46 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-07-17 01:39:46 ----N---- C:\WINDOWS\system32\azroles.dll
2010-07-17 01:39:46 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-07-17 01:39:46 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-07-17 01:39:46 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-07-17 01:39:46 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-07-17 01:39:45 ----N---- C:\WINDOWS\system32\credssp.dll
2010-07-17 01:39:44 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-07-17 01:39:44 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-07-17 01:39:44 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-07-17 01:39:44 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-07-17 01:39:44 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-07-17 01:39:44 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-07-17 01:39:44 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-07-17 01:39:43 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-07-17 01:39:43 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-07-17 01:39:43 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-07-17 01:39:43 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-07-17 01:39:43 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-07-17 01:39:43 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\napstat.exe
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\mssha.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-07-17 01:39:42 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-07-17 01:39:41 ----N---- C:\WINDOWS\system32\onex.dll
2010-07-17 01:39:41 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\slserv.exe
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\slgen.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\setupn.exe
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\qutil.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-07-17 01:39:40 ----N---- C:\WINDOWS\system32\qagent.dll
2010-07-17 01:39:38 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-07-17 01:39:38 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-07-17 01:39:38 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-07-17 01:39:37 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-07-17 01:39:35 ----N---- C:\WINDOWS\slrundll.exe
2010-07-17 01:39:34 ----D---- C:\WINDOWS\system32\cs
2010-07-17 01:39:34 ----D---- C:\WINDOWS\system32\bits
2010-07-17 01:39:34 ----D---- C:\WINDOWS\l2schemas
2010-07-17 01:37:46 ----D---- C:\WINDOWS\ServicePackFiles
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-07-17 01:36:17 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-07-17 01:36:17 ----D---- C:\WINDOWS\network diagnostic
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-07-17 01:36:16 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-07-17 01:36:15 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-07-17 01:36:14 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-07-17 01:35:16 ----A---- C:\WINDOWS\002931_.tmp
2010-07-17 01:32:56 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-07-17 01:18:19 ----D---- C:\Program Files\Microsoft Games
2010-07-16 19:10:30 ----D---- C:\sourcesdk_content
2010-07-15 15:04:56 ----D---- C:\PacSteamT-nonsteam
2010-07-15 14:10:12 ----D---- C:\Zuben mod
2010-07-15 13:36:03 ----D---- C:\HammerAutosave
2010-07-15 13:22:46 ----D---- C:\Program Files\BSPViewer
2010-07-15 13:20:06 ----D---- C:\MyMod
2010-07-15 13:07:19 ----A---- C:\WINDOWS\system32\vtfthumbext.dll
2010-07-15 13:07:19 ----A---- C:\WINDOWS\system32\VTFLib.dll
2010-07-15 13:07:19 ----A---- C:\WINDOWS\system32\vtfcolumnext.dll
2010-07-15 13:06:47 ----D---- C:\SourceSDK
2010-07-15 12:58:26 ----D---- C:\Program Files\Valve Hammer Editor
2010-07-15 12:54:32 ----D---- C:\Program Files\Nem's Tools
2010-07-15 12:42:07 ----D---- C:\CZ
2010-07-14 23:15:50 ----D---- C:\Documents and Settings\Zuben\Data aplikací\GullySoft
2010-07-14 23:15:44 ----D---- C:\Program Files\Poznáváme C-Sharp a Microsoft.NET
2010-07-13 20:20:29 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-07-13 20:20:29 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-07-13 20:19:46 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-13 20:10:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Raxco
2010-07-13 20:10:32 ----D---- C:\Program Files\Raxco

======List of files/folders modified in the last 1 months======

2010-08-12 19:30:19 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Hamachi
2010-08-12 19:30:09 ----RD---- C:\Program Files
2010-08-12 19:29:57 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Skype
2010-08-12 19:26:43 ----D---- C:\Program Files\Common Files\Akamai
2010-08-12 19:15:02 ----A---- C:\git_shell_ext_debug.txt
2010-08-12 17:51:47 ----D---- C:\WINDOWS\Temp
2010-08-12 17:32:18 ----D---- C:\Documents and Settings\Zuben\Data aplikací\uTorrent
2010-08-12 16:02:37 ----D---- C:\Documents and Settings\Zuben\Data aplikací\skypePM
2010-08-12 02:51:06 ----D---- C:\downloads
2010-08-12 02:38:08 ----SHD---- C:\WINDOWS\Installer
2010-08-12 02:36:16 ----D---- C:\WINDOWS
2010-08-12 02:36:13 ----RSD---- C:\WINDOWS\assembly
2010-08-12 02:35:26 ----D---- C:\WINDOWS\system32\DirectX
2010-08-12 02:35:26 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-12 02:31:01 ----D---- C:\WINDOWS\system32
2010-08-11 23:57:21 ----HD---- C:\WINDOWS\inf
2010-08-11 23:57:21 ----D---- C:\WINDOWS\system32\drivers
2010-08-11 23:54:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-11 23:54:26 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-11 21:39:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-11 18:40:59 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-08-11 17:28:21 ----D---- C:\PacSteamT
2010-08-10 14:56:44 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-10 14:47:00 ----D---- C:\WINDOWS\WinSxS
2010-08-10 00:39:43 ----D---- C:\Documents and Settings\Zuben\Data aplikací\FileZilla
2010-08-09 20:26:46 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Macromedia
2010-08-09 20:19:13 ----D---- C:\Program Files\Common Files
2010-08-09 17:50:13 ----D---- C:\Program Files\AviSynth 2.5
2010-08-09 17:39:01 ----D---- C:\Documents and Settings\Zuben\Data aplikací\Sony
2010-08-09 17:27:45 ----D---- C:\programs
2010-08-09 13:12:42 ----D---- C:\Program Files\Sony
2010-08-09 04:48:58 ----D---- C:\WINDOWS\system32\Restore
2010-08-09 04:46:19 ----D---- C:\Program Files\Windows Media Player
2010-08-09 04:45:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-09 04:44:17 ----A---- C:\WINDOWS\imsins.BAK
2010-08-09 04:43:44 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-09 04:08:25 ----A---- C:\WINDOWS\AviSplitter.INI
2010-08-09 03:36:14 ----SD---- C:\Documents and Settings\Zuben\Data aplikací\Microsoft
2010-08-09 03:29:25 ----D---- C:\Program Files\ATI
2010-08-09 03:28:38 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-08-09 03:28:36 ----D---- C:\Program Files\ATI Technologies
2010-08-08 19:10:31 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-08-06 14:26:36 ----D---- C:\Program Files\EA GAMES
2010-08-04 04:40:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-08-03 09:40:39 ----D---- C:\Program Files\Mozilla Firefox
2010-08-03 09:37:20 ----D---- C:\Program Files\Java
2010-08-03 09:28:54 ----D---- C:\SERVER
2010-08-02 17:03:42 ----D---- C:\obrazky
2010-08-02 02:12:17 ----D---- C:\WINDOWS\Registration
2010-08-02 02:12:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-02 00:18:59 ----RSD---- C:\WINDOWS\Fonts
2010-07-30 17:54:52 ----D---- C:\Documents and Settings\Zuben\Data aplikací\GHISLER
2010-07-28 16:03:33 ----D---- C:\Program Files\Boris FX, Inc
2010-07-28 15:59:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\NCH Software
2010-07-28 15:55:20 ----D---- C:\Program Files\PFConfig
2010-07-27 00:46:28 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-07-27 00:42:00 ----A---- C:\WINDOWS\system32\pbsvc.exe
2010-07-25 23:29:01 ----D---- C:\Program Files\Autodesk
2010-07-25 23:27:06 ----D---- C:\Dev-Cpp
2010-07-24 23:12:46 ----D---- C:\Program Files\World of Warcraft 2.4.3
2010-07-24 22:41:59 ----A---- C:\WINDOWS\WORDPAD.INI
2010-07-23 01:48:58 ----D---- C:\WINDOWS\system32\C2MP
2010-07-18 17:39:32 ----D---- C:\Documents and Settings\Zuben\Data aplikací\TeamViewer
2010-07-17 21:09:02 ----D---- C:\Documents and Settings\Zuben\Data aplikací\DivX
2010-07-17 05:00:12 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-17 05:00:12 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-17 05:00:10 ----A---- C:\WINDOWS\system32\java.exe
2010-07-17 05:00:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-17 03:45:33 ----D---- C:\WINDOWS\RegisteredPackages
2010-07-17 01:46:55 ----A---- C:\WINDOWS\OEWABLog.txt
2010-07-17 01:45:04 ----A---- C:\WINDOWS\setuplog.txt
2010-07-17 01:44:06 ----D---- C:\WINDOWS\system32\wbem
2010-07-17 01:44:06 ----D---- C:\WINDOWS\system32\Setup
2010-07-17 01:44:06 ----D---- C:\WINDOWS\AppPatch
2010-07-17 01:44:06 ----D---- C:\Program Files\Common Files\System
2010-07-17 01:43:01 ----D---- C:\WINDOWS\security
2010-07-17 01:42:18 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-17 01:39:59 ----D---- C:\Program Files\Messenger
2010-07-17 01:39:55 ----D---- C:\WINDOWS\Help
2010-07-17 01:39:50 ----D---- C:\WINDOWS\ehome
2010-07-17 01:39:48 ----D---- C:\WINDOWS\system32\inetsrv
2010-07-17 01:39:48 ----D---- C:\WINDOWS\ime
2010-07-17 01:39:35 ----D---- C:\WINDOWS\system32\usmt
2010-07-17 01:39:35 ----D---- C:\WINDOWS\system32\cs-CZ
2010-07-17 01:39:34 ----D---- C:\WINDOWS\PeerNet
2010-07-17 01:39:34 ----D---- C:\Program Files\Movie Maker
2010-07-17 01:37:39 ----D---- C:\WINDOWS\system32\npp
2010-07-17 01:37:38 ----D---- C:\WINDOWS\msagent
2010-07-17 01:37:37 ----D---- C:\WINDOWS\srchasst
2010-07-17 01:37:37 ----D---- C:\Program Files\NetMeeting
2010-07-17 01:37:36 ----D---- C:\WINDOWS\system32\Com
2010-07-17 01:37:34 ----D---- C:\Program Files\Windows NT
2010-07-17 01:37:34 ----D---- C:\Program Files\Outlook Express
2010-07-17 01:37:20 ----D---- C:\WINDOWS\system32\oobe
2010-07-17 01:37:19 ----D---- C:\WINDOWS\system
2010-07-17 01:31:04 ----D---- C:\WINDOWS\Debug
2010-07-17 01:19:13 ----D---- C:\Program Files\DAEMON Tools Pro
2010-07-16 23:36:33 ----D---- C:\Documents and Settings\Zuben\Data aplikací\IMVU
2010-07-16 23:29:32 ----D---- C:\Documents and Settings\Zuben\Data aplikací\IMVUClient
2010-07-13 20:21:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-07-13 20:21:45 ----D---- C:\Program Files\DivX
2010-07-13 20:06:53 ----D---- C:\Program Files\Frag Games

Zuben45 · #2 Příspěvek od **Zuben45** » 12 srp 2010 18:37

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-14 685816]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-05-11 82380]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2010-05-18 3026]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-06-21 73728]
R2 X4HSEx_Pr298;X4HSEx_Pr298; \??\C:\Program Files\Frag Games\X4HSEx.Sys []
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-02-11 13824]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-07-07 5069312]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-14 4429312]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-05-04 46720]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-05-04 19968]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
S2 DS1410D;DS1410D; \??\C:\WINDOWS\system32\drivers\ds1410d.sys []
S3 ac6nac84;ac6nac84; C:\WINDOWS\system32\drivers\ac6nac84.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Zuben\LOCALS~1\Temp\HGJBF.tmp []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-08-11 17480]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-11-08 12160]
S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2001-06-21 20032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2009-12-20 29416]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-07-07 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CrossLoopService;CrossLoop Service; C:\Documents and Settings\Zuben\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe [2010-03-15 560792]
R2 FileZilla Server;FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [2009-12-20 1029776]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 Mercury;Mercury; C:\xampp\xampp_service_mercury.exe [2009-12-20 78480]
R2 MySQL;MySQL; C:\xampp\mysql\bin\mysqld.exe [2009-12-20 6095504]
R2 MySQL501;MySQL501; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL501 []
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-07-27 75064]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-06-29 520192]
S2 hpdj;hpdj; C:\DOCUME~1\Zuben\LOCALS~1\Temp\hpdj.exe [2003-03-11 266240]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-17 1045256]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-06-15 3583592]
S3 uvnc_service;uvnc_service; C:\Documents and Settings\Zuben\Local Settings\Data aplikací\CrossLoop\winvnc.exe [2009-12-06 1590216]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------

#3 Příspěvek od **motji** » 13 srp 2010 12:44

Hezké odpoledne

spusťte přejmenované HJT C:\Program Files\trend micro\Zuben.exe
, má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garena.com/downloads.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User
- Dejte fajfku do čtverečku a zmáčkněte Fix checked

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

Zuben45 · #4 Příspěvek od **Zuben45** » 13 srp 2010 14:13

ComboFix 10-08-12.03 - Zuben 13.08.2010 14:42:55.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.2833 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zuben\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\windows\system32\_000115_.tmp.dll
c:\windows\system32\_000116_.tmp.dll
c:\windows\system32\_000117_.tmp.dll
E:\install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-13 do 2010-08-13 )))))))))))))))))))))))))))))))
.

2010-08-13 09:35 . 2010-08-13 09:35 -------- d-----w- C:\tmp
2010-08-13 09:34 . 2010-08-13 09:34 -------- d-----w- c:\program files\Remobo
2010-08-12 19:40 . 2010-08-12 19:40 -------- d-----w- c:\program files\ScreenVCR
2010-08-12 17:30 . 2010-08-13 12:15 -------- d-----w- c:\program files\trend micro
2010-08-12 17:30 . 2010-08-12 17:33 -------- d-----w- C:\rsit
2010-08-11 21:54 . 2010-08-13 00:49 -------- d-----w- c:\program files\Hamachi
2010-08-09 18:49 . 2010-08-09 18:49 -------- d-----w- c:\program files\FLVPlayer
2010-08-09 18:19 . 2010-08-09 18:20 -------- d-----w- c:\program files\Common Files\Macromedia
2010-08-09 18:19 . 2010-08-09 18:19 -------- d-----w- c:\program files\Macromedia
2010-08-09 18:18 . 2010-08-09 18:18 -------- d-----w- c:\windows\Downloaded Installations
2010-08-09 02:43 . 2010-08-09 02:46 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-08-09 01:28 . 2010-07-07 01:58 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-09 01:28 . 2010-07-07 01:58 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-09 01:28 . 2010-07-07 01:57 4337664 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-09 01:28 . 2010-07-07 01:53 15499264 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-09 01:28 . 2010-07-07 01:29 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-09 01:28 . 2010-07-07 01:24 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-09 01:28 . 2010-07-07 01:15 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-09 01:28 . 2010-07-07 01:15 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-09 01:28 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2010-08-09 01:16 . 2007-04-17 23:13 494557 ----a-w- c:\windows\system32\dxgi.dll
2010-08-09 01:16 . 2007-04-17 23:13 25037 ----a-w- c:\windows\system32\Nucleus.dll
2010-08-09 01:16 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10d_33.dll
2010-08-09 01:16 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10d.dll
2010-08-09 01:16 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10.dll
2010-08-09 01:16 . 2007-04-17 23:20 566624 ----a-w- c:\windows\system32\d3d10.dll
2010-08-08 17:40 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-08-08 17:40 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-08-08 17:40 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-08-08 17:40 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-08-08 17:10 . 2010-08-08 17:10 -------- d-----w- c:\windows\system32\xlive
2010-08-08 17:10 . 2010-08-08 17:10 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-08-07 14:00 . 2010-08-07 14:05 1404940306 ----a-w- C:\w3ft.zip
2010-08-05 21:18 . 2010-08-05 21:20 -------- d-----w- c:\program files\iWisoft Free Video Converter
2010-08-05 20:14 . 2010-08-05 20:15 -------- d-----w- c:\program files\XP Codec Pack
2010-08-05 20:13 . 2009-10-01 05:41 7855400 ----a-w- C:\XP-Codec-Pack-2.5.0.exe
2010-08-05 20:13 . 2009-10-01 05:43 21305259 ----a-w- C:\Vista-Codec-Package_5.4.3.exe
2010-08-05 20:04 . 2010-08-05 20:04 81005 ----a-w- c:\windows\Uninstall Jade Empire.exe
2010-08-05 13:44 . 2010-08-05 13:44 -------- d-----w- c:\program files\directx
2010-08-05 11:58 . 2010-08-05 11:58 16531 ----a-w- c:\windows\War3Unin.dat
2010-08-05 11:58 . 2010-08-05 11:58 2829 ----a-w- c:\windows\War3Unin.pif
2010-08-05 11:58 . 2010-08-05 11:58 126976 ----a-w- c:\windows\War3Unin.exe
2010-08-05 11:21 . 2010-08-05 11:22 -------- d-----w- C:\w3ft
2010-08-04 18:02 . 2005-01-02 03:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2010-08-04 18:01 . 2010-08-04 18:01 -------- d-----w- c:\program files\Common Files\INCA Shared
2010-08-04 14:53 . 2010-08-04 14:53 -------- d-----w- c:\program files\A4Tech
2010-08-04 09:37 . 2010-08-04 14:50 -------- d-----w- c:\program files\Xfire
2010-08-04 02:40 . 2010-03-16 09:59 64000 ----a-w- c:\windows\system32\uc_sfighters_launching.dll
2010-08-04 02:40 . 2010-03-16 09:59 427008 ----a-w- c:\windows\system32\uc_wepic_launching.dll
2010-08-03 07:37 . 2010-08-03 07:37 -------- d-----w- c:\program files\Common Files\Java
2010-08-02 00:10 . 2010-08-02 00:10 -------- d-----w- c:\windows\system32\URTTEMP
2010-08-01 02:25 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-08-01 00:47 . 2010-08-01 00:47 -------- d-----w- c:\program files\Common Files\EasyInfo
2010-07-31 20:02 . 2010-07-31 20:02 -------- d-----w- c:\program files\Pando Networks
2010-07-27 13:56 . 2010-07-27 13:56 -------- d-----w- c:\program files\Software Informer
2010-07-27 13:49 . 2010-07-27 13:50 -------- d-----w- c:\program files\Witeye
2010-07-27 13:27 . 2010-07-28 13:53 -------- d-----w- c:\program files\DVRSoft
2010-07-26 22:09 . 2010-08-09 02:30 -------- d-----w- c:\program files\Garena
2010-07-24 15:56 . 2010-07-24 15:56 -------- d-----w- c:\program files\URUSoft
2010-07-23 18:53 . 2010-07-23 18:53 -------- d-----w- c:\program files\AMX Mod X
2010-07-22 23:48 . 2010-07-22 23:48 -------- d-----w- c:\windows\system32\QuickTime
2010-07-20 21:35 . 2010-07-20 21:35 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2010-07-20 21:35 . 2010-07-20 21:35 17212 ----a-w- c:\windows\system32\SIntf32.dll
2010-07-20 21:35 . 2010-07-20 21:35 12067 ----a-w- c:\windows\system32\SIntf16.dll
2010-07-20 21:30 . 2010-07-20 21:30 -------- d-----w- C:\Sierra
2010-07-20 21:00 . 2010-08-09 16:08 -------- d-----w- C:\music
2010-07-20 19:51 . 2010-07-20 19:59 -------- d-----w- c:\program files\GameSpy Arcade
2010-07-19 21:28 . 2010-07-19 21:28 -------- d-----w- c:\program files\Firefly Studios
2010-07-16 23:37 . 2008-04-14 06:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-07-16 23:18 . 2010-07-17 01:40 -------- d-----w- c:\program files\Microsoft Games
2010-07-16 17:10 . 2010-07-16 17:10 -------- d-----w- C:\sourcesdk_content
2010-07-15 12:10 . 2010-07-15 12:36 -------- d-----w- C:\Zuben mod
2010-07-15 11:36 . 2010-07-15 12:37 -------- d-----w- C:\HammerAutosave
2010-07-15 11:22 . 2010-07-15 11:23 -------- d-----w- c:\program files\BSPViewer
2010-07-15 11:20 . 2010-07-15 11:59 -------- d-----w- C:\MyMod
2010-07-15 11:07 . 2007-07-20 16:30 94208 ----a-w- c:\windows\system32\vtfthumbext.dll
2010-07-15 11:07 . 2007-07-20 16:30 41984 ----a-w- c:\windows\system32\vtfcolumnext.dll
2010-07-15 11:07 . 2007-03-10 07:36 516096 ----a-w- c:\windows\system32\VTFLib.dll
2010-07-15 11:06 . 2010-07-16 17:11 -------- d-----w- C:\SourceSDK
2010-07-15 10:58 . 2010-07-15 10:58 -------- d-----w- c:\program files\Valve Hammer Editor
2010-07-15 10:54 . 2010-07-15 10:54 -------- d-----w- c:\program files\Nem's Tools
2010-07-15 10:42 . 2010-07-15 10:42 -------- d-----w- C:\CZ
2010-07-14 21:15 . 2010-07-14 21:15 -------- d-----w- c:\program files\Poznáváme C-Sharp a Microsoft.NET

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-13 13:01 . 2010-05-16 23:15 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-13 09:24 . 2010-06-25 11:02 -------- d-----w- c:\program files\VALVe
2010-08-12 00:35 . 2010-06-01 02:57 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-11 21:57 . 2010-05-17 13:26 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-08-11 16:41 . 2010-05-11 20:16 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-08-11 16:40 . 2010-05-11 20:15 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-10 12:56 . 2010-05-09 09:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-09 15:50 . 2010-05-30 10:51 -------- d-----w- c:\program files\AviSynth 2.5
2010-08-09 11:12 . 2010-05-30 10:21 -------- d-----w- c:\program files\Sony
2010-08-09 01:29 . 2010-05-09 14:19 -------- d-----w- c:\program files\ATI
2010-08-09 01:28 . 2010-05-09 14:19 -------- d-----w- c:\program files\ATI Technologies
2010-08-09 00:41 . 2010-08-08 17:11 -------- d-----w- c:\program files\BRS
2010-08-09 00:38 . 2010-08-08 17:11 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-08-09 00:38 . 2010-08-08 17:11 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-08-08 17:11 . 2010-08-08 17:11 -------- d-----w- c:\program files\OpenAL
2010-08-06 12:26 . 2010-05-17 13:21 -------- d-----w- c:\program files\EA GAMES
2010-08-04 02:40 . 2010-08-03 17:17 -------- d-----w- c:\program files\Flash Saver
2010-08-03 07:37 . 2010-05-09 16:33 -------- d-----w- c:\program files\Java
2010-08-02 00:12 . 2001-10-25 13:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 00:12 . 2001-10-25 13:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-07-28 14:03 . 2010-05-30 00:43 -------- d-----w- c:\program files\Boris FX, Inc
2010-07-28 13:55 . 2010-07-13 18:10 -------- d-----w- c:\program files\Raxco
2010-07-28 13:55 . 2010-06-03 15:55 -------- d-----w- c:\program files\PFConfig
2010-07-26 22:46 . 2010-05-11 20:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-07-26 22:42 . 2010-07-06 22:15 674600 ----a-w- c:\windows\system32\pbsvc.exe
2010-07-25 21:29 . 2010-05-16 22:04 -------- d-----w- c:\program files\Autodesk
2010-07-24 21:12 . 2010-06-08 16:42 -------- d-----w- c:\program files\World of Warcraft 2.4.3
2010-07-17 03:00 . 2010-05-09 16:33 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-16 23:41 . 2010-05-09 09:36 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-16 23:41 . 2010-05-09 09:36 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-07-16 23:19 . 2010-05-14 16:30 -------- d-----w- c:\program files\DAEMON Tools Pro
2010-07-13 18:21 . 2010-06-12 08:30 -------- d-----w- c:\program files\DivX
2010-07-13 18:19 . 2010-07-13 18:19 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-13 18:06 . 2010-07-10 21:53 -------- d-----w- c:\program files\Frag Games
2010-07-12 21:24 . 2010-06-26 17:16 -------- d-----w- c:\program files\TeamViewer
2010-07-11 23:49 . 2010-07-11 23:49 -------- d-----w- c:\program files\Miranda IM
2010-07-11 22:28 . 2010-07-11 22:28 -------- d-----w- c:\program files\Common Files\Thraex Software
2010-07-10 21:53 . 2010-07-10 21:53 64 ----a-w- c:\windows\GPlrLanc.dat
2010-07-07 20:22 . 2010-07-07 20:22 -------- d-----w- c:\program files\Zaparit
2010-07-07 17:00 . 2010-07-07 17:00 -------- d-----w- c:\program files\ModernRcon
2010-07-07 16:02 . 2010-07-06 21:22 -------- d-----w- c:\program files\Counter-Strike Source
2010-07-07 02:27 . 2010-05-10 13:57 5069312 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-07-07 01:50 . 2010-05-17 17:34 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-07-07 01:48 . 2010-05-17 17:34 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-07-07 01:47 . 2010-05-10 13:57 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2010-07-07 01:41 . 2010-05-10 13:57 3869952 ----a-w- c:\windows\system32\ati3duag.dll
2010-07-07 01:33 . 2007-06-27 01:51 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-07-07 01:32 . 2007-06-27 01:51 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-07-07 01:32 . 2007-06-27 01:51 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-07-07 01:32 . 2007-06-27 01:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-07-07 01:32 . 2007-06-27 01:50 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-07-07 01:31 . 2007-06-27 01:49 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-07-07 01:29 . 2007-06-27 01:48 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-07-07 01:28 . 2010-05-10 13:57 2273920 ----a-w- c:\windows\system32\ativvaxx.dll
2010-07-07 01:27 . 2010-05-17 17:34 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-07-07 01:27 . 2010-05-17 17:34 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-07-07 01:25 . 2007-06-27 01:17 573440 ----a-w- c:\windows\system32\atikvmag.dll
2010-07-07 01:24 . 2007-06-27 01:14 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-07-07 01:23 . 2007-06-27 01:16 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-07-07 01:19 . 2010-05-10 13:57 704512 ----a-w- c:\windows\system32\ati2cqag.dll
2010-07-07 01:15 . 2007-06-27 01:15 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-07-06 16:11 . 2010-07-04 21:14 -------- d-----w- c:\program files\xStarter
2010-06-29 20:51 . 2010-05-17 20:14 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-06-29 13:08 . 2010-06-29 11:22 -------- d-----w- c:\program files\MAXON
2010-06-29 12:15 . 2010-06-29 12:15 -------- d-----w- c:\program files\FileZilla FTP Client
2010-06-28 20:57 . 2010-05-09 14:31 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-05-09 14:32 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-05-09 14:32 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-05-09 14:32 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-05-09 14:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-05-09 14:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-05-09 14:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-05-09 14:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-27 22:47 . 2010-05-14 09:12 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-27 15:47 . 2010-06-27 15:47 -------- d-----w- c:\program files\WinHTTrack
2010-06-26 10:51 . 2010-06-26 10:51 160090 ----a-w- c:\windows\Imperium Romanum Uninstaller.exe
2010-06-26 10:51 . 2010-06-26 10:51 -------- d-----w- c:\program files\SouthPeak
2010-06-26 10:43 . 2010-06-26 10:43 -------- d-----w- c:\program files\Kalypso
2010-06-22 20:25 . 2010-06-22 20:25 -------- d-----w- c:\program files\Axxa's World of Warcraft Logo Creator v1.2
2010-06-22 19:24 . 2010-06-22 19:24 -------- d-----w- c:\program files\WinSCP
2010-06-21 04:11 . 2010-06-21 04:11 20688898 ----a-w- C:\Dev-Cpp.zip
2010-06-17 18:19 . 2010-06-17 18:19 494518 ----a-w- C:\MangAdmin_addon.zip
2010-06-09 23:01 . 2010-07-13 18:20 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-06-09 23:01 . 2010-07-13 18:20 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-06-09 23:01 . 2010-05-27 16:05 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-06-09 23:01 . 2010-05-27 16:05 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-06-09 23:01 . 2010-05-27 16:05 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-06-09 23:01 . 2010-05-27 16:05 133616 ------w- c:\windows\system32\pxafs.dll
2010-06-08 16:38 . 2010-05-30 00:59 5 ----a-w- c:\windows\treeskp.sys
2010-06-08 16:38 . 2010-05-30 00:59 5 ----a-w- c:\windows\sbacknt.bin
2010-06-03 18:52 . 2010-06-03 18:51 9666221 ----a-w- c:\program files\Mozilla Firefox.rar
2010-06-01 02:57 . 2010-06-01 02:57 2359592 ----a-w- c:\windows\system32\pbsvc_apb.exe
2010-05-30 14:45 . 2010-05-30 14:45 1790 ----a-w- c:\windows\unins000.dat
2010-05-30 14:45 . 2010-05-30 14:45 695642 ----a-w- c:\windows\unins000.exe
2010-05-30 01:27 . 2010-05-30 00:59 152904 ----a-w- c:\windows\system32\vghd.scr
2010-05-25 18:59 . 2010-05-25 18:59 4096 ----a-w- c:\windows\d3dx.dat
2010-05-21 04:16 . 2010-05-21 04:16 4305834 ----a-w- c:\program files\PSPad editor.rar
2010-05-18 19:53 . 2010-05-18 19:53 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2010-05-18 19:50 . 2010-05-18 19:50 17408 ----a-w- C:\psapi.dll
2010-05-17 21:26 . 2010-05-17 21:26 0 ----a-r- C:\logwmemory.bin
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Steam"="e:\program files\Steam\Steam.exe" [2010-08-12 1238352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 16377344]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 172032]
"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 40960]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 241664]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Remobo"="c:\program files\Remobo\Remobo.exe" [2010-01-21 10758656]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files\Frag Games\GPlayer.exe" [2010-05-17 2113536]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\FarmHelper\\FVBot.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Documents and Settings\\Zuben\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Program Files\\VALVe\\Garry's Mod\\hl2.exe"=
"c:\\Program Files\\VALVe\\Garry's Mod\\srcds.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"e:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)_1-02\\game.dat"=
"c:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"=
"e:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"e:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3308:TCP"= 3308:TCP:MySQL Server
"5910:TCP"= 5910:TCP:vnc5910
"58836:TCP"= 58836:TCP:Pando Media Booster
"58836:UDP"= 58836:UDP:Pando Media Booster
"1078:TCP"= 1078:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.5.2010 16:32 165456]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [18.5.2010 21:53 3026]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 14:49 14336]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [9.5.2010 18:06 29416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.5.2010 16:32 17744]
R2 CrossLoopService;CrossLoop Service;c:\documents and settings\Zuben\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe [18.6.2010 21:41 560792]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
R2 X4HSEx_Pr298;X4HSEx_Pr298;c:\program files\Frag Games\X4HSEx.sys [10.7.2010 23:53 56352]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\drivers\remobo32.sys [22.4.2009 17:21 26112]
S2 Mercury;Mercury;c:\xampp\xampp_service_mercury.exe [9.5.2010 18:06 78480]
S2 MySQL501;MySQL501;"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt" --defaults-file="c:\program files\MySQL\MySQL Server 5.0\my.ini" MySQL501 --> c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Zuben\LOCALS~1\Temp\HGJBF.tmp --> c:\docume~1\Zuben\LOCALS~1\Temp\HGJBF.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 uvnc_service;uvnc_service;c:\documents and settings\Zuben\Local Settings\Data aplikací\CrossLoop\winvnc.exe [18.6.2010 21:41 1590216]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.5.2010 16:49 685816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'

2010-07-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-05-24 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-05-14 18:18]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Save Flash In This Page by Flash Saver - c:\progra~1\FLASHS~1\save.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Zuben\Nabídka Start\Programy\IMVU\Run IMVU.lnk
TCP: {39779B8E-094A-45EE-920C-26EA8BEEBA63} = 89.235.9.9,82.100.0.6
FF - ProfilePath - c:\documents and settings\Zuben\Data aplikací\Mozilla\Firefox\Profiles\h8vilp17.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.myyearbook.com
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=59563&p=
FF - component: c:\documents and settings\Zuben\Data aplikací\Mozilla\Firefox\Profiles\h8vilp17.default\extensions\{32bcc991-3e17-48ce-9311-3092165fd092}\components\Engine.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\C2MP\npdivx32.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: capability.policy.policynames - localfilelinks
FF - user.js: capability.policy.localfilelinks.sites - hxxp://speed.travian.ae http://speed2.travian.ae http://s1.travian.ae http://s2.travian.ae http://s3.travian.ae http://s4.travian.ae http://s5.travian.ae http://s6.travian.ae http://s7.travian.ae http://s8.travian.ae http://s9.travian.ae http://s10.travian.ae http://s11.travian.ae http://s12.travian.ae http://s13.travian.ae http://s14.travian.ae http://s15.travian.ae http://s16.travian.ae http://s17.travian.ae http://s18.travian.ae http://s19.travian.ae http://s20.travian.ae http://s21.travian.ae http://s22.travian.ae http://s23.travian.ae http://s24.travian.ae http://s25.travian.ae http://s26.travian.ae http://s27.travian.ae http://s28.travian.ae http://s29.travian.ae http://s30.travian.ae http://s31.travian.ae http://s32.travian.ae http://s33.travian.ae http://s34.travian.ae http://s35.travian.ae http://speed.travian.asia http://speed2.travian.asia http://s1.travian.asia http://s2.travian.asia http://s3.travian.asia http://s4.travian.asia http://s5.travian.asia http://s6.travian.asia http://s7.travian.asia http://s8.travian.asia http://s9.travian.asia http://s10.travian.asia http://speed.travian.ba http://speed2.travian.ba http://s1.travian.ba http://s2.travian.ba http://s3.travian.ba http://s4.travian.ba http://s5.travian.ba http://s6.travian.ba http://s7.travian.ba http://s8.travian.ba http://s9.travian.ba http://s10.travian.ba http://speed.travian.bg http://speed2.travian.bg http://s1.travian.bg http://s2.travian.bg http://s3.travian.bg http://s4.travian.bg http://s5.travian.bg http://s6.travian.bg http://s7.travian.bg http://s8.travian.bg http://s9.travian.bg http://s10.travian.bg http://speed.travian.cl http://speed2.travian.cl http://s1.travian.cl http://s2.travian.cl http://s3.travian.cl http://s4.travian.cl http://s5.travian.cl http://s6.travian.cl http://s7.travian.cl http://s8.travian.cl http://s9.travian.cl http://s10.travian.cl http://speed.travian.cn http://speed2.travian.cn http://s1.travian.cn http://s2.travian.cn http://s3.travian.cn http://s4.travian.cn http://s5.travian.cn http://s6.travian.cn http://s7.travian.cn http://s8.travian.cn http://s9.travian.cn http://s10.travian.cn http://s11.travian.cn http://s12.travian.cn http://s13.travian.cn http://s14.travian.cn http://s15.travian.cn http://s16.travian.cn http://s17.travian.cn http://s18.travian.cn http://s19.travian.cn http://s20.travian.cn http://speed.travian.co.ee http://speed2.travian.co.ee http://s1.travian.co.ee http://s2.travian.co.ee http://s3.travian.co.ee http://s4.travian.co.ee http://s5.travian.co.ee http://s6.travian.co.ee http://s7.travian.co.ee http://s8.travian.co.ee http://s9.travian.co.ee http://s10.travian.co.ee http://s11.travian.co.ee http://s12.travian.co.ee http://s13.travian.co.ee http://s14.travian.co.ee http://s15.travian.co.ee http://s16.travian.co.ee http://s17.travian.co.ee http://s18.travian.co.ee http://s19.travian.co.ee http://s20.travian.co.ee http://speed.travian.co.id http://speed2.travian.co.id http://s1.travian.co.id http://s2.travian.co.id http://s3.travian.co.id http://s4.travian.co.id http://s5.travian.co.id http://s6.travian.co.id http://s7.travian.co.id http://s8.travian.co.id http://s9.travian.co.id http://s10.travian.co.id http://speed.travian.co.il http://speed2.travian.co.il http://s1.travian.co.il http://s2.travian.co.il http://s3.travian.co.il http://s4.travian.co.il http://s5.travian.co.il http://s6.travian.co.il http://s7.travian.co.il http://s8.travian.co.il http://s9.travian.co.il http://s10.travian.co.il http://speed.travian.co.kr http://speed2.travian.co.kr http://s1.travian.co.kr http://s2.travian.co.kr http://s3.travian.co.kr http://s4.travian.co.kr http://s5.travian.co.kr http://s6.travian.co.kr http://s7.travian.co.kr http://s8.travian.co.kr http://s9.travian.co.kr http://s10.travian.co.kr http://speed.travian.co.nz http://speed2.travian.co.nz http://s1.travian.co.nz http://s2.travian.co.nz http://s3.travian.co.nz http://s4.travian.co.nz http://s5.travian.co.nz http://s6.travian.co.nz http://s7.travian.co.nz http://s8.travian.co.nz http://s9.travian.co.nz http://s10.travian.co.nz http://speed.travian.co.uk http://speed2.travian.co.uk http://s1.travian.co.uk http://s2.travian.co.uk http://s3.travian.co.uk http://s4.travian.co.uk http://s5.travian.co.uk http://s6.travian.co.uk http://s7.travian.co.uk http://s8.travian.co.uk http://s9.travian.co.uk http://s10.travian.co.uk http://speed.travian.co.za http://speed2.travian.co.za http://s1.travian.co.za http://s2.travian.co.za http://s3.travian.co.za http://s4.travian.co.za http://s5.travian.co.za http://s6.travian.co.za http://s7.travian.co.za http://s8.travian.co.za http://s9.travian.co.za http://s10.travian.co.za http://speed.travian.com http://speed2.travian.com http://s1.travian.com http://s2.travian.com http://s3.travian.com http://s4.travian.com http://s5.travian.com http://s6.travian.com http://s7.travian.com http://s8.travian.com http://s9.travian.com http://s10.travian.com http://s11.travian.com http://s12.travian.com http://s13.travian.com http://s14.travian.com http://s15.travian.com http://s16.travian.com http://s17.travian.com http://s18.travian.com http://s19.travian.com http://s20.travian.com http://speed.travian.com.ar http://speed2.travian.com.ar http://s1.travian.com.ar http://s2.travian.com.ar http://s3.travian.com.ar http://s4.travian.com.ar http://s5.travian.com.ar http://s6.travian.com.ar http://s7.travian.com.ar http://s8.travian.com.ar http://s9.travian.com.ar http://s10.travian.com.ar http://speed.travian.com.au http://speed2.travian.com.au http://s1.travian.com.au http://s2.travian.com.au http://s3.travian.com.au http://s4.travian.com.au http://s5.travian.com.au http://s6.travian.com.au http://s7.travian.com.au http://s8.travian.com.au http://s9.travian.com.au http://s10.travian.com.au http://speed.travian.com.br http://speed2.travian.com.br http://s1.travian.com.br http://s2.travian.com.br http://s3.travian.com.br http://s4.travian.com.br http://s5.travian.com.br http://s6.travian.com.br http://s7.travian.com.br http://s8.travian.com.br http://s9.travian.com.br http://s10.travian.com.br http://s11.travian.com.br http://s12.travian.com.br http://s13.travian.com.br http://s14.travian.com.br http://s15.travian.com.br http://s16.travian.com.br http://s17.travian.com.br http://s18.travian.com.br http://s19.travian.com.br http://s20.travian.com.br http://speed.travian.com.hr http://speed2.travian.com.hr http://s1.travian.com.hr http://s2.travian.com.hr http://s3.travian.com.hr http://s4.travian.com.hr http://s5.travian.com.hr http://s6.travian.com.hr http://s7.travian.com.hr http://s8.travian.com.hr http://s9.travian.com.hr http://s10.travian.com.hr http://speed.travian.com.mx http://speed2.travian.com.mx http://s1.travian.com.mx http://s2.travian.com.mx http://s3.travian.com.mx http://s4.travian.com.mx http://s5.travian.com.mx http://s6.travian.com.mx http://s7.travian.com.mx http://s8.travian.com.mx http://s9.travian.com.mx http://s10.travian.com.mx http://speed.travian.com.my http://speed2.travian.com.my http://s1.travian.com.my http://s2.travian.com.my http://s3.travian.com.my http://s4.travian.com.my http://s5.travian.com.my http://s6.travian.com.my http://s7.travian.com.my http://s8.travian.com.my http://s9.travian.com.my http://s10.travian.com.my http://speed.travian.com.tr http://speed2.travian.com.tr http://s1.travian.com.tr http://s2.travian.com.tr http://s3.travian.com.tr http://s4.travian.com.tr http://s5.travian.com.tr http://s6.travian.com.tr http://s7.travian.com.tr http://s8.travian.com.tr http://s9.travian.com.tr http://s10.travian.com.tr http://s11.travian.com.tr http://s12.travian.com.tr http://s13.travian.com.tr http://s14.travian.com.tr http://s15.travian.com.tr http://s16.travian.com.tr http://s17.travian.com.tr http://s18.travian.com.tr http://s19.travian.com.tr http://s20.travian.com.tr http://s21.travian.com.tr http://s22.travian.com.tr http://s23.travian.com.tr http://s24.travian.com.tr http://s25.travian.com.tr http://s26.travian.com.tr http://s27.travian.com.tr http://s28.travian.com.tr http://s29.travian.com.tr http://s30.travian.com.tr http://speed.travian.com.ua http://speed2.travian.com.ua http://s1.travian.com.ua http://s2.travian.com.ua http://s3.travian.com.ua http://s4.travian.com.ua http://s5.travian.com.ua http://s6.travian.com.ua http://s7.travian.com.ua http://s8.travian.com.ua http://s9.travian.com.ua http://s10.travian.com.ua http://speed.travian.com.vn http://speed2.travian.com.vn http://s1.travian.com.vn http://s2.travian.com.vn http://s3.travian.com.vn http://s4.travian.com.vn http://s5.travian.com.vn http://s6.travian.com.vn http://s7.travian.com.vn http://s8.travian.com.vn http://s9.travian.com.vn http://s10.travian.com.vn http://speed.travian.cz http://speed2.travian.cz http://s1.travian.cz http://s2.travian.cz http://s3.travian.cz http://s4.travian.cz http://s5.travian.cz http://s6.travian.cz http://s7.travian.cz http://s8.travian.cz http://s9.travian.cz http://s10.travian.cz http://s11.travian.cz http://s12.travian.cz http://s13.travian.cz http://s14.travian.cz http://s15.travian.cz http://s16.travian.cz http://s17.travian.cz http://s18.travian.cz http://s19.travian.cz http://s20.travian.cz http://speed.travian.dk http://speed2.travian.dk http://s1.travian.dk http://s2.travian.dk http://s3.travian.dk http://s4.travian.dk http://s5.travian.dk http://s6.travian.dk http://s7.travian.dk http://s8.travian.dk http://s9.travian.dk http://s10.travian.dk http://speed.travian.fi http://speed2.travian.fi http://s1.travian.fi http://s2.travian.fi http://s3.travian.fi http://s4.travian.fi http://s5.travian.fi http://s6.travian.fi http://s7.travian.fi http://s8.travian.fi http://s9.travian.fi http://s10.travian.fi http://speed.travian.fr http://speed2.travian.fr http://s1.travian.fr http://s2.travian.fr http://s3.travian.fr http://s4.travian.fr http://s5.travian.fr http://s6.travian.fr http://s7.travian.fr http://s8.travian.fr http://s9.travian.fr http://s10.travian.fr http://s11.travian.fr http://s12.travian.fr http://s13.travian.fr http://s14.travian.fr http://s15.travian.fr http://s16.travian.fr http://s17.travian.fr http://s18.travian.fr http://s19.travian.fr http://s20.travian.fr http://speed.travian.gr http://speed2.travian.gr http://s1.travian.gr http://s2.travian.gr http://s3.travian.gr http://s4.travian.gr http://s5.travian.gr http://s6.travian.gr http://s7.travian.gr http://s8.travian.gr http://s9.travian.gr http://s10.travian.gr http://speed.travian.hk http://speed2.travian.hk http://s1.travian.hk http://s2.travian.hk http://s3.travian.hk http://s4.travian.hk http://s5.travian.hk http://s6.travian.hk http://s7.travian.hk http://s8.travian.hk http://s9.travian.hk http://s10.travian.hk http://speed.travian.hu http://speed2.travian.hu http://s1.travian.hu http://s2.travian.hu http://s3.travian.hu http://s4.travian.hu http://s5.travian.hu http://s6.travian.hu http://s7.travian.hu http://s8.travian.hu http://s9.travian.hu http://s10.travian.hu http://speed.travian.in http://speed2.travian.in http://s1.travian.in http://s2.travian.in http://s3.travian.in http://s4.travian.in http://s5.travian.in http://s6.travian.in http://s7.travian.in http://s8.travian.in http://s9.travian.in http://s10.travian.in http://speed.travian.ir http://speed2.travian.ir http://s1.travian.ir http://s2.travian.ir http://s3.travian.ir http://s4.travian.ir http://s5.travian.ir http://s6.travian.ir http://s7.travian.ir http://s8.travian.ir http://s9.travian.ir http://s10.travian.ir http://speed.travian.it http://speed2.travian.it http://s1.travian.it http://s2.travian.it http://s3.travian.it http://s4.travian.it http://s5.travian.it http://s6.travian.it http://s7.travian.it http://s8.travian.it http://s9.travian.it http://s10.travian.it http://s11.travian.it http://s12.travian.it http://s13.travian.it http://s14.travian.it http://s15.travian.it http://s16.travian.it http://s17.travian.it http://s18.travian.it http://s19.travian.it http://s20.travian.it http://speed.travian.jp http://speed2.travian.jp http://s1.travian.jp http://s2.travian.jp http://s3.travian.jp http://s4.travian.jp http://s5.travian.jp http://s6.travian.jp http://s7.travian.jp http://s8.travian.jp http://s9.travian.jp http://s10.travian.jp http://speed.travian.lt http://speed2.travian.lt http://s1.travian.lt http://s2.travian.lt http://s3.travian.lt http://s4.travian.lt http://s5.travian.lt http://s6.travian.lt http://s7.travian.lt http://s8.travian.lt http://s9.travian.lt http://s10.travian.lt http://speed.travian.lv http://speed2.travian.lv http://s1.travian.lv http://s2.travian.lv http://s3.travian.lv http://s4.travian.lv http://s5.travian.lv http://s6.travian.lv http://s7.travian.lv http://s8.travian.lv http://s9.travian.lv http://s10.travian.lv http://speed.travian.net http://speed2.travian.net http://s1.travian.net http://s2.travian.net http://s3.travian.net http://s4.travian.net http://s5.travian.net http://s6.travian.net http://s7.travian.net http://s8.travian.net http://s9.travian.net http://s10.travian.net http://speed.travian.nl http://speed2.travian.nl http://s1.travian.nl http://s2.travian.nl http://s3.travian.nl http://s4.travian.nl http://s5.travian.nl http://s6.travian.nl http://s7.travian.nl http://s8.travian.nl http://s9.travian.nl http://s10.travian.nl http://speed.travian.no http://speed2.travian.no http://s1.travian.no http://s2.travian.no http://s3.travian.no http://s4.travian.no http://s5.travian.no http://s6.travian.no http://s7.travian.no http://s8.travian.no http://s9.travian.no http://s10.travian.no http://speed.travian.ph http://speed2.travian.ph http://s1.travian.ph http://s2.travian.ph http://s3.travian.ph http://s4.travian.ph http://s5.travian.ph http://s6.travian.ph http://s7.travian.ph http://s8.travian.ph http://s9.travian.ph http://s10.travian.ph http://speed.travian.pk http://speed2.travian.pk http://s1.travian.pk http://s2.travian.pk http://s3.travian.pk http://s4.travian.pk http://s5.travian.pk http://s6.travian.pk http://s7.travian.pk http://s8.travian.pk http://s9.travian.pk http://s10.travian.pk http://speed.travian.pl http://speed2.travian.pl http://s1.travian.pl http://s2.travian.pl http://s3.travian.pl http://s4.travian.pl http://s5.travian.pl http://s6.travian.pl http://s7.travian.pl http://s8.travian.pl http://s9.travian.pl http://s10.travian.pl http://s11.travian.pl http://s12.travian.pl http://s13.travian.pl http://s14.travian.pl http://s15.travian.pl http://s16.travian.pl http://s17.travian.pl http://s18.travian.pl http://s19.travian.pl http://s20.travian.pl http://speed.travian.pt http://speed2.travian.pt http://s1.travian.pt http://s2.travian.pt http://s3.travian.pt http://s4.travian.pt http://s5.travian.pt http://s6.travian.pt http://s7.travian.pt http://s8.travian.pt http://s9.travian.pt http://s10.travian.pt http://s11.travian.pt http://s12.travian.pt http://s13.travian.pt http://s14.travian.pt http://s15.travian.pt http://s16.travian.pt http://s17.travian.pt http://s18.travian.pt http://s19.travian.pt http://s20.travian.pt http://speed.travian.ro http://speed2.travian.ro http://s1.travian.ro http://s2.travian.ro http://s3.travian.ro http://s4.travian.ro http://s5.travian.ro http://s6.travian.ro http://s7.travian.ro http://s8.travian.ro http://s9.travian.ro http://s10.travian.ro http://speed.travian.rs http://speed2.travian.rs http://s1.travian.rs http://s2.travian.rs http://s3.travian.rs http://s4.travian.rs http://s5.travian.rs http://s6.travian.rs http://s7.travian.rs http://s8.travian.rs http://s9.travian.rs http://s10.travian.rs http://speed.travian.ru http://speed2.travian.ru http://s1.travian.ru http://s2.travian.ru http://s3.travian.ru http://s4.travian.ru http://s5.travian.ru http://s6.travian.ru http://s7.travian.ru http://s8.travian.ru http://s9.travian.ru http://s10.travian.ru http://s11.travian.ru http://s12.travian.ru http://s13.travian.ru http://s14.travian.ru http://s15.travian.ru http://s16.travian.ru http://s17.travian.ru http://s18.travian.ru http://s19.travian.ru http://s20.travian.ru http://speed.travian.se http://speed2.travian.se http://s1.travian.se http://s2.travian.se http://s3.travian.se http://s4.travian.se http://s5.travian.se http://s6.travian.se http://s7.travian.se http://s8.travian.se http://s9.travian.se http://s10.travian.se http://speed.travian.si http://speed2.travian.si http://s1.travian.si http://s2.travian.si http://s3.travian.si http://s4.travian.si http://s5.travian.si http://s6.travian.si http://s7.travian.si http://s8.travian.si http://s9.travian.si http://s10.travian.si http://speed.travian.sk http://speed2.travian.sk http://s1.travian.sk http://s2.travian.sk http://s3.travian.sk http://s4.travian.sk http://s5.travian.sk http://s6.travian.sk http://s7.travian.sk http://s8.travian.sk http://s9.travian.sk http://s10.travian.sk http://speed.travian.us http://speed2.travian.us http://s1.travian.us http://s2.travian.us http://s3.travian.us http://s4.travian.us http://s5.travian.us http://s6.travian.us http://s7.travian.us http://s8.travian.us http://s9.travian.us http://s10.travian.us http://s11.travian.us http://s12.travian.us http://s13.travian.us http://s14.travian.us http://s15.travian.us http://s16.travian.us http://s17.travian.us http://s18.travian.us http://s19.travian.us http://s20.travian.us http://www.travian.at http://speed.travian.at http://speed2.travian.at http://www.travian.de http://speed.travian.de http://speed2.travian.de http://welt1.travian.de http://welt2.travian.de http://welt3.travian.de http://welt4.travian.de http://welt5.travian.de http://welt6.travian.de http://welt7.travian.de http://welt8.travian.de http://welt9.travian.de http://welt10.travian.de http://www.travian.org http://speed.travian.org http://speed2.travian.org
FF - user.js: capability.policy.localfilelinks.checkloaduri.enabled - allAccessc:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-DriverCD - D:\Run.exe
AddRemove-Aliens Vs Predator MultiPlayer 1.1 - c:\program files\Aliens Vs Predator\Uninstall.exe
AddRemove-Beta-EU - c:\rtw\APB_Beta-EU\uninstall.exe
AddRemove-SGLR Čeština - c:\program files\EA Games\Battlefield 2\Zničit Svět.exe
AddRemove-Aliens vs Predator - c:\program files\Aliens Vs Predator\uninstal AvP.exe
AddRemove-Stargate La Relčve - Release 1.01 - c:\program files\EA GAMES\Battlefield 2\mods\sglr\Uninstal.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-13 15:06
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Zuben\LOCALS~1\Temp\HGJBF.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MySQL501]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL501"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1454471165-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9BF8B1B5-641C-90FB-4846-A8BD67A791FC}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"ialfcgmbflbkemdcnd"=hex:6a,61,6b,65,61,6c,63,6a,65,6a,68,67,67,67,67,66,6b,64,
69,6b,00,fe
"hafciacpeljofhoe"=hex:6a,61,68,65,6b,69,6b,66,65,64,70,6b,66,66,6b,65,62,6b,
70,62,00,fe
"iahceioikgkjnnpbof"=hex:63,61,6f,65,6d,69,00,7c
"dbhehijgjanimgjlnlegdnhcinefofmphadgkglj"=hex:68,61,63,61,6d,70,6d,6d,65,66,
70,61,64,70,6c,6c,00,fe
"jbhehijgjanimgjlnlegimnggenhajkclbjfapfbmmbjaepcnldk"=hex:68,61,63,61,6d,70,
6d,6d,65,66,70,61,64,70,6c,6c,00,fe
"dbhehijgjanimgjlnlegopmcfkgephifapjhkbje"=hex:62,61,66,65,00,fd

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(996)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2010-08-13 15:07:00
ComboFix-quarantined-files.txt 2010-08-13 13:06

Před spuštěním: Volných bajtů: 32 198 737 920
Po spuštění: Volných bajtů: 37 576 351 744

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 81176371A48B478A4CDE4525FCBD1C1A

EDIT: Najednout mi z ničeho nic semtam spadne skype

#5 Příspěvek od **motji** » 13 srp 2010 17:09

Garenu a gamemon používáte?

Zuben45 · #6 Příspěvek od **Zuben45** » 13 srp 2010 17:45

Garenu ano je to něco jako hamachi a gamemon ani nevím co je, takže asi ne.
Od doby co jsem použil comboFix, tak mi sám začal vypínat skype

#7 Příspěvek od **motji** » 13 srp 2010 21:20

Jak sám vypínat? Vydržte ještě než to dokončíme, když tak ho zkusíte přeinstalovat

.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Driver::
npggsvc

File::
c:\windows\system32\GameMon.des

DDS::
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

Firefox::
FF - ProfilePath - c:\documents and settings\Zuben\Data aplikací\Mozilla\Firefox\Profiles\h8vilp17.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.myyearbook.com
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=f ... e=59563&p=


Regnull::
[HKEY_USERS\S-1-5-21-1454471165-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9BF8B1B5-641C-90FB-4846-A8BD67A791FC}*]

Reglock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Tento port máte otevřený schválně, víte co to je?
"5910:TCP"= 5910:TCP:vnc5910

Otestujte na http://www.virustotal.com

C:\psapi.dll
C:\WINDOWS\treeskp.sys
c:\program files\No-IP\DUC20.exe

-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.

Zuben45 · #8 Příspěvek od **Zuben45** » 13 srp 2010 23:57

ComboFix 10-08-12.03 - Zuben 14.08.2010 0:03.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.3042 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zuben\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Zuben\Plocha\CFScript.txt.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\GameMon.des"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\GameMon.des

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_npggsvc

((((((((((((((((((((((((( Soubory vytvořené od 2010-07-13 do 2010-08-13 )))))))))))))))))))))))))))))))
.

2010-08-13 09:35 . 2010-08-13 09:35 -------- d-----w- C:\tmp
2010-08-13 09:34 . 2010-08-13 09:34 -------- d-----w- c:\program files\Remobo
2010-08-12 19:40 . 2010-08-12 19:40 -------- d-----w- c:\program files\ScreenVCR
2010-08-12 17:30 . 2010-08-13 18:31 -------- d-----w- c:\program files\trend micro
2010-08-12 17:30 . 2010-08-12 17:33 -------- d-----w- C:\rsit
2010-08-11 21:54 . 2010-08-13 00:49 -------- d-----w- c:\program files\Hamachi
2010-08-09 18:49 . 2010-08-09 18:49 -------- d-----w- c:\program files\FLVPlayer
2010-08-09 18:19 . 2010-08-09 18:20 -------- d-----w- c:\program files\Common Files\Macromedia
2010-08-09 18:19 . 2010-08-09 18:19 -------- d-----w- c:\program files\Macromedia
2010-08-09 18:18 . 2010-08-09 18:18 -------- d-----w- c:\windows\Downloaded Installations
2010-08-09 02:43 . 2010-08-09 02:46 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-08-09 01:28 . 2010-07-07 01:58 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-09 01:28 . 2010-07-07 01:58 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-09 01:28 . 2010-07-07 01:57 4337664 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-09 01:28 . 2010-07-07 01:53 15499264 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-09 01:28 . 2010-07-07 01:29 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-09 01:28 . 2010-07-07 01:24 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-09 01:28 . 2010-07-07 01:15 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-09 01:28 . 2010-07-07 01:15 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-09 01:28 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2010-08-09 01:16 . 2007-04-17 23:13 494557 ----a-w- c:\windows\system32\dxgi.dll
2010-08-09 01:16 . 2007-04-17 23:13 25037 ----a-w- c:\windows\system32\Nucleus.dll
2010-08-09 01:16 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10d_33.dll
2010-08-09 01:16 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10d.dll
2010-08-09 01:16 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10.dll
2010-08-09 01:16 . 2007-04-17 23:20 566624 ----a-w- c:\windows\system32\d3d10.dll
2010-08-08 17:40 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-08-08 17:40 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-08-08 17:40 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-08-08 17:40 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-08-08 17:40 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-08-08 17:10 . 2010-08-08 17:10 -------- d-----w- c:\windows\system32\xlive
2010-08-08 17:10 . 2010-08-08 17:10 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-08-07 14:00 . 2010-08-07 14:05 1404940306 ----a-w- C:\w3ft.zip
2010-08-05 21:18 . 2010-08-05 21:20 -------- d-----w- c:\program files\iWisoft Free Video Converter
2010-08-05 20:14 . 2010-08-05 20:15 -------- d-----w- c:\program files\XP Codec Pack
2010-08-05 20:13 . 2009-10-01 05:41 7855400 ----a-w- C:\XP-Codec-Pack-2.5.0.exe
2010-08-05 20:13 . 2009-10-01 05:43 21305259 ----a-w- C:\Vista-Codec-Package_5.4.3.exe
2010-08-05 20:04 . 2010-08-05 20:04 81005 ----a-w- c:\windows\Uninstall Jade Empire.exe
2010-08-05 13:44 . 2010-08-05 13:44 -------- d-----w- c:\program files\directx
2010-08-05 11:58 . 2010-08-05 11:58 16531 ----a-w- c:\windows\War3Unin.dat
2010-08-05 11:58 . 2010-08-05 11:58 2829 ----a-w- c:\windows\War3Unin.pif
2010-08-05 11:58 . 2010-08-05 11:58 126976 ----a-w- c:\windows\War3Unin.exe
2010-08-05 11:21 . 2010-08-05 11:22 -------- d-----w- C:\w3ft
2010-08-04 18:02 . 2005-01-02 03:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2010-08-04 18:01 . 2010-08-04 18:01 -------- d-----w- c:\program files\Common Files\INCA Shared
2010-08-04 14:53 . 2010-08-04 14:53 -------- d-----w- c:\program files\A4Tech
2010-08-04 09:37 . 2010-08-04 14:50 -------- d-----w- c:\program files\Xfire
2010-08-04 02:40 . 2010-03-16 09:59 64000 ----a-w- c:\windows\system32\uc_sfighters_launching.dll
2010-08-04 02:40 . 2010-03-16 09:59 427008 ----a-w- c:\windows\system32\uc_wepic_launching.dll
2010-08-03 07:37 . 2010-08-03 07:37 -------- d-----w- c:\program files\Common Files\Java
2010-08-02 00:10 . 2010-08-02 00:10 -------- d-----w- c:\windows\system32\URTTEMP
2010-08-01 02:25 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-08-01 00:47 . 2010-08-01 00:47 -------- d-----w- c:\program files\Common Files\EasyInfo
2010-07-31 20:02 . 2010-07-31 20:02 -------- d-----w- c:\program files\Pando Networks
2010-07-27 13:56 . 2010-07-27 13:56 -------- d-----w- c:\program files\Software Informer
2010-07-27 13:49 . 2010-07-27 13:50 -------- d-----w- c:\program files\Witeye
2010-07-27 13:27 . 2010-07-28 13:53 -------- d-----w- c:\program files\DVRSoft
2010-07-26 22:09 . 2010-08-09 02:30 -------- d-----w- c:\program files\Garena
2010-07-24 15:56 . 2010-07-24 15:56 -------- d-----w- c:\program files\URUSoft
2010-07-23 18:53 . 2010-07-23 18:53 -------- d-----w- c:\program files\AMX Mod X
2010-07-22 23:48 . 2010-07-22 23:48 -------- d-----w- c:\windows\system32\QuickTime
2010-07-20 21:35 . 2010-07-20 21:35 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2010-07-20 21:35 . 2010-07-20 21:35 17212 ----a-w- c:\windows\system32\SIntf32.dll
2010-07-20 21:35 . 2010-07-20 21:35 12067 ----a-w- c:\windows\system32\SIntf16.dll
2010-07-20 21:30 . 2010-07-20 21:30 -------- d-----w- C:\Sierra
2010-07-20 21:00 . 2010-08-09 16:08 -------- d-----w- C:\music
2010-07-20 19:51 . 2010-07-20 19:59 -------- d-----w- c:\program files\GameSpy Arcade
2010-07-19 21:28 . 2010-07-19 21:28 -------- d-----w- c:\program files\Firefly Studios
2010-07-16 23:37 . 2008-04-14 06:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-07-16 23:18 . 2010-07-17 01:40 -------- d-----w- c:\program files\Microsoft Games
2010-07-16 17:10 . 2010-07-16 17:10 -------- d-----w- C:\sourcesdk_content
2010-07-15 12:10 . 2010-07-15 12:36 -------- d-----w- C:\Zuben mod
2010-07-15 11:36 . 2010-07-15 12:37 -------- d-----w- C:\HammerAutosave
2010-07-15 11:22 . 2010-07-15 11:23 -------- d-----w- c:\program files\BSPViewer
2010-07-15 11:20 . 2010-07-15 11:59 -------- d-----w- C:\MyMod
2010-07-15 11:07 . 2007-07-20 16:30 94208 ----a-w- c:\windows\system32\vtfthumbext.dll
2010-07-15 11:07 . 2007-07-20 16:30 41984 ----a-w- c:\windows\system32\vtfcolumnext.dll
2010-07-15 11:07 . 2007-03-10 07:36 516096 ----a-w- c:\windows\system32\VTFLib.dll
2010-07-15 11:06 . 2010-07-16 17:11 -------- d-----w- C:\SourceSDK
2010-07-15 10:58 . 2010-07-15 10:58 -------- d-----w- c:\program files\Valve Hammer Editor
2010-07-15 10:54 . 2010-07-15 10:54 -------- d-----w- c:\program files\Nem's Tools
2010-07-15 10:42 . 2010-07-15 10:42 -------- d-----w- C:\CZ

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-13 22:21 . 2010-05-16 23:15 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-13 18:36 . 2010-05-14 14:49 445936 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-13 09:24 . 2010-06-25 11:02 -------- d-----w- c:\program files\VALVe
2010-08-12 00:35 . 2010-06-01 02:57 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-11 21:57 . 2010-05-17 13:26 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-08-11 16:41 . 2010-05-11 20:16 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-08-11 16:40 . 2010-05-11 20:15 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-10 12:56 . 2010-05-09 09:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-09 15:50 . 2010-05-30 10:51 -------- d-----w- c:\program files\AviSynth 2.5
2010-08-09 11:12 . 2010-05-30 10:21 -------- d-----w- c:\program files\Sony
2010-08-09 01:29 . 2010-05-09 14:19 -------- d-----w- c:\program files\ATI
2010-08-09 01:28 . 2010-05-09 14:19 -------- d-----w- c:\program files\ATI Technologies
2010-08-09 00:41 . 2010-08-08 17:11 -------- d-----w- c:\program files\BRS
2010-08-09 00:38 . 2010-08-08 17:11 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-08-09 00:38 . 2010-08-08 17:11 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-08-08 17:11 . 2010-08-08 17:11 -------- d-----w- c:\program files\OpenAL
2010-08-06 12:26 . 2010-05-17 13:21 -------- d-----w- c:\program files\EA GAMES
2010-08-04 02:40 . 2010-08-03 17:17 -------- d-----w- c:\program files\Flash Saver
2010-08-03 07:37 . 2010-05-09 16:33 -------- d-----w- c:\program files\Java
2010-08-02 00:12 . 2001-10-25 13:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 00:12 . 2001-10-25 13:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-07-28 14:03 . 2010-05-30 00:43 -------- d-----w- c:\program files\Boris FX, Inc
2010-07-28 13:55 . 2010-07-13 18:10 -------- d-----w- c:\program files\Raxco
2010-07-28 13:55 . 2010-06-03 15:55 -------- d-----w- c:\program files\PFConfig
2010-07-26 22:46 . 2010-05-11 20:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-07-26 22:42 . 2010-07-06 22:15 674600 ----a-w- c:\windows\system32\pbsvc.exe
2010-07-25 21:29 . 2010-05-16 22:04 -------- d-----w- c:\program files\Autodesk
2010-07-24 21:12 . 2010-06-08 16:42 -------- d-----w- c:\program files\World of Warcraft 2.4.3
2010-07-17 03:00 . 2010-05-09 16:33 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-16 23:41 . 2010-05-09 09:36 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-16 23:41 . 2010-05-09 09:36 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-07-16 23:19 . 2010-05-14 16:30 -------- d-----w- c:\program files\DAEMON Tools Pro
2010-07-14 21:15 . 2010-07-14 21:15 -------- d-----w- c:\program files\Poznáváme C-Sharp a Microsoft.NET
2010-07-13 18:21 . 2010-06-12 08:30 -------- d-----w- c:\program files\DivX
2010-07-13 18:19 . 2010-07-13 18:19 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-13 18:06 . 2010-07-10 21:53 -------- d-----w- c:\program files\Frag Games
2010-07-12 21:24 . 2010-06-26 17:16 -------- d-----w- c:\program files\TeamViewer
2010-07-11 22:28 . 2010-07-11 22:28 -------- d-----w- c:\program files\Common Files\Thraex Software
2010-07-10 21:53 . 2010-07-10 21:53 64 ----a-w- c:\windows\GPlrLanc.dat
2010-07-07 20:22 . 2010-07-07 20:22 -------- d-----w- c:\program files\Zaparit
2010-07-07 16:02 . 2010-07-06 21:22 -------- d-----w- c:\program files\Counter-Strike Source
2010-07-07 02:27 . 2010-05-10 13:57 5069312 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-07-07 01:50 . 2010-05-17 17:34 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-07-07 01:48 . 2010-05-17 17:34 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-07-07 01:47 . 2010-05-10 13:57 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2010-07-07 01:41 . 2010-05-10 13:57 3869952 ----a-w- c:\windows\system32\ati3duag.dll
2010-07-07 01:33 . 2007-06-27 01:51 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-07-07 01:32 . 2007-06-27 01:51 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-07-07 01:32 . 2007-06-27 01:51 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-07-07 01:32 . 2007-06-27 01:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-07-07 01:32 . 2007-06-27 01:50 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-07-07 01:31 . 2007-06-27 01:49 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-07-07 01:29 . 2007-06-27 01:48 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-07-07 01:28 . 2010-05-10 13:57 2273920 ----a-w- c:\windows\system32\ativvaxx.dll
2010-07-07 01:27 . 2010-05-17 17:34 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-07-07 01:27 . 2010-05-17 17:34 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-07-07 01:25 . 2007-06-27 01:17 573440 ----a-w- c:\windows\system32\atikvmag.dll
2010-07-07 01:24 . 2007-06-27 01:14 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-07-07 01:23 . 2007-06-27 01:16 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-07-07 01:19 . 2010-05-10 13:57 704512 ----a-w- c:\windows\system32\ati2cqag.dll
2010-07-07 01:15 . 2007-06-27 01:15 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-07-06 16:11 . 2010-07-04 21:14 -------- d-----w- c:\program files\xStarter
2010-06-29 20:51 . 2010-05-17 20:14 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-06-29 13:08 . 2010-06-29 11:22 -------- d-----w- c:\program files\MAXON
2010-06-29 12:15 . 2010-06-29 12:15 -------- d-----w- c:\program files\FileZilla FTP Client
2010-06-28 20:57 . 2010-05-09 14:31 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-05-09 14:32 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-05-09 14:32 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-05-09 14:32 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-05-09 14:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-05-09 14:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-05-09 14:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-05-09 14:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-27 22:47 . 2010-05-14 09:12 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-26 10:51 . 2010-06-26 10:51 160090 ----a-w- c:\windows\Imperium Romanum Uninstaller.exe
2010-06-26 10:51 . 2010-06-26 10:51 -------- d-----w- c:\program files\SouthPeak
2010-06-26 10:43 . 2010-06-26 10:43 -------- d-----w- c:\program files\Kalypso
2010-06-22 20:25 . 2010-06-22 20:25 -------- d-----w- c:\program files\Axxa's World of Warcraft Logo Creator v1.2
2010-06-22 19:24 . 2010-06-22 19:24 -------- d-----w- c:\program files\WinSCP
2010-06-21 04:11 . 2010-06-21 04:11 20688898 ----a-w- C:\Dev-Cpp.zip
2010-06-17 18:19 . 2010-06-17 18:19 494518 ----a-w- C:\MangAdmin_addon.zip
2010-06-09 23:01 . 2010-07-13 18:20 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-06-09 23:01 . 2010-07-13 18:20 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-06-09 23:01 . 2010-05-27 16:05 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-06-09 23:01 . 2010-05-27 16:05 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-06-09 23:01 . 2010-05-27 16:05 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-06-09 23:01 . 2010-05-27 16:05 133616 ------w- c:\windows\system32\pxafs.dll
2010-06-08 16:38 . 2010-05-30 00:59 5 ----a-w- c:\windows\treeskp.sys
2010-06-08 16:38 . 2010-05-30 00:59 5 ----a-w- c:\windows\sbacknt.bin
2010-06-03 18:52 . 2010-06-03 18:51 9666221 ----a-w- c:\program files\Mozilla Firefox.rar
2010-06-01 02:57 . 2010-06-01 02:57 2359592 ----a-w- c:\windows\system32\pbsvc_apb.exe
2010-05-30 14:45 . 2010-05-30 14:45 1790 ----a-w- c:\windows\unins000.dat
2010-05-30 14:45 . 2010-05-30 14:45 695642 ----a-w- c:\windows\unins000.exe
2010-05-30 01:27 . 2010-05-30 00:59 152904 ----a-w- c:\windows\system32\vghd.scr
2010-05-25 18:59 . 2010-05-25 18:59 4096 ----a-w- c:\windows\d3dx.dat
2010-05-21 04:16 . 2010-05-21 04:16 4305834 ----a-w- c:\program files\PSPad editor.rar
2010-05-18 19:53 . 2010-05-18 19:53 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2010-05-18 19:50 . 2010-05-18 19:50 17408 ----a-w- C:\psapi.dll
2010-05-17 21:26 . 2010-05-17 21:26 0 ----a-r- C:\logwmemory.bin
2010-05-16 22:23 . 2010-05-16 22:23 9 ----a-w- c:\windows\waitforme.tmp
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Steam"="e:\program files\Steam\Steam.exe" [2010-08-12 1238352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 16377344]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 172032]
"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 40960]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 241664]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Remobo"="c:\program files\Remobo\Remobo.exe" [2010-01-21 10758656]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files\Frag Games\GPlayer.exe" [2010-05-17 2113536]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

c:\documents and settings\Zuben\Nabˇdka Start\Programy\Po spuçtŘnˇ\
No-IP DUC.lnk - c:\program files\No-IP\DUC20.exe [2010-6-4 1172992]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\FarmHelper\\FVBot.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Documents and Settings\\Zuben\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Program Files\\VALVe\\Garry's Mod\\hl2.exe"=
"c:\\Program Files\\VALVe\\Garry's Mod\\srcds.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"e:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)_1-02\\game.dat"=
"c:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"=
"e:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"e:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3308:TCP"= 3308:TCP:MySQL Server
"5910:TCP"= 5910:TCP:vnc5910
"58836:TCP"= 58836:TCP:Pando Media Booster
"58836:UDP"= 58836:UDP:Pando Media Booster
"28960:TCP"= 28960:TCP:COD4
"27015:TCP"= 27015:TCP:CSS
"1036:TCP"= 1036:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.5.2010 16:32 165456]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [18.5.2010 21:53 3026]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 14:49 14336]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [9.5.2010 18:06 29416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.5.2010 16:32 17744]
R2 CrossLoopService;CrossLoop Service;c:\documents and settings\Zuben\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe [18.6.2010 21:41 560792]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
R2 MySQL501;MySQL501;"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt" --defaults-file="c:\program files\MySQL\MySQL Server 5.0\my.ini" MySQL501 --> c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt [?]
R2 X4HSEx_Pr298;X4HSEx_Pr298;c:\program files\Frag Games\X4HSEx.sys [10.7.2010 23:53 56352]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\drivers\remobo32.sys [22.4.2009 17:21 26112]
S2 Mercury;Mercury;c:\xampp\xampp_service_mercury.exe [9.5.2010 18:06 78480]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Zuben\LOCALS~1\Temp\HGJBF.tmp --> c:\docume~1\Zuben\LOCALS~1\Temp\HGJBF.tmp [?]
S3 uvnc_service;uvnc_service;c:\documents and settings\Zuben\Local Settings\Data aplikací\CrossLoop\winvnc.exe [18.6.2010 21:41 1590216]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.5.2010 16:49 445936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'

2010-07-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-05-24 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2010-05-14 18:18]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Save Flash In This Page by Flash Saver - c:\progra~1\FLASHS~1\save.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Zuben\Nabídka Start\Programy\IMVU\Run IMVU.lnk
TCP: {39779B8E-094A-45EE-920C-26EA8BEEBA63} = 89.235.9.9,82.100.0.6
FF - ProfilePath - c:\documents and settings\Zuben\Data aplikací\Mozilla\Firefox\Profiles\h8vilp17.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - component: c:\documents and settings\Zuben\Data aplikací\Mozilla\Firefox\Profiles\h8vilp17.default\extensions\{32bcc991-3e17-48ce-9311-3092165fd092}\components\Engine.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: capability.policy.policynames - localfilelinks
FF - user.js: capability.policy.localfilelinks.sites - hxxp://speed.travian.ae http://speed2.travian.ae http://s1.travian.ae http://s2.travian.ae http://s3.travian.ae http://s4.travian.ae http://s5.travian.ae http://s6.travian.ae http://s7.travian.ae http://s8.travian.ae http://s9.travian.ae http://s10.travian.ae http://s11.travian.ae http://s12.travian.ae http://s13.travian.ae http://s14.travian.ae http://s15.travian.ae http://s16.travian.ae http://s17.travian.ae http://s18.travian.ae http://s19.travian.ae http://s20.travian.ae http://s21.travian.ae http://s22.travian.ae http://s23.travian.ae http://s24.travian.ae http://s25.travian.ae http://s26.travian.ae http://s27.travian.ae http://s28.travian.ae http://s29.travian.ae http://s30.travian.ae http://s31.travian.ae http://s32.travian.ae http://s33.travian.ae http://s34.travian.ae http://s35.travian.ae http://speed.travian.asia http://speed2.travian.asia http://s1.travian.asia http://s2.travian.asia http://s3.travian.asia http://s4.travian.asia http://s5.travian.asia http://s6.travian.asia http://s7.travian.asia http://s8.travian.asia http://s9.travian.asia http://s10.travian.asia http://speed.travian.ba http://speed2.travian.ba http://s1.travian.ba http://s2.travian.ba http://s3.travian.ba http://s4.travian.ba http://s5.travian.ba http://s6.travian.ba http://s7.travian.ba http://s8.travian.ba http://s9.travian.ba http://s10.travian.ba http://speed.travian.bg http://speed2.travian.bg http://s1.travian.bg http://s2.travian.bg http://s3.travian.bg http://s4.travian.bg http://s5.travian.bg http://s6.travian.bg http://s7.travian.bg http://s8.travian.bg http://s9.travian.bg http://s10.travian.bg http://speed.travian.cl http://speed2.travian.cl http://s1.travian.cl http://s2.travian.cl http://s3.travian.cl http://s4.travian.cl http://s5.travian.cl http://s6.travian.cl http://s7.travian.cl http://s8.travian.cl http://s9.travian.cl http://s10.travian.cl http://speed.travian.cn http://speed2.travian.cn http://s1.travian.cn http://s2.travian.cn http://s3.travian.cn http://s4.travian.cn http://s5.travian.cn http://s6.travian.cn http://s7.travian.cn http://s8.travian.cn http://s9.travian.cn http://s10.travian.cn http://s11.travian.cn http://s12.travian.cn http://s13.travian.cn http://s14.travian.cn http://s15.travian.cn http://s16.travian.cn http://s17.travian.cn http://s18.travian.cn http://s19.travian.cn http://s20.travian.cn http://speed.travian.co.ee http://speed2.travian.co.ee http://s1.travian.co.ee http://s2.travian.co.ee http://s3.travian.co.ee http://s4.travian.co.ee http://s5.travian.co.ee http://s6.travian.co.ee http://s7.travian.co.ee http://s8.travian.co.ee http://s9.travian.co.ee http://s10.travian.co.ee http://s11.travian.co.ee http://s12.travian.co.ee http://s13.travian.co.ee http://s14.travian.co.ee http://s15.travian.co.ee http://s16.travian.co.ee http://s17.travian.co.ee http://s18.travian.co.ee http://s19.travian.co.ee http://s20.travian.co.ee http://speed.travian.co.id http://speed2.travian.co.id http://s1.travian.co.id http://s2.travian.co.id http://s3.travian.co.id http://s4.travian.co.id http://s5.travian.co.id http://s6.travian.co.id http://s7.travian.co.id http://s8.travian.co.id http://s9.travian.co.id http://s10.travian.co.id http://speed.travian.co.il http://speed2.travian.co.il http://s1.travian.co.il http://s2.travian.co.il http://s3.travian.co.il http://s4.travian.co.il http://s5.travian.co.il http://s6.travian.co.il http://s7.travian.co.il http://s8.travian.co.il http://s9.travian.co.il http://s10.travian.co.il http://speed.travian.co.kr http://speed2.travian.co.kr http://s1.travian.co.kr http://s2.travian.co.kr http://s3.travian.co.kr http://s4.travian.co.kr http://s5.travian.co.kr http://s6.travian.co.kr http://s7.travian.co.kr http://s8.travian.co.kr http://s9.travian.co.kr http://s10.travian.co.kr http://speed.travian.co.nz http://speed2.travian.co.nz http://s1.travian.co.nz http://s2.travian.co.nz http://s3.travian.co.nz http://s4.travian.co.nz http://s5.travian.co.nz http://s6.travian.co.nz http://s7.travian.co.nz http://s8.travian.co.nz http://s9.travian.co.nz http://s10.travian.co.nz http://speed.travian.co.uk http://speed2.travian.co.uk http://s1.travian.co.uk http://s2.travian.co.uk http://s3.travian.co.uk http://s4.travian.co.uk http://s5.travian.co.uk http://s6.travian.co.uk http://s7.travian.co.uk http://s8.travian.co.uk http://s9.travian.co.uk http://s10.travian.co.uk http://speed.travian.co.za http://speed2.travian.co.za http://s1.travian.co.za http://s2.travian.co.za http://s3.travian.co.za http://s4.travian.co.za http://s5.travian.co.za http://s6.travian.co.za http://s7.travian.co.za http://s8.travian.co.za http://s9.travian.co.za http://s10.travian.co.za http://speed.travian.com http://speed2.travian.com http://s1.travian.com http://s2.travian.com http://s3.travian.com http://s4.travian.com http://s5.travian.com http://s6.travian.com http://s7.travian.com http://s8.travian.com http://s9.travian.com http://s10.travian.com http://s11.travian.com http://s12.travian.com http://s13.travian.com http://s14.travian.com http://s15.travian.com http://s16.travian.com http://s17.travian.com http://s18.travian.com http://s19.travian.com http://s20.travian.com http://speed.travian.com.ar http://speed2.travian.com.ar http://s1.travian.com.ar http://s2.travian.com.ar http://s3.travian.com.ar http://s4.travian.com.ar http://s5.travian.com.ar http://s6.travian.com.ar http://s7.travian.com.ar http://s8.travian.com.ar http://s9.travian.com.ar http://s10.travian.com.ar http://speed.travian.com.au http://speed2.travian.com.au http://s1.travian.com.au http://s2.travian.com.au http://s3.travian.com.au http://s4.travian.com.au http://s5.travian.com.au http://s6.travian.com.au http://s7.travian.com.au http://s8.travian.com.au http://s9.travian.com.au http://s10.travian.com.au http://speed.travian.com.br http://speed2.travian.com.br http://s1.travian.com.br http://s2.travian.com.br http://s3.travian.com.br http://s4.travian.com.br http://s5.travian.com.br http://s6.travian.com.br http://s7.travian.com.br http://s8.travian.com.br http://s9.travian.com.br http://s10.travian.com.br http://s11.travian.com.br http://s12.travian.com.br http://s13.travian.com.br http://s14.travian.com.br http://s15.travian.com.br http://s16.travian.com.br http://s17.travian.com.br http://s18.travian.com.br http://s19.travian.com.br http://s20.travian.com.br http://speed.travian.com.hr http://speed2.travian.com.hr http://s1.travian.com.hr http://s2.travian.com.hr http://s3.travian.com.hr http://s4.travian.com.hr http://s5.travian.com.hr http://s6.travian.com.hr http://s7.travian.com.hr http://s8.travian.com.hr http://s9.travian.com.hr http://s10.travian.com.hr http://speed.travian.com.mx http://speed2.travian.com.mx http://s1.travian.com.mx http://s2.travian.com.mx http://s3.travian.com.mx http://s4.travian.com.mx http://s5.travian.com.mx http://s6.travian.com.mx http://s7.travian.com.mx http://s8.travian.com.mx http://s9.travian.com.mx http://s10.travian.com.mx http://speed.travian.com.my http://speed2.travian.com.my http://s1.travian.com.my http://s2.travian.com.my http://s3.travian.com.my http://s4.travian.com.my http://s5.travian.com.my http://s6.travian.com.my http://s7.travian.com.my http://s8.travian.com.my http://s9.travian.com.my http://s10.travian.com.my http://speed.travian.com.tr http://speed2.travian.com.tr http://s1.travian.com.tr http://s2.travian.com.tr http://s3.travian.com.tr http://s4.travian.com.tr http://s5.travian.com.tr http://s6.travian.com.tr http://s7.travian.com.tr http://s8.travian.com.tr http://s9.travian.com.tr http://s10.travian.com.tr http://s11.travian.com.tr http://s12.travian.com.tr http://s13.travian.com.tr http://s14.travian.com.tr http://s15.travian.com.tr http://s16.travian.com.tr http://s17.travian.com.tr http://s18.travian.com.tr http://s19.travian.com.tr http://s20.travian.com.tr http://s21.travian.com.tr http://s22.travian.com.tr http://s23.travian.com.tr http://s24.travian.com.tr http://s25.travian.com.tr http://s26.travian.com.tr http://s27.travian.com.tr http://s28.travian.com.tr http://s29.travian.com.tr http://s30.travian.com.tr http://speed.travian.com.ua http://speed2.travian.com.ua http://s1.travian.com.ua http://s2.travian.com.ua http://s3.travian.com.ua http://s4.travian.com.ua http://s5.travian.com.ua http://s6.travian.com.ua http://s7.travian.com.ua http://s8.travian.com.ua http://s9.travian.com.ua http://s10.travian.com.ua http://speed.travian.com.vn http://speed2.travian.com.vn http://s1.travian.com.vn http://s2.travian.com.vn http://s3.travian.com.vn http://s4.travian.com.vn http://s5.travian.com.vn http://s6.travian.com.vn http://s7.travian.com.vn http://s8.travian.com.vn http://s9.travian.com.vn http://s10.travian.com.vn http://speed.travian.cz http://speed2.travian.cz http://s1.travian.cz http://s2.travian.cz http://s3.travian.cz http://s4.travian.cz http://s5.travian.cz http://s6.travian.cz http://s7.travian.cz http://s8.travian.cz http://s9.travian.cz http://s10.travian.cz http://s11.travian.cz http://s12.travian.cz http://s13.travian.cz http://s14.travian.cz http://s15.travian.cz http://s16.travian.cz http://s17.travian.cz http://s18.travian.cz http://s19.travian.cz http://s20.travian.cz http://speed.travian.dk http://speed2.travian.dk http://s1.travian.dk http://s2.travian.dk http://s3.travian.dk http://s4.travian.dk http://s5.travian.dk http://s6.travian.dk http://s7.travian.dk http://s8.travian.dk http://s9.travian.dk http://s10.travian.dk http://speed.travian.fi http://speed2.travian.fi http://s1.travian.fi http://s2.travian.fi http://s3.travian.fi http://s4.travian.fi http://s5.travian.fi http://s6.travian.fi http://s7.travian.fi http://s8.travian.fi http://s9.travian.fi http://s10.travian.fi http://speed.travian.fr http://speed2.travian.fr http://s1.travian.fr http://s2.travian.fr http://s3.travian.fr http://s4.travian.fr http://s5.travian.fr http://s6.travian.fr http://s7.travian.fr http://s8.travian.fr http://s9.travian.fr http://s10.travian.fr http://s11.travian.fr http://s12.travian.fr http://s13.travian.fr http://s14.travian.fr http://s15.travian.fr http://s16.travian.fr http://s17.travian.fr http://s18.travian.fr http://s19.travian.fr http://s20.travian.fr http://speed.travian.gr http://speed2.travian.gr http://s1.travian.gr http://s2.travian.gr http://s3.travian.gr http://s4.travian.gr http://s5.travian.gr http://s6.travian.gr http://s7.travian.gr http://s8.travian.gr http://s9.travian.gr http://s10.travian.gr http://speed.travian.hk http://speed2.travian.hk http://s1.travian.hk http://s2.travian.hk http://s3.travian.hk http://s4.travian.hk http://s5.travian.hk http://s6.travian.hk http://s7.travian.hk http://s8.travian.hk http://s9.travian.hk http://s10.travian.hk http://speed.travian.hu http://speed2.travian.hu http://s1.travian.hu http://s2.travian.hu http://s3.travian.hu http://s4.travian.hu http://s5.travian.hu http://s6.travian.hu http://s7.travian.hu http://s8.travian.hu http://s9.travian.hu http://s10.travian.hu http://speed.travian.in http://speed2.travian.in http://s1.travian.in http://s2.travian.in http://s3.travian.in http://s4.travian.in http://s5.travian.in http://s6.travian.in http://s7.travian.in http://s8.travian.in http://s9.travian.in http://s10.travian.in http://speed.travian.ir http://speed2.travian.ir http://s1.travian.ir http://s2.travian.ir http://s3.travian.ir http://s4.travian.ir http://s5.travian.ir http://s6.travian.ir http://s7.travian.ir http://s8.travian.ir http://s9.travian.ir http://s10.travian.ir http://speed.travian.it http://speed2.travian.it http://s1.travian.it http://s2.travian.it http://s3.travian.it http://s4.travian.it http://s5.travian.it http://s6.travian.it http://s7.travian.it http://s8.travian.it http://s9.travian.it http://s10.travian.it http://s11.travian.it http://s12.travian.it http://s13.travian.it http://s14.travian.it http://s15.travian.it http://s16.travian.it http://s17.travian.it http://s18.travian.it http://s19.travian.it http://s20.travian.it http://speed.travian.jp http://speed2.travian.jp http://s1.travian.jp http://s2.travian.jp http://s3.travian.jp http://s4.travian.jp http://s5.travian.jp http://s6.travian.jp http://s7.travian.jp http://s8.travian.jp http://s9.travian.jp http://s10.travian.jp http://speed.travian.lt http://speed2.travian.lt http://s1.travian.lt http://s2.travian.lt http://s3.travian.lt http://s4.travian.lt http://s5.travian.lt http://s6.travian.lt http://s7.travian.lt http://s8.travian.lt http://s9.travian.lt http://s10.travian.lt http://speed.travian.lv http://speed2.travian.lv http://s1.travian.lv http://s2.travian.lv http://s3.travian.lv http://s4.travian.lv http://s5.travian.lv http://s6.travian.lv http://s7.travian.lv http://s8.travian.lv http://s9.travian.lv http://s10.travian.lv http://speed.travian.net http://speed2.travian.net http://s1.travian.net http://s2.travian.net http://s3.travian.net http://s4.travian.net http://s5.travian.net http://s6.travian.net http://s7.travian.net http://s8.travian.net http://s9.travian.net http://s10.travian.net http://speed.travian.nl http://speed2.travian.nl http://s1.travian.nl http://s2.travian.nl http://s3.travian.nl http://s4.travian.nl http://s5.travian.nl http://s6.travian.nl http://s7.travian.nl http://s8.travian.nl http://s9.travian.nl http://s10.travian.nl http://speed.travian.no http://speed2.travian.no http://s1.travian.no http://s2.travian.no http://s3.travian.no http://s4.travian.no http://s5.travian.no http://s6.travian.no http://s7.travian.no http://s8.travian.no http://s9.travian.no http://s10.travian.no http://speed.travian.ph http://speed2.travian.ph http://s1.travian.ph http://s2.travian.ph http://s3.travian.ph http://s4.travian.ph http://s5.travian.ph http://s6.travian.ph http://s7.travian.ph http://s8.travian.ph http://s9.travian.ph http://s10.travian.ph http://speed.travian.pk http://speed2.travian.pk http://s1.travian.pk http://s2.travian.pk http://s3.travian.pk http://s4.travian.pk http://s5.travian.pk http://s6.travian.pk http://s7.travian.pk http://s8.travian.pk http://s9.travian.pk http://s10.travian.pk http://speed.travian.pl http://speed2.travian.pl http://s1.travian.pl http://s2.travian.pl http://s3.travian.pl http://s4.travian.pl http://s5.travian.pl http://s6.travian.pl http://s7.travian.pl http://s8.travian.pl http://s9.travian.pl http://s10.travian.pl http://s11.travian.pl http://s12.travian.pl http://s13.travian.pl http://s14.travian.pl http://s15.travian.pl http://s16.travian.pl http://s17.travian.pl http://s18.travian.pl http://s19.travian.pl http://s20.travian.pl http://speed.travian.pt http://speed2.travian.pt http://s1.travian.pt http://s2.travian.pt http://s3.travian.pt http://s4.travian.pt http://s5.travian.pt http://s6.travian.pt http://s7.travian.pt http://s8.travian.pt http://s9.travian.pt http://s10.travian.pt http://s11.travian.pt http://s12.travian.pt http://s13.travian.pt http://s14.travian.pt http://s15.travian.pt http://s16.travian.pt http://s17.travian.pt http://s18.travian.pt http://s19.travian.pt http://s20.travian.pt http://speed.travian.ro http://speed2.travian.ro http://s1.travian.ro http://s2.travian.ro http://s3.travian.ro http://s4.travian.ro http://s5.travian.ro http://s6.travian.ro http://s7.travian.ro http://s8.travian.ro http://s9.travian.ro http://s10.travian.ro http://speed.travian.rs http://speed2.travian.rs http://s1.travian.rs http://s2.travian.rs http://s3.travian.rs http://s4.travian.rs http://s5.travian.rs http://s6.travian.rs http://s7.travian.rs http://s8.travian.rs http://s9.travian.rs http://s10.travian.rs http://speed.travian.ru http://speed2.travian.ru http://s1.travian.ru http://s2.travian.ru http://s3.travian.ru http://s4.travian.ru http://s5.travian.ru http://s6.travian.ru http://s7.travian.ru http://s8.travian.ru http://s9.travian.ru http://s10.travian.ru http://s11.travian.ru http://s12.travian.ru http://s13.travian.ru http://s14.travian.ru http://s15.travian.ru http://s16.travian.ru http://s17.travian.ru http://s18.travian.ru http://s19.travian.ru http://s20.travian.ru http://speed.travian.se http://speed2.travian.se http://s1.travian.se http://s2.travian.se http://s3.travian.se http://s4.travian.se http://s5.travian.se http://s6.travian.se http://s7.travian.se http://s8.travian.se http://s9.travian.se http://s10.travian.se http://speed.travian.si http://speed2.travian.si http://s1.travian.si http://s2.travian.si http://s3.travian.si http://s4.travian.si http://s5.travian.si http://s6.travian.si http://s7.travian.si http://s8.travian.si http://s9.travian.si http://s10.travian.si http://speed.travian.sk http://speed2.travian.sk http://s1.travian.sk http://s2.travian.sk http://s3.travian.sk http://s4.travian.sk http://s5.travian.sk http://s6.travian.sk http://s7.travian.sk http://s8.travian.sk http://s9.travian.sk http://s10.travian.sk http://speed.travian.us http://speed2.travian.us http://s1.travian.us http://s2.travian.us http://s3.travian.us http://s4.travian.us http://s5.travian.us http://s6.travian.us http://s7.travian.us http://s8.travian.us http://s9.travian.us http://s10.travian.us http://s11.travian.us http://s12.travian.us http://s13.travian.us http://s14.travian.us http://s15.travian.us http://s16.travian.us http://s17.travian.us http://s18.travian.us http://s19.travian.us http://s20.travian.us http://www.travian.at http://speed.travian.at http://speed2.travian.at http://www.travian.de http://speed.travian.de http://speed2.travian.de http://welt1.travian.de http://welt2.travian.de http://welt3.travian.de http://welt4.travian.de http://welt5.travian.de http://welt6.travian.de http://welt7.travian.de http://welt8.travian.de http://welt9.travian.de http://welt10.travian.de http://www.travian.org http://speed.travian.org http://speed2.travian.org
FF - user.js: capability.policy.localfilelinks.checkloaduri.enabled - allAccessc:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-14 00:37
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Zuben\LOCALS~1\Temp\HGJBF.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MySQL501]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL501"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1004)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll

- - - - - - - > 'explorer.exe'(852)
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\xampp\FileZillaFTP\FileZilla server.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wscntfy.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\windows\RTHDCPL.EXE
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Celkový čas: 2010-08-14 00:47:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-13 22:47
ComboFix2.txt 2010-08-13 13:07

Před spuštěním: Volných bajtů: 37 434 097 664
Po spuštění: Volných bajtů: 37 429 608 448

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - E2A610815EF93D843C13952D591AC3F7

Zuben45 · #9 Příspěvek od **Zuben45** » 14 srp 2010 00:09

C:\psapi.dll
AhnLab-V3 2010.08.14.00 2010.08.13 -
AntiVir 8.2.4.34 2010.08.13 -
Antiy-AVL 2.0.3.7 2010.08.11 -
Authentium 5.2.0.5 2010.08.13 -
Avast 4.8.1351.0 2010.08.13 -
Avast5 5.0.332.0 2010.08.13 -
AVG 9.0.0.851 2010.08.13 -
BitDefender 7.2 2010.08.14 -
CAT-QuickHeal 11.00 2010.08.13 -
ClamAV 0.96.0.3-git 2010.08.13 -
Comodo 5728 2010.08.13 -
DrWeb 5.0.2.03300 2010.08.14 -
Emsisoft 5.0.0.37 2010.08.13 -
eSafe 7.0.17.0 2010.08.12 -
eTrust-Vet 36.1.7790 2010.08.13 -
F-Prot 4.6.1.107 2010.08.13 -
F-Secure 9.0.15370.0 2010.08.14 -
Fortinet 4.1.143.0 2010.08.13 -
GData 21 2010.08.14 -
Ikarus T3.1.1.88.0 2010.08.13 -
Jiangmin 13.0.900 2010.08.13 -
Kaspersky 7.0.0.125 2010.08.13 -
McAfee 5.400.0.1158 2010.08.14 -
McAfee-GW-Edition 2010.1 2010.08.13 -
Microsoft 1.6004 2010.08.13 -
NOD32 5365 2010.08.13 -
Norman 6.05.11 2010.08.13 -
nProtect 2010-08-13.01 2010.08.13 -
Panda 10.0.2.7 2010.08.13 -
PCTools 7.0.3.5 2010.08.13 -
Prevx 3.0 2010.08.14 -
Rising 22.60.04.04 2010.08.13 -
Sophos 4.56.0 2010.08.13 -
Sunbelt 6730 2010.08.13 -
SUPERAntiSpyware 4.40.0.1006 2010.08.13 -
Symantec 20101.1.1.7 2010.08.14 -
TheHacker 6.5.2.1.347 2010.08.13 -
TrendMicro 9.120.0.1004 2010.08.13 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.14 -
VBA32 3.12.14.0 2010.08.13 -
ViRobot 2010.8.9.3978 2010.08.13 -
VirusBuster 5.0.27.0 2010.08.13 -

C:\WINDOWS\treeskp.sys
AhnLab-V3 2010.08.14.00 2010.08.13 -
AntiVir 8.2.4.34 2010.08.13 -
Antiy-AVL 2.0.3.7 2010.08.11 -
Authentium 5.2.0.5 2010.08.13 -
Avast 4.8.1351.0 2010.08.13 -
Avast5 5.0.332.0 2010.08.13 -
AVG 9.0.0.851 2010.08.13 -
BitDefender 7.2 2010.08.14 -
CAT-QuickHeal 11.00 2010.08.13 -
ClamAV 0.96.0.3-git 2010.08.13 -
Comodo 5728 2010.08.13 -
DrWeb 5.0.2.03300 2010.08.14 -
Emsisoft 5.0.0.37 2010.08.13 -
eTrust-Vet 36.1.7790 2010.08.13 -
F-Prot 4.6.1.107 2010.08.13 -
F-Secure 9.0.15370.0 2010.08.14 -
Fortinet 4.1.143.0 2010.08.13 -
GData 21 2010.08.14 -
Ikarus T3.1.1.88.0 2010.08.13 -
Jiangmin 13.0.900 2010.08.13 -
Kaspersky 7.0.0.125 2010.08.13 -
McAfee 5.400.0.1158 2010.08.14 -
McAfee-GW-Edition 2010.1 2010.08.13 -
Microsoft 1.6004 2010.08.13 -
NOD32 5365 2010.08.13 -
Norman 6.05.11 2010.08.13 -
nProtect 2010-08-13.01 2010.08.13 -
Panda 10.0.2.7 2010.08.13 -
PCTools 7.0.3.5 2010.08.13 -
Prevx 3.0 2010.08.14 -
Rising 22.60.04.04 2010.08.13 -
Sophos 4.56.0 2010.08.13 -
Sunbelt 6730 2010.08.13 -
SUPERAntiSpyware 4.40.0.1006 2010.08.13 -
Symantec 20101.1.1.7 2010.08.14 -
TheHacker 6.5.2.1.347 2010.08.13 -
TrendMicro 9.120.0.1004 2010.08.13 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.14 -
VBA32 3.12.14.0 2010.08.13 -
ViRobot 2010.8.9.3978 2010.08.13 -
VirusBuster 5.0.27.0 2010.08.13 -

c:\program files\No-IP\DUC20.exe
AhnLab-V3 2010.08.14.00 2010.08.13 -
AntiVir 8.2.4.34 2010.08.13 -
Antiy-AVL 2.0.3.7 2010.08.11 -
Authentium 5.2.0.5 2010.08.13 -
Avast 4.8.1351.0 2010.08.13 -
Avast5 5.0.332.0 2010.08.13 -
AVG 9.0.0.851 2010.08.13 -
BitDefender 7.2 2010.08.14 -
CAT-QuickHeal 11.00 2010.08.13 -
ClamAV 0.96.0.3-git 2010.08.13 -
Comodo 5728 2010.08.13 -
DrWeb 5.0.2.03300 2010.08.13 -
Emsisoft 5.0.0.37 2010.08.13 -
eSafe 7.0.17.0 2010.08.12 -
eTrust-Vet 36.1.7790 2010.08.13 -
F-Prot 4.6.1.107 2010.08.13 -
F-Secure 9.0.15370.0 2010.08.14 -
Fortinet 4.1.143.0 2010.08.13 -
GData 21 2010.08.14 -
Ikarus T3.1.1.88.0 2010.08.13 -
Jiangmin 13.0.900 2010.08.13 -
Kaspersky 7.0.0.125 2010.08.13 -
McAfee 5.400.0.1158 2010.08.14 -
McAfee-GW-Edition 2010.1 2010.08.13 -
Microsoft 1.6004 2010.08.13 -
NOD32 5365 2010.08.13 -
Norman 6.05.11 2010.08.13 -
nProtect 2010-08-13.01 2010.08.13 -
Panda 10.0.2.7 2010.08.13 -
PCTools 7.0.3.5 2010.08.13 -
Prevx 3.0 2010.08.14 -
Rising 22.60.04.04 2010.08.13 -
Sophos 4.56.0 2010.08.13 -
Sunbelt 6730 2010.08.13 -
SUPERAntiSpyware 4.40.0.1006 2010.08.13 -
Symantec 20101.1.1.7 2010.08.14 -
TheHacker 6.5.2.1.347 2010.08.13 -
TrendMicro 9.120.0.1004 2010.08.13 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.14 -
VBA32 3.12.14.0 2010.08.13 -
ViRobot 2010.8.9.3978 2010.08.13 -
VirusBuster 5.0.27.0 2010.08.13 -

O těch portech nic nevím.

#10 Příspěvek od **motji** » 14 srp 2010 07:40

Jak to vypadá s počítačem?

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Zuben45 · #11 Příspěvek od **Zuben45** » 15 srp 2010 00:46

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4428

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

15.8.2010 1:37:02
mbam-log-2010-08-15 (01-37-02).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 1092721
Uplynulý čas: 4 hodina(y), 23 minuta(y), 11 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\downloads\Adobe After Effects CS4\ACS4MC- Keygen\Keygen (X-FORCE)\ACS4MC-Keygen (X-FORCE).exe (Trojan.Downloader) -> No action taken.
C:\downloads\Sony Vegas\SonyVegas\Patch\patch.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\d3dx10d.dll (Trojan.FakeAlert) -> No action taken.

#12 Příspěvek od **motji** » 15 srp 2010 08:39

Tento soubor otestujte na www.virustotal.com
C:\WINDOWS\system32\d3dx10d.dll

Zuben45 · #13 Příspěvek od **Zuben45** » 15 srp 2010 12:40

AhnLab-V3 2010.08.15.01 2010.08.15 -
AntiVir 8.2.4.34 2010.08.13 -
Antiy-AVL 2.0.3.7 2010.08.11 -
Authentium 5.2.0.5 2010.08.14 -
Avast 4.8.1351.0 2010.08.15 -
Avast5 5.0.332.0 2010.08.15 -
AVG 9.0.0.851 2010.08.15 -
BitDefender 7.2 2010.08.15 -
CAT-QuickHeal 11.00 2010.08.14 -
ClamAV 0.96.0.3-git 2010.08.15 -
Comodo 5747 2010.08.15 -
DrWeb 5.0.2.03300 2010.08.15 -
Emsisoft 5.0.0.37 2010.08.15 -
eTrust-Vet 36.1.7790 2010.08.13 -
F-Prot 4.6.1.107 2010.08.14 -
F-Secure 9.0.15370.0 2010.08.15 -
Fortinet 4.1.143.0 2010.08.15 -
GData 21 2010.08.15 -
Ikarus T3.1.1.88.0 2010.08.15 -
Jiangmin 13.0.900 2010.08.15 -
Kaspersky 7.0.0.125 2010.08.15 -
McAfee 5.400.0.1158 2010.08.15 -
McAfee-GW-Edition 2010.1 2010.08.14 -
Microsoft 1.6004 2010.08.15 -
NOD32 5367 2010.08.14 -
Norman 6.05.11 2010.08.15 -
nProtect 2010-08-15.01 2010.08.15 -
Panda 10.0.2.7 2010.08.15 -
PCTools 7.0.3.5 2010.08.15 -
Prevx 3.0 2010.08.15 -
Rising 22.60.06.04 2010.08.15 -
Sophos 4.56.0 2010.08.15 -
Sunbelt 6735 2010.08.15 -
SUPERAntiSpyware 4.40.0.1006 2010.08.15 -
Symantec 20101.1.1.7 2010.08.15 -
TheHacker 6.5.2.1.348 2010.08.14 -
TrendMicro 9.120.0.1004 2010.08.15 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.15 -
VBA32 3.12.14.0 2010.08.13 -
ViRobot 2010.8.9.3978 2010.08.14 -
VirusBuster 5.0.27.0 2010.08.14 -

mazalou · #14 Příspěvek od **mazalou** » 15 srp 2010 13:31

Logfile of HijackThis v1.99.1
Scan saved at 14:34:10, on 15.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=14597&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F637D12-F17A-46BC-B9CC-1DFC611B23F5}: NameServer = 88.146.189.14,88.146.189.10
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Rx2Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
O23 - Service: Rx2Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

mazalou · #15 Příspěvek od **mazalou** » 15 srp 2010 13:33

Logfile of HijackThis v1.99.1
Scan saved at 14:34:10, on 15.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=14597&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F637D12-F17A-46BC-B9CC-1DFC611B23F5}: NameServer = 88.146.189.14,88.146.189.10
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Rx2Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
O23 - Service: Rx2Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

VIRY.CZ