VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Blokování odkazů...

https://forum.viry.cz:443/viewtopic.php?t=108271

Stránka 1 z 1

Blokování odkazů...

Napsal: 07 led 2011 21:11
od Tamara.Me
Dobrý den, už nevím kam se obrátit s tímto problémem, když chci na nějaké internetové stránce přes "download" vložit do aplikace (např. účesy nebo aplikace pro tvorbu vánočních přání) nějakou fotografii uloženou v PC, tak se stránka neotevře, původní se v lepším případě obnoví anebo zůstane bílá a dál se nic neděje, někdy se i prohlížeč zavře. Zkoušela jsem i více prohlížečů, ale je to to samé. Zkoušela jsem různé přeinstalace, obnovení apod. max.se někde (např. v Opeře) objeví hlášky "zásuvný modul selhal" nebo "Crash log writing failed, couldn´t dobug process! Error description from system: Parametr není správný."... Pustila jsem opravu XP a pak instalovala opět nové aktualizace atp., jeden den to bylo v pořádku, ale další už to opět nešlo.... V internet exploreru se mi stává i při prohlížení jiných stránek, že se stránka při kliknutí na jiný odkaz restartuje nebo obnovuje.... Jsem amatér, tak si s tím moc nevím rady, a žádnou radu jsem na internetu nenašla. Buď je to nějaký neobjevený prevít, i když si myslím, že ochranu mám dostatečnou, anebo je někde něco špatně zaškrtnuté v nějakém nastavení?!?
Děkuji předem za odpovědi. Tamara
P.S. mám i stažený ComboFix pokud to k něčemu bude...

Re: Blokování odkazů...

Napsal: 07 led 2011 21:16
od Rudy
Na viry váím, pokud chcete, PC zkontrolujeme. Vámi popisovaný jev však může mít více příčin. Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .

Re: Blokování odkazů...

Napsal: 07 led 2011 21:42
od Tamara.Me
Tak jsem něco vytvořila, nevím co znamená "thread",ale snad jsem dobře pochopila, že to mám zkopírovat sem?

Logfile of random's system information tool 1.08 (written by random/random)
Run by tamara at 2011-01-07 21:35:04
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 37 GB (24%) free of 153 GB
Total RAM: 1023 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:41, on 7.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HappyFoto\HF Designer\dd.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Opera\opera.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\tamara.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Device Detection] C:\Program Files\HappyFoto\HF Designer\dd.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Stahuj.cz - {01586B1E-22D5-4AC9-B797-962320B24988} - http://www.stahuj.cz (file missing) (HKCU)
O9 - Extra button: Xchat.cz - {6D57380B-3A11-47C9-B604-98D19DF5104D} - http://www.xchat.cz (file missing) (HKCU)
O9 - Extra button: Centrum.cz - {710BB53C-8397-4566-BAC8-E1776675E81D} - http://www.centrum.cz (file missing) (HKCU)
O9 - Extra button: Slovníky - {89DF27E9-686F-49CC-A77A-049011BD23BC} - http://slovniky.centrum.cz (file missing) (HKCU)
O9 - Extra button: Počasí - {8ADD5A3A-BE56-47AE-AC86-DF14B62BE36C} - http://pocasi.centrum.cz (file missing) (HKCU)
O9 - Extra button: Fotoalba - {B7B22DBC-1235-43EE-86B8-D44226746679} - http://www.fotoalba.cz (file missing) (HKCU)
O9 - Extra button: Aktuálně - {B84BF7FA-5356-4F39-A0CD-55FBC9AEEB9E} - http://aktualne.centrum.cz (file missing) (HKCU)
O9 - Extra button: Bleskově - {C6AC2A53-8074-4513-9062-38738836F67D} - http://www.bleskove.cz (file missing) (HKCU)
O9 - Extra button: Žena.cz - {E9BBBFAC-CA2B-4F8C-B68A-6E65FB1C3F73} - http://www.zena.cz (file missing) (HKCU)
O9 - Extra button: Supermapy - {FC8BD26F-929D-4F99-8431-6360BD0D60C9} - http://www.supermapy.cz (file missing) (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3279983531
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.40.70.226/activex/AxisCamControl.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9a41fe3a632d2) (gupdate1c9a41fe3a632d2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 16062 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1078081533-287218729-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1078081533-287218729-725345543-1004.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-07-01 1190912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-19 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-02 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2011-01-02 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2008-07-01 1190912]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-02 297648]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-10-11 1826816]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-09-13 380928]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-05-15 1628208]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-05-15 1057328]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"EPSON Stylus D68 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE [2005-01-25 98304]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-31 30192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-16 8491008]
"Flashget"=C:\Program Files\FlashGet\FlashGet.exe [2007-09-25 2007088]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2010-11-19 274608]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-25 16855552]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-09-16 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe []
"Device Detection"=C:\Program Files\HappyFoto\HF Designer\dd.exe [2010-10-15 550400]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-20 26192680]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-01-05 395640]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"C:\Program Files\WBGames\Monolith Productions\F.E.A.R. 2 SP Demo\FEAR2SPDemo.exe"="C:\Program Files\WBGames\Monolith Productions\F.E.A.R. 2 SP Demo\FEAR2SPDemo.exe:*:Enabled:FEAR2SPDemo.exe"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-01-07 21:35:10 ----D---- C:\Program Files\trend micro
2011-01-07 21:35:04 ----D---- C:\rsit
2011-01-06 20:00:31 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-06 19:04:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2011-01-06 19:04:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2011-01-06 19:04:22 ----D---- C:\Program Files\McAfee Security Scan
2011-01-05 19:30:53 ----D---- C:\Documents and Settings\tamara\Data aplikací\PriceGong
2011-01-05 19:01:33 ----D---- C:\Program Files\Conduit
2011-01-05 19:01:31 ----D---- C:\Program Files\ConduitEngine
2011-01-05 19:01:28 ----D---- C:\Program Files\uTorrentBar
2011-01-05 19:00:55 ----D---- C:\Program Files\uTorrent
2011-01-05 18:59:02 ----D---- C:\Documents and Settings\tamara\Data aplikací\uTorrent
2011-01-04 22:08:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-01-04 22:08:19 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-04 22:07:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-01-04 22:04:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-04 22:03:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-01-04 17:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-01-04 17:17:24 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-01-04 17:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-01-04 17:17:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-01-04 17:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-01-04 17:16:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-04 17:16:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-04 17:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-04 17:16:20 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-01-04 17:15:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-01-04 17:15:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-01-04 17:15:38 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-01-04 17:15:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-01-04 17:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-01-04 17:14:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-01-04 17:14:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-01-04 17:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-01-04 17:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-04 17:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-01-04 17:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-01-04 17:12:22 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-01-04 17:12:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-04 17:11:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-01-03 22:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-01-03 22:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2011-01-03 20:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-01-03 20:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-01-03 20:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-01-03 20:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-01-03 20:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-01-03 20:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-01-03 20:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-01-03 20:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-01-03 20:02:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-01-03 20:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-03 20:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-01-03 20:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-01-03 20:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-01-03 20:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-03 20:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-03 19:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-01-03 19:53:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-03 19:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-01-03 19:53:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-01-03 19:52:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-03 19:52:33 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-01-03 19:52:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2011-01-03 19:52:14 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-01-03 19:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-01-03 19:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-01-03 19:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-01-03 19:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-01-03 19:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-01-03 19:51:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-01-03 19:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-01-03 19:51:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-01-03 19:51:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-01-03 19:51:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-03 19:50:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-01-03 19:50:51 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-01-03 19:50:21 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-03 19:50:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-01-03 19:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB953155$
2011-01-03 19:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-01-03 19:49:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-03 19:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-01-03 19:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-01-03 19:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-01-03 19:49:14 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-01-03 19:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-01-03 19:49:02 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-03 19:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-01-03 19:48:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-03 19:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2011-01-03 19:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-03 19:48:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-03 19:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-03 19:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-01-03 19:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-01-03 19:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-03 19:47:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-01-03 19:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2011-01-03 19:47:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-01-03 19:47:24 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2011-01-03 19:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-01-03 19:47:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-01-03 19:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-01-03 19:42:22 ----D---- C:\WINDOWS\Prefetch
2011-01-03 19:23:59 ----A---- C:\WINDOWS\003135_.tmp
2011-01-03 19:13:18 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-01-03 18:49:17 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2011-01-03 18:37:01 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2011-01-02 19:49:16 ----ASH---- C:\pagefile.sys
2011-01-02 19:13:55 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-01-02 19:02:48 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-01-02 19:02:48 ----A---- C:\WINDOWS\system32\irclass.dll
2011-01-02 19:02:26 ----RA---- C:\WINDOWS\SET142.tmp
2011-01-02 19:02:20 ----RA---- C:\WINDOWS\SET117.tmp
2011-01-02 19:02:16 ----RA---- C:\WINDOWS\SET10B.tmp
2011-01-02 19:02:13 ----RA---- C:\WINDOWS\SET108.tmp
2011-01-02 18:45:42 ----A---- C:\WINDOWS\UPGRADE.TXT
2011-01-02 12:22:15 ----D---- C:\UCTO2010
2011-01-02 12:15:13 ----SHD---- C:\RECYCLER
2011-01-02 11:47:02 ----RASHD---- C:\cmdcons
2011-01-02 11:42:56 ----A---- C:\WINDOWS\zip.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\SWSC.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\SWREG.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\sed.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\PEV.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\NIRCMD.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\MBR.exe
2011-01-02 11:42:56 ----A---- C:\WINDOWS\grep.exe
2011-01-02 11:40:27 ----D---- C:\WINDOWS\ERDNT
2011-01-02 11:40:25 ----A---- C:\WINDOWS\system32\CF12391.exe
2011-01-02 11:38:32 ----D---- C:\Qoobox
2010-12-27 19:12:58 ----D---- C:\Program Files\Micro DVD Player
2010-12-27 19:10:56 ----D---- C:\PPK_CD
2010-12-25 15:28:56 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-12-25 15:28:56 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-12-25 14:22:30 ----D---- C:\Program Files\Mplayer
2010-12-25 14:18:08 ----D---- C:\Program Files\Fox
2010-12-14 19:34:51 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-14 19:34:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

======List of files/folders modified in the last 1 months======

2011-01-07 21:35:10 ----RD---- C:\Program Files
2011-01-07 21:34:46 ----D---- C:\Program Files\FlashGet
2011-01-07 21:34:46 ----D---- C:\Downloads
2011-01-07 21:17:16 ----D---- C:\WINDOWS\Temp
2011-01-07 18:03:42 ----SD---- C:\WINDOWS\Tasks
2011-01-06 21:15:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-06 20:38:54 ----D---- C:\Documents and Settings\tamara\Data aplikací\Skype
2011-01-06 20:35:56 ----D---- C:\WINDOWS\system32\config
2011-01-06 20:35:35 ----D---- C:\WINDOWS\system32\wbem
2011-01-06 20:35:35 ----D---- C:\WINDOWS\Registration
2011-01-06 20:35:21 ----SHD---- C:\WINDOWS\Installer
2011-01-06 20:00:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-06 20:00:40 ----D---- C:\Config.Msi
2011-01-06 19:39:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-06 19:37:33 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-06 18:39:32 ----HD---- C:\WINDOWS\inf
2011-01-06 18:39:32 ----D---- C:\WINDOWS\system32
2011-01-06 17:47:04 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-06 16:51:09 ----D---- C:\WINDOWS
2011-01-05 21:33:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-05 21:33:39 ----A---- C:\WINDOWS\imsins.BAK
2011-01-05 21:32:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-04 22:08:47 ----D---- C:\WINDOWS\system32\drivers
2011-01-04 22:04:11 ----D---- C:\Program Files\Movie Maker
2011-01-04 22:03:45 ----D---- C:\Program Files\Outlook Express
2011-01-04 20:52:48 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-04 18:35:38 ----D---- C:\Program Files\Messenger
2011-01-04 18:35:30 ----D---- C:\Program Files\Opera
2011-01-04 18:35:23 ----D---- C:\WINDOWS\AppPatch
2011-01-04 18:35:22 ----D---- C:\Program Files\Internet Explorer
2011-01-04 18:34:35 ----HDC---- C:\WINDOWS\ie8
2011-01-04 18:32:21 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-03 20:04:55 ----D---- C:\WINDOWS\Help
2011-01-03 20:00:53 ----D---- C:\WINDOWS\ie8updates
2011-01-03 19:58:13 ----D---- C:\WINDOWS\system32\cs-cz
2011-01-03 19:42:10 ----A---- C:\WINDOWS\setuplog.txt
2011-01-03 19:41:33 ----D---- C:\WINDOWS\system32\Setup
2011-01-03 19:41:33 ----D---- C:\Program Files\Common Files\System
2011-01-03 19:41:32 ----RSD---- C:\WINDOWS\Fonts
2011-01-03 19:37:57 ----D---- C:\WINDOWS\security
2011-01-03 19:36:26 ----D---- C:\Program Files\Windows Media Player
2011-01-03 19:36:18 ----D---- C:\WINDOWS\ime
2011-01-03 19:36:09 ----D---- C:\WINDOWS\PeerNet
2011-01-03 19:33:54 ----D---- C:\WINDOWS\system32\Restore
2011-01-03 19:33:54 ----D---- C:\WINDOWS\system32\npp
2011-01-03 19:33:52 ----D---- C:\WINDOWS\msagent
2011-01-03 19:33:48 ----D---- C:\WINDOWS\srchasst
2011-01-03 19:33:42 ----D---- C:\Program Files\NetMeeting
2011-01-03 19:33:40 ----D---- C:\WINDOWS\system32\Com
2011-01-03 19:33:34 ----D---- C:\Program Files\Windows NT
2011-01-03 19:32:48 ----D---- C:\WINDOWS\system32\oobe
2011-01-03 19:32:47 ----D---- C:\WINDOWS\system32\usmt
2011-01-03 19:32:46 ----D---- C:\WINDOWS\system
2011-01-03 19:23:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-01-03 19:13:14 ----D---- C:\WINDOWS\EHome
2011-01-03 18:27:13 ----D---- C:\WINDOWS\Media
2011-01-03 18:12:57 ----D---- C:\WINDOWS\ie7updates
2011-01-03 18:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2011-01-03 18:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2011-01-03 17:56:34 ----ASH---- C:\boot.ini
2011-01-03 17:56:24 ----D---- C:\WINDOWS\SoftwareDistribution
2011-01-02 21:56:02 ----D---- C:\WINDOWS\network diagnostic
2011-01-02 20:05:35 ----D---- C:\Documents and Settings\tamara\Data aplikací\Google
2011-01-02 19:54:59 ----D---- C:\Program Files\Google
2011-01-02 19:51:50 ----D---- C:\WINDOWS\system32\1029
2011-01-02 19:51:37 ----D---- C:\WINDOWS\twain_32
2011-01-02 19:50:54 ----D---- C:\WINDOWS\system32\icsxml
2011-01-02 19:50:20 ----D---- C:\WINDOWS\system32\1033
2011-01-02 19:49:16 ----D---- C:\WINDOWS\WinSxS
2011-01-02 19:49:16 ----D---- C:\WINDOWS\Driver Cache
2011-01-02 19:45:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-01-02 19:41:24 ----SHD---- C:\System Volume Information
2011-01-02 19:14:44 ----A---- C:\WINDOWS\OEWABLog.txt
2011-01-02 19:14:38 ----A---- C:\WINDOWS\ODBCINST.INI
2011-01-02 19:14:23 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-01-02 19:14:20 ----D---- C:\WINDOWS\system32\ias
2011-01-02 19:13:58 ----RD---- C:\WINDOWS\Web
2011-01-02 19:13:49 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-01-02 19:13:38 ----A---- C:\WINDOWS\win.ini
2011-01-02 19:02:53 ----A---- C:\WINDOWS\system.ini
2011-01-02 19:02:38 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-01-02 12:13:47 ----D---- C:\UCTO2009
2011-01-02 11:58:10 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-02 11:49:53 ----D---- C:\Program Files\Common Files
2011-01-01 14:11:31 ----D---- C:\Documents and Settings\tamara\Data aplikací\Adobe
2011-01-01 14:11:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-01 11:06:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-01-01 11:04:41 ----D---- C:\Program Files\DivX
2010-12-26 08:58:26 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-26 08:58:26 ----A---- C:\WINDOWS\disney.ini
2010-12-26 08:57:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-12-26 08:57:25 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-12-25 21:49:12 ----A---- C:\WINDOWS\MDVDP.Ini
2010-12-25 13:10:51 ----D---- C:\Program Files\rajce
2010-12-25 12:26:36 ----D---- C:\Program Files\The Virtual Forbidden City
2010-12-25 12:17:24 ----A---- C:\WINDOWS\galaxy.ini
2010-12-16 17:39:19 ----A---- C:\WINDOWS\system32\MRT.exe
2010-12-13 20:55:11 ----D---- C:\Program Files\TVPlayerClassic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-24 27408]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-09-13 11136]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-24 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-24 48560]
R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-05-15 37040]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-05-15 38576]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-24 94160]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-24 23120]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-11-01 36864]
R3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2007-05-21 1180672]
R3 AVerEth;AVerMedia Ethernet Adapter for MPE Service; C:\WINDOWS\system32\DRIVERS\AVerEth.sys [2007-04-02 19584]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-01 4620288]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-16 6853088]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-09-13 10752]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-05-15 118576]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 FreshIO;FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE31bus.sys [2006-11-10 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE31mdfl.sys [2006-11-10 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE31mdm.sys [2006-11-10 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE31mgmt.sys [2006-11-10 88688]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE31obex.sys [2006-11-10 86560]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-22 611664]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-09-13 258560]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-05-15 1550896]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-16 155716]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
S2 gupdate1c9a41fe3a632d2;Google Update Service (gupdate1c9a41fe3a632d2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-13 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-31 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-02 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Blokování odkazů...

Napsal: 07 led 2011 21:49
od Rudy
Pochopila jste správně. :) Je tam minimálně AdWare. Udělejte sken ComboFix a dejte log:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: Blokování odkazů...

Napsal: 07 led 2011 22:34
od Tamara.Me
před restartováním tam skočilo na chvilku okno a bylo tam něco jako "inicializace knihovny DLL (nevím přesně jaké) se nezdařila protože stránka (nebo windows)se vypíná..." jinak mi to smazalo program účto2010 (předchozí roky to tam nechalo), naštěstí tam nebyla ještě data.

ComboFix 11-01-07.01 - tamara 07.01.2011 22:14:11.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.617 [GMT 1:00]
Spuštěný z: c:\downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 110107-0] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\tamara\Data aplikací\PriceGong
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\tamara\Data aplikací\PriceGong\Data\z.xml
C:\UCTO2010
c:\ucto2010\{DATA}\ADRESY.000
c:\ucto2010\{DATA}\ADRESY.T00
c:\ucto2010\{DATA}\ADRESY.X00
c:\ucto2010\{DATA}\ARCHIVD.001
c:\ucto2010\{DATA}\ARCHIVD.T01
c:\ucto2010\{DATA}\ARCHIVM.004
c:\ucto2010\{DATA}\ARCHIVM.T04
c:\ucto2010\{DATA}\BANKA1.008
c:\ucto2010\{DATA}\CEST_VH.006
c:\ucto2010\{DATA}\CEST_VH.T06
c:\ucto2010\{DATA}\CEST_VH.X06
c:\ucto2010\{DATA}\CISABS.004
c:\ucto2010\{DATA}\CISABS.X04
c:\ucto2010\{DATA}\CISDOKL.001
c:\ucto2010\{DATA}\CISDRUH.001
c:\ucto2010\{DATA}\CISDRUH.X01
c:\ucto2010\{DATA}\CISPOH.001
c:\ucto2010\{DATA}\CISPOL.006
c:\ucto2010\{DATA}\CISPOZN.000
c:\ucto2010\{DATA}\CISPOZN.T00
c:\ucto2010\{DATA}\CIST.000
c:\ucto2010\{DATA}\CISTEXT.001
c:\ucto2010\{DATA}\CISTXT.006
c:\ucto2010\{DATA}\CISVYKON.001
c:\ucto2010\{DATA}\DAP15.003
c:\ucto2010\{DATA}\DAP15.T03
c:\ucto2010\{DATA}\DAP16.003
c:\ucto2010\{DATA}\DAP16.T03
c:\ucto2010\{DATA}\DENIK.001
c:\ucto2010\{DATA}\DENIK.T01
c:\ucto2010\{DATA}\DETI15.003
c:\ucto2010\{DATA}\DETI15.X03
c:\ucto2010\{DATA}\DETI16.003
c:\ucto2010\{DATA}\DETI16.X03
c:\ucto2010\{DATA}\DODL_VH.006
c:\ucto2010\{DATA}\DODL_VH.T06
c:\ucto2010\{DATA}\DODL_VH.X06
c:\ucto2010\{DATA}\DOVROK.004
c:\ucto2010\{DATA}\DROBMAJ.009
c:\ucto2010\{DATA}\DROBMAJ.T09
c:\ucto2010\{DATA}\EDIT.000
c:\ucto2010\{DATA}\EDITTAB.000
c:\ucto2010\{DATA}\EDITTAB.T00
c:\ucto2010\{DATA}\FAKT_FH.006
c:\ucto2010\{DATA}\FAKT_FH.T06
c:\ucto2010\{DATA}\FAKT_FH.X06
c:\ucto2010\{DATA}\FAKT_FP.006
c:\ucto2010\{DATA}\FAKT_FS.006
c:\ucto2010\{DATA}\FAKT_VH.006
c:\ucto2010\{DATA}\FAKT_VH.T06
c:\ucto2010\{DATA}\FAKT_VH.X06
c:\ucto2010\{DATA}\FAKT_VO.006
c:\ucto2010\{DATA}\FAKT_VP.006
c:\ucto2010\{DATA}\FAKT_VS.006
c:\ucto2010\{DATA}\KATEG.004
c:\ucto2010\{DATA}\MZDY.004
c:\ucto2010\{DATA}\MZDY.T04
c:\ucto2010\{DATA}\OBJE_VH.006
c:\ucto2010\{DATA}\OBJE_VH.T06
c:\ucto2010\{DATA}\OBJE_VH.X06
c:\ucto2010\{DATA}\OBJE_VP.006
c:\ucto2010\{DATA}\OBJE_VS.006
c:\ucto2010\{DATA}\ODPISY.009
c:\ucto2010\{DATA}\ODPISY.X09
c:\ucto2010\{DATA}\OSSZ08.003
c:\ucto2010\{DATA}\PAR01A2.001
c:\ucto2010\{DATA}\PAR01A4.001
c:\ucto2010\{DATA}\PAR02A2.002
c:\ucto2010\{DATA}\PAR02A4.002
c:\ucto2010\{DATA}\PAR03A4.003
c:\ucto2010\{DATA}\PAR04A2.004
c:\ucto2010\{DATA}\PAR05A4.005
c:\ucto2010\{DATA}\PAR06A4.006
c:\ucto2010\{DATA}\PAR08A2.008
c:\ucto2010\{DATA}\PAR08A4.008
c:\ucto2010\{DATA}\PAR09A2.009
c:\ucto2010\{DATA}\PAR09A2.T09
c:\ucto2010\{DATA}\PAR09A4.009
c:\ucto2010\{DATA}\PARAM2.000
c:\ucto2010\{DATA}\PARAM2.T00
c:\ucto2010\{DATA}\PARAM4.000
c:\ucto2010\{DATA}\PARAM4.T00
c:\ucto2010\{DATA}\PARZAS.001
c:\ucto2010\{DATA}\POHLZAV.001
c:\ucto2010\{DATA}\POHLZAV.T01
c:\ucto2010\{DATA}\POJIST.004
c:\ucto2010\{DATA}\PRACOV.004
c:\ucto2010\{DATA}\PRACOV.T04
c:\ucto2010\{DATA}\PRACSML.004
c:\ucto2010\{DATA}\PRACSML.T04
c:\ucto2010\{DATA}\SHIFTF3.000
c:\ucto2010\{DATA}\STATY.000
c:\ucto2010\{DATA}\TRIDY.004
c:\ucto2010\{DATA}\TYPDOKL.001
c:\ucto2010\{DATA}\UKOLY.000
c:\ucto2010\{DATA}\UKOLY.T00
c:\ucto2010\{DATA}\UPR15.003
c:\ucto2010\{DATA}\UPR15.X03
c:\ucto2010\{DATA}\UZAV.001
c:\ucto2010\{DATA}\VYRIZUJE.002
c:\ucto2010\{DATA}\VZP08.003
c:\ucto2010\{DATA}\ZAOKFA.006
c:\ucto2010\{DATA}\ZP.009
c:\ucto2010\{DATA}\ZP.T09
c:\ucto2010\{DATA}\ZURNALD.001
c:\ucto2010\{GLOB}\ADRWEB.000
c:\ucto2010\{GLOB}\BANKY.000
c:\ucto2010\{GLOB}\BANKYHB.008
c:\ucto2010\{GLOB}\CISOKR.097
c:\ucto2010\{GLOB}\DATA.000
c:\ucto2010\{GLOB}\DATA.X00
c:\ucto2010\{GLOB}\EXPDEKLA.099
c:\ucto2010\{GLOB}\EXPDEKLA.T99
c:\ucto2010\{GLOB}\FAQ.000
c:\ucto2010\{GLOB}\FORMS.099
c:\ucto2010\{GLOB}\FORMS.T99
c:\ucto2010\{GLOB}\KODPOJ.004
c:\ucto2010\{GLOB}\MODULY.000
c:\ucto2010\{GLOB}\NAHRNEM.004
c:\ucto2010\{GLOB}\NEZDAN.000
c:\ucto2010\{GLOB}\NEZDAN.X00
c:\ucto2010\{GLOB}\OKRESY.000
c:\ucto2010\{GLOB}\PARAM1.000
c:\ucto2010\{GLOB}\PLATIDLA.004
c:\ucto2010\{GLOB}\POSTY.000
c:\ucto2010\{GLOB}\REPORT.099
c:\ucto2010\{GLOB}\REPORT.T99
c:\ucto2010\{GLOB}\REPORT.X99
c:\ucto2010\{GLOB}\SAZDPH.000
c:\ucto2010\{GLOB}\SAZDPH.X00
c:\ucto2010\{GLOB}\SAZDZP.000
c:\ucto2010\{GLOB}\SAZDZP.X00
c:\ucto2010\{GLOB}\SAZDZPM.004
c:\ucto2010\{GLOB}\SAZODP.009
c:\ucto2010\{GLOB}\SLOVNIK.006
c:\ucto2010\{GLOB}\ZALDZP.004
c:\ucto2010\{GLOB}\ZDRSOC.004
c:\ucto2010\{GLOB}\ZUJ.097
c:\ucto2010\{INFO}\ADRZPRAV.000
c:\ucto2010\{INFO}\ADRZPRAV.T00
c:\ucto2010\{INFO}\INFOAUTO.000
c:\ucto2010\{INFO}\INFOPROB.000
c:\ucto2010\{INFO}\INFOPROB.T00
c:\ucto2010\{INFO}\INFOTEMA.000
c:\ucto2010\{INFO}\KONFEREN.000
c:\ucto2010\{INFO}\KONFEREN.T00
c:\ucto2010\{INFO}\PGMKOD.000
c:\ucto2010\{INFO}\PROGRAMY.000
c:\ucto2010\{INFO}\PROGRAMY.T00
c:\ucto2010\{INFO}\SLUZKOD.000
c:\ucto2010\{NOVA}\ADRESY.000
c:\ucto2010\{NOVA}\ADRESY.T00
c:\ucto2010\{NOVA}\CISABS.004
c:\ucto2010\{NOVA}\CISDOKL.001
c:\ucto2010\{NOVA}\CISDRUH.001
c:\ucto2010\{NOVA}\CISPOH.001
c:\ucto2010\{NOVA}\CISPOZN.000
c:\ucto2010\{NOVA}\CISPOZN.T00
c:\ucto2010\{NOVA}\CIST.000
c:\ucto2010\{NOVA}\CISTXT.006
c:\ucto2010\{NOVA}\CISVYKON.001
c:\ucto2010\{NOVA}\KATEG.004
c:\ucto2010\{NOVA}\PARAM2.000
c:\ucto2010\{NOVA}\PARAM2.T00
c:\ucto2010\{NOVA}\PRACSML.004
c:\ucto2010\{NOVA}\PRACSML.T04
c:\ucto2010\{NOVA}\TRIDY.004
c:\ucto2010\{NOVA}\TYPDOKL.001
c:\ucto2010\{NOVA}\UKOLY.000
c:\ucto2010\{NOVA}\UKOLY.T00
c:\ucto2010\{NOVA}\UZAV.001
c:\ucto2010\{NOVA}\ZAOKFA.006
c:\ucto2010\{OBNV}.BAT
c:\ucto2010\{OBNV}\BANKYHB.008
c:\ucto2010\{OBNV}\KODPOJ.004
c:\ucto2010\{OBNV}\MODULY.000
c:\ucto2010\{OBNV}\NAHRNEM.004
c:\ucto2010\{OBNV}\NEZDAN.000
c:\ucto2010\{OBNV}\PLATIDLA.004
c:\ucto2010\{OBNV}\SAZDPH.000
c:\ucto2010\{OBNV}\SAZDZP.000
c:\ucto2010\{OBNV}\SAZDZPM.004
c:\ucto2010\{OBNV}\SAZODP.009
c:\ucto2010\{OBNV}\SLOVNIK.006
c:\ucto2010\{OBNV}\UCTO2010.CAT
c:\ucto2010\{OBNV}\UCTOOL.EX
c:\ucto2010\{OBNV}\UTISK04.EX
c:\ucto2010\{OBNV}\ZALDZP.004
c:\ucto2010\{OBNV}\ZDRSOC.004
c:\ucto2010\{PDF1}\DAVKYK2.PDF
c:\ucto2010\{PDF1}\DAVKYK3.PDF
c:\ucto2010\{PDF1}\DAVKYP2.PDF
c:\ucto2010\{PDF1}\DAVKYP3.PDF
c:\ucto2010\{PDF1}\DPH15.PDF
c:\ucto2010\{PDF1}\DPH15P.PDF
c:\ucto2010\{PDF1}\DPH16.PDF
c:\ucto2010\{PDF1}\DPH16P.PDF
c:\ucto2010\{PDF1}\DZP.PDF
c:\ucto2010\{PDF1}\DZP_1.PDF
c:\ucto2010\{PDF1}\DZP_2.PDF
c:\ucto2010\{PDF1}\DZP_3.PDF
c:\ucto2010\{PDF1}\DZP_7.PDF
c:\ucto2010\{PDF1}\DZPP.PDF
c:\ucto2010\{PDF1}\ELDP09B.PDF
c:\ucto2010\{PDF1}\ELDP09F.PDF
c:\ucto2010\{PDF1}\ELDP09K.PDF
c:\ucto2010\{PDF1}\ELDP09M.PDF
c:\ucto2010\{PDF1}\ELDP09P.PDF
c:\ucto2010\{PDF1}\ELDPF.PDF
c:\ucto2010\{PDF1}\ELDPK.PDF
c:\ucto2010\{PDF1}\ELDPM.PDF
c:\ucto2010\{PDF1}\ELDPP.PDF
c:\ucto2010\{PDF1}\HROMOZN.PDF
c:\ucto2010\{PDF1}\HROMOZNP.PDF
c:\ucto2010\{PDF1}\CHYBCAST.PDF
c:\ucto2010\{PDF1}\NEMOC.PDF
c:\ucto2010\{PDF1}\NEMOCP.PDF
c:\ucto2010\{PDF1}\ODCITPOL.PDF
c:\ucto2010\{PDF1}\ONZ.PDF
c:\ucto2010\{PDF1}\ONZK.PDF
c:\ucto2010\{PDF1}\ONZP.PDF
c:\ucto2010\{PDF1}\OSSZ.PDF
c:\ucto2010\{PDF1}\OSSZK.PDF
c:\ucto2010\{PDF1}\OSSZP.PDF
c:\ucto2010\{PDF1}\POCZAM.PDF
c:\ucto2010\{PDF1}\POJZAM.PDF
c:\ucto2010\{PDF1}\SILDAN.PDF
c:\ucto2010\{PDF1}\SILDANPO.PDF
c:\ucto2010\{PDF1}\SILDANPR.PDF
c:\ucto2010\{PDF1}\SOUHLAS.PDF
c:\ucto2010\{PDF1}\SOUHLASP.PDF
c:\ucto2010\{PDF1}\VYUCT.PDF
c:\ucto2010\{PDF1}\VYUCTP.PDF
c:\ucto2010\{PDF1}\VYUCTSRP.PDF
c:\ucto2010\{PDF1}\VYUCTSRZ.PDF
c:\ucto2010\{PDF1}\VZP.PDF
c:\ucto2010\{PDF1}\VZPP.PDF
c:\ucto2010\{PDF2}\DLBL.PDF
c:\ucto2010\{PDF2}\DLBL2.PDF
c:\ucto2010\{PDF2}\DLBW.PDF
c:\ucto2010\{PDF2}\DLBW2.PDF
c:\ucto2010\{PDF2}\DLGR.PDF
c:\ucto2010\{PDF2}\DLGR2.PDF
c:\ucto2010\{PDF2}\FABL.PDF
c:\ucto2010\{PDF2}\FABL2.PDF
c:\ucto2010\{PDF2}\FABW.PDF
c:\ucto2010\{PDF2}\FABW2.PDF
c:\ucto2010\{PDF2}\FAGR.PDF
c:\ucto2010\{PDF2}\FAGR2.PDF
c:\ucto2010\{PDF2}\OBBL.PDF
c:\ucto2010\{PDF2}\OBBL2.PDF
c:\ucto2010\{PDF2}\OBBW.PDF
c:\ucto2010\{PDF2}\OBBW2.PDF
c:\ucto2010\{PDF2}\OBGR.PDF
c:\ucto2010\{PDF2}\OBGR2.PDF
c:\ucto2010\{PDF3}\DAVKYK2X.DEF
c:\ucto2010\{PDF3}\DAVKYK2X.PDF
c:\ucto2010\{PDF3}\DAVKYK3X.DEF
c:\ucto2010\{PDF3}\DAVKYK3X.PDF
c:\ucto2010\{PDF3}\DPH15X.DEF
c:\ucto2010\{PDF3}\DPH15X.PDF
c:\ucto2010\{PDF3}\DPH16X.DEF
c:\ucto2010\{PDF3}\DPH16X.PDF
c:\ucto2010\{PDF3}\DZP_1X.DEF
c:\ucto2010\{PDF3}\DZP_1X.PDF
c:\ucto2010\{PDF3}\DZP_2X.DEF
c:\ucto2010\{PDF3}\DZP_2X.PDF
c:\ucto2010\{PDF3}\DZP_3X.DEF
c:\ucto2010\{PDF3}\DZP_3X.PDF
c:\ucto2010\{PDF3}\DZPX.DEF
c:\ucto2010\{PDF3}\DZPX.PDF
c:\ucto2010\{PDF3}\HROMOZNX.DEF
c:\ucto2010\{PDF3}\HROMOZNX.PDF
c:\ucto2010\{PDF3}\CHYBCASX.DEF
c:\ucto2010\{PDF3}\CHYBCASX.PDF
c:\ucto2010\{PDF3}\NEMOCX.DEF
c:\ucto2010\{PDF3}\NEMOCX.PDF
c:\ucto2010\{PDF3}\OSSZKX.DEF
c:\ucto2010\{PDF3}\OSSZKX.PDF
c:\ucto2010\{PDF3}\OSSZX.DEF
c:\ucto2010\{PDF3}\OSSZX.PDF
c:\ucto2010\{PDF3}\POCZAMX.DEF
c:\ucto2010\{PDF3}\POCZAMX.PDF
c:\ucto2010\{PDF3}\POJZAMX.DEF
c:\ucto2010\{PDF3}\POJZAMX.PDF
c:\ucto2010\{PDF3}\SILDANPX.DEF
c:\ucto2010\{PDF3}\SILDANPX.PDF
c:\ucto2010\{PDF3}\SILDANX.DEF
c:\ucto2010\{PDF3}\SILDANX.PDF
c:\ucto2010\{PDF3}\SOUHLASX.DEF
c:\ucto2010\{PDF3}\SOUHLASX.PDF
c:\ucto2010\{PDF3}\VYUCTSRX.DEF
c:\ucto2010\{PDF3}\VYUCTSRX.PDF
c:\ucto2010\{PDF3}\VYUCTX.DEF
c:\ucto2010\{PDF3}\VYUCTX.PDF
c:\ucto2010\{PDF3}\VZPX.DEF
c:\ucto2010\{PDF3}\VZPX.PDF
c:\ucto2010\{PRIK}\ABSENCE.004
c:\ucto2010\{PRIK}\ADRESY.000
c:\ucto2010\{PRIK}\ADRESY.T00
c:\ucto2010\{PRIK}\ADRSPEC.000
c:\ucto2010\{PRIK}\ADRSPEC.T00
c:\ucto2010\{PRIK}\ARCHIVM.004
c:\ucto2010\{PRIK}\ARCHIVM.T04
c:\ucto2010\{PRIK}\AUTA.005
c:\ucto2010\{PRIK}\AUTA.T05
c:\ucto2010\{PRIK}\BANKA1.008
c:\ucto2010\{PRIK}\CE_AUTA.006
c:\ucto2010\{PRIK}\CE_AUTA.T06
c:\ucto2010\{PRIK}\CE_TRASY.006
c:\ucto2010\{PRIK}\CEST_FH.006
c:\ucto2010\{PRIK}\CEST_FH.T06
c:\ucto2010\{PRIK}\CEST_FP.006
c:\ucto2010\{PRIK}\CEST_FS.006
c:\ucto2010\{PRIK}\CEST_VH.006
c:\ucto2010\{PRIK}\CEST_VH.T06
c:\ucto2010\{PRIK}\CEST_VP.006
c:\ucto2010\{PRIK}\CEST_VS.006
c:\ucto2010\{PRIK}\CISABS.004
c:\ucto2010\{PRIK}\CISCEST.005
c:\ucto2010\{PRIK}\CISDOKL.001
c:\ucto2010\{PRIK}\CISDRUH.001
c:\ucto2010\{PRIK}\CISPOH.001
c:\ucto2010\{PRIK}\CISPOL.006
c:\ucto2010\{PRIK}\CISPOZN.000
c:\ucto2010\{PRIK}\CISPOZN.T00
c:\ucto2010\{PRIK}\CIST.000
c:\ucto2010\{PRIK}\CISTEXT.001
c:\ucto2010\{PRIK}\CISTXT.006
c:\ucto2010\{PRIK}\CISUCEL.005
c:\ucto2010\{PRIK}\CISUKOL.004
c:\ucto2010\{PRIK}\CISVYKON.001
c:\ucto2010\{PRIK}\DAP15.003
c:\ucto2010\{PRIK}\DAP15.T03
c:\ucto2010\{PRIK}\DAP16.003
c:\ucto2010\{PRIK}\DAP16.T03
c:\ucto2010\{PRIK}\DENIK.001
c:\ucto2010\{PRIK}\DENIK.T01
c:\ucto2010\{PRIK}\DETI.004
c:\ucto2010\{PRIK}\DETI15.003
c:\ucto2010\{PRIK}\DETI16.003
c:\ucto2010\{PRIK}\DODL_AH.006
c:\ucto2010\{PRIK}\DODL_AH.T06
c:\ucto2010\{PRIK}\DODL_AP.006
c:\ucto2010\{PRIK}\DODL_AS.006
c:\ucto2010\{PRIK}\DODL_FH.006
c:\ucto2010\{PRIK}\DODL_FH.T06
c:\ucto2010\{PRIK}\DODL_FP.006
c:\ucto2010\{PRIK}\DODL_FS.006
c:\ucto2010\{PRIK}\DODL_VH.006
c:\ucto2010\{PRIK}\DODL_VH.T06
c:\ucto2010\{PRIK}\DODL_VP.006
c:\ucto2010\{PRIK}\DODL_VS.006
c:\ucto2010\{PRIK}\DOPISY.002
c:\ucto2010\{PRIK}\DOPISY.T02
c:\ucto2010\{PRIK}\DOPISYMM.002
c:\ucto2010\{PRIK}\DOPISYMM.T02
c:\ucto2010\{PRIK}\DOVROK.004
c:\ucto2010\{PRIK}\DROBMAJ.009
c:\ucto2010\{PRIK}\DROBMAJ.T09
c:\ucto2010\{PRIK}\EDIT.000
c:\ucto2010\{PRIK}\EDITPAR.000
c:\ucto2010\{PRIK}\EDITTAB.000
c:\ucto2010\{PRIK}\EDITTAB.T00
c:\ucto2010\{PRIK}\FAKT_AH.006
c:\ucto2010\{PRIK}\FAKT_AH.T06
c:\ucto2010\{PRIK}\FAKT_AP.006
c:\ucto2010\{PRIK}\FAKT_AS.006
c:\ucto2010\{PRIK}\FAKT_FH.006
c:\ucto2010\{PRIK}\FAKT_FH.T06
c:\ucto2010\{PRIK}\FAKT_FP.006
c:\ucto2010\{PRIK}\FAKT_FS.006
c:\ucto2010\{PRIK}\FAKT_VH.006
c:\ucto2010\{PRIK}\FAKT_VH.T06
c:\ucto2010\{PRIK}\FAKT_VP.006
c:\ucto2010\{PRIK}\FAKT_VS.006
c:\ucto2010\{PRIK}\FINANCE.001
c:\ucto2010\{PRIK}\FINANCE.T01
c:\ucto2010\{PRIK}\JIZDY.005
c:\ucto2010\{PRIK}\JIZDY.T05
c:\ucto2010\{PRIK}\KATEG.004
c:\ucto2010\{PRIK}\MAT_HP.007
c:\ucto2010\{PRIK}\MAT_PP.007
c:\ucto2010\{PRIK}\MATERIAL.001
c:\ucto2010\{PRIK}\MATERIAL.T01
c:\ucto2010\{PRIK}\MZDY.004
c:\ucto2010\{PRIK}\MZDY.T04
c:\ucto2010\{PRIK}\OBJE_FH.006
c:\ucto2010\{PRIK}\OBJE_FH.T06
c:\ucto2010\{PRIK}\OBJE_FP.006
c:\ucto2010\{PRIK}\OBJE_FS.006
c:\ucto2010\{PRIK}\OBJE_VH.006
c:\ucto2010\{PRIK}\OBJE_VH.T06
c:\ucto2010\{PRIK}\OBJE_VP.006
c:\ucto2010\{PRIK}\OBJE_VS.006
c:\ucto2010\{PRIK}\ODPISY.009
c:\ucto2010\{PRIK}\ODVODYM.004
c:\ucto2010\{PRIK}\OSSZ08.003
c:\ucto2010\{PRIK}\OST15.003
c:\ucto2010\{PRIK}\OST16.003
c:\ucto2010\{PRIK}\PARAM2.000
c:\ucto2010\{PRIK}\PARAM2.T00
c:\ucto2010\{PRIK}\PARHB.008
c:\ucto2010\{PRIK}\PARZAS.001
c:\ucto2010\{PRIK}\PHM.005
c:\ucto2010\{PRIK}\PLATBY.001
c:\ucto2010\{PRIK}\PLATBY.T01
c:\ucto2010\{PRIK}\POHLZAV.001
c:\ucto2010\{PRIK}\POHLZAV.T01
c:\ucto2010\{PRIK}\POHYBM.001
c:\ucto2010\{PRIK}\POHYBV.001
c:\ucto2010\{PRIK}\POHYBZ.001
c:\ucto2010\{PRIK}\POJIST.004
c:\ucto2010\{PRIK}\POSTA.002
c:\ucto2010\{PRIK}\POSTA.T02
c:\ucto2010\{PRIK}\PRACOV.004
c:\ucto2010\{PRIK}\PRACOV.T04
c:\ucto2010\{PRIK}\PRACSML.004
c:\ucto2010\{PRIK}\PRACSML.T04
c:\ucto2010\{PRIK}\PRAVJIZD.005
c:\ucto2010\{PRIK}\PRAVJIZD.T05
c:\ucto2010\{PRIK}\PRIKH.008
c:\ucto2010\{PRIK}\PRIKP.008
c:\ucto2010\{PRIK}\SCIT_H.099
c:\ucto2010\{PRIK}\SCIT_H.T99
c:\ucto2010\{PRIK}\SCIT_P.099
c:\ucto2010\{PRIK}\SHIFTF3.000
c:\ucto2010\{PRIK}\SIL.005
c:\ucto2010\{PRIK}\SIL.T05
c:\ucto2010\{PRIK}\SILDAN.005
c:\ucto2010\{PRIK}\SILVOZ.005
c:\ucto2010\{PRIK}\SRAZKY.004
c:\ucto2010\{PRIK}\SRAZKY.T04
c:\ucto2010\{PRIK}\STATY.000
c:\ucto2010\{PRIK}\STRAV.004
c:\ucto2010\{PRIK}\TECHZHOD.009
c:\ucto2010\{PRIK}\TEXTY.002
c:\ucto2010\{PRIK}\TEXTY.T02
c:\ucto2010\{PRIK}\TRIDY.004
c:\ucto2010\{PRIK}\TYPDOKL.001
c:\ucto2010\{PRIK}\UCTY.000
c:\ucto2010\{PRIK}\UKOL.004
c:\ucto2010\{PRIK}\UKOLY.000
c:\ucto2010\{PRIK}\UKOLY.T00
c:\ucto2010\{PRIK}\UPR15.003
c:\ucto2010\{PRIK}\UPR16.003
c:\ucto2010\{PRIK}\UZAV.001
c:\ucto2010\{PRIK}\VYKMAZA.UUU
c:\ucto2010\{PRIK}\VYR_HP.007
c:\ucto2010\{PRIK}\VYR_HV.007
c:\ucto2010\{PRIK}\VYR_PP.007
c:\ucto2010\{PRIK}\VYR_PV.007
c:\ucto2010\{PRIK}\VYRIZUJE.002
c:\ucto2010\{PRIK}\VYROBA.001
c:\ucto2010\{PRIK}\VYROBKY.001
c:\ucto2010\{PRIK}\VYROBKY.T01
c:\ucto2010\{PRIK}\VYUCSRAZ.097
c:\ucto2010\{PRIK}\VYUCZAL.097
c:\ucto2010\{PRIK}\VZP08.003
c:\ucto2010\{PRIK}\ZAL_H.099
c:\ucto2010\{PRIK}\ZAL_H.T99
c:\ucto2010\{PRIK}\ZAOKFA.006
c:\ucto2010\{PRIK}\ZBO_HP.007
c:\ucto2010\{PRIK}\ZBO_HV.007
c:\ucto2010\{PRIK}\ZBO_PP.007
c:\ucto2010\{PRIK}\ZBO_PV.007
c:\ucto2010\{PRIK}\ZBOZI.001
c:\ucto2010\{PRIK}\ZBOZI.T01
c:\ucto2010\{PRIK}\ZP.009
c:\ucto2010\{PRIK}\ZP.T09
c:\ucto2010\{SLOZ}\BALIK_O.HTM
c:\ucto2010\{SLOZ}\BALIK_O.JS
c:\ucto2010\{SLOZ}\BALIK_P.HTM
c:\ucto2010\{SLOZ}\BALIK_P.JS
c:\ucto2010\{SLOZ}\SLOZ_A.HTM
c:\ucto2010\{SLOZ}\SLOZ_A.JS
c:\ucto2010\{SLOZ}\SLOZ_C.HTM
c:\ucto2010\{SLOZ}\SLOZ_C.JS
c:\ucto2010\{STAN}\DANZAT.004
c:\ucto2010\{STAN}\KALEXEK.099
c:\ucto2010\{STAN}\KALSZM06.099
c:\ucto2010\{STAN}\KASA.099
c:\ucto2010\{STAN}\LEAS.099
c:\ucto2010\{STAN}\LEAS.T99
c:\ucto2010\{STAN}\PAR01A3.001
c:\ucto2010\{STAN}\PAR06A3.006
c:\ucto2010\{STAN}\PARAM3.000
c:\ucto2010\{STAN}\PARAM3.T00
c:\ucto2010\{STAN}\PATHS.000
c:\ucto2010\{STAN}\PATHS.X00
c:\ucto2010\{STAN}\PGM.000
c:\ucto2010\{STAN}\SCITAC.099
c:\ucto2010\{STAN}\STAT.000
c:\ucto2010\{STAN}\TELSEZN.099
c:\ucto2010\{STAN}\VEDKALK.099
c:\ucto2010\{TISK}\CALLER.EXE
c:\ucto2010\{TISK}\CMDIALOG.VBX
c:\ucto2010\{TISK}\DISKSIZW.EXE
c:\ucto2010\{TISK}\DISKY.EXE
c:\ucto2010\{TISK}\ELPODPIS.EXE
c:\ucto2010\{TISK}\FAND2PDF.EXE
c:\ucto2010\{TISK}\FANDCLIP.EXE
c:\ucto2010\{TISK}\IEUCTO.EXE
c:\ucto2010\{TISK}\MSINET.OCX
c:\ucto2010\{TISK}\MSMAPI32.OCX
c:\ucto2010\{TISK}\MSVBVM60.DLL
c:\ucto2010\{TISK}\PDFTISK1.EXE
c:\ucto2010\{TISK}\PDFTISK2.EXE
c:\ucto2010\{TISK}\PDFTISK3.EXE
c:\ucto2010\{TISK}\REGISTER.EXE
c:\ucto2010\{TISK}\SETUPCP.EXE
c:\ucto2010\{TISK}\SIFRCSSZ.CER
c:\ucto2010\{TISK}\UCTOFONT.FON
c:\ucto2010\{TISK}\UCTOFT98.EXE
c:\ucto2010\{TISK}\UCTOFTP.EXE
c:\ucto2010\{TISK}\UCTOGRAF.EXE
c:\ucto2010\{TISK}\UCTOGRAF.INI
c:\ucto2010\{TISK}\UCTOLNK.EXE
c:\ucto2010\{TISK}\UCTOLNK.UUU
c:\ucto2010\{TISK}\UCTOLNK.W7
c:\ucto2010\{TISK}\UCTOLNK.WV
c:\ucto2010\{TISK}\UCTOLNK.WXP
c:\ucto2010\{TISK}\UCTOOL.EXE
c:\ucto2010\{TISK}\UEMAIL.EXE
c:\ucto2010\{TISK}\UEMAIL06.EXE
c:\ucto2010\{TISK}\UTISK01.EXE
c:\ucto2010\{TISK}\UTISK04.EXE
c:\ucto2010\{TISK}\UTISK98.EXE
c:\ucto2010\{TISK}\UTISK98.INI
c:\ucto2010\{TISK}\VBRUN300.DLL
c:\ucto2010\{TISK}\WINVERZE.EXE
c:\ucto2010\{UDOC}\CENIK.TXT
c:\ucto2010\{UDOC}\D2008.PDF
c:\ucto2010\{UDOC}\FAKTURA.TXT
c:\ucto2010\{UDOC}\INFO.TXT
c:\ucto2010\{UDOC}\LICENCE.TXT
c:\ucto2010\{UDOC}\OBJ.TXT
c:\ucto2010\{UDOC}\OBJZPR.TXT
c:\ucto2010\{UDOC}\ONAS.TXT
c:\ucto2010\{UDOC}\POUPG.TXT
c:\ucto2010\{UDOC}\PRIRUCKA.TXT
c:\ucto2010\{UDOC}\PRPRDOK.TXT
c:\ucto2010\{UDOC}\R2010.PDF
c:\ucto2010\{UDOC}\U2010.PDF
c:\ucto2010\{UDOC}\ZPROSTRE.TXT
c:\ucto2010\ÚČTO2010.W9X
c:\ucto2010\B&W.PAL
c:\ucto2010\BLUE.PAL
c:\ucto2010\BROWN.PAL
c:\ucto2010\CAT.BAT
c:\ucto2010\CISABS.UUU
c:\ucto2010\CISDRUH.UUU
c:\ucto2010\CISPOH.UUU
c:\ucto2010\CISSLOUP.000
c:\ucto2010\CONFIG.TXT
c:\ucto2010\DELFILE.EXE
c:\ucto2010\DISKSIZE.EXE
c:\ucto2010\DNY.000
c:\ucto2010\FAND.CFG
c:\ucto2010\FAND.RES
c:\ucto2010\FANDCFG.09
c:\ucto2010\FANDCFG.10
c:\ucto2010\FANDCFG.BAK
c:\ucto2010\FANDHTML.EXE
c:\ucto2010\FANDINST.EXE
c:\ucto2010\FANDT602.EXE
c:\ucto2010\FILESIZE.EXE
c:\ucto2010\FNDFILES.EXE
c:\ucto2010\HEAD602.UUU
c:\ucto2010\HELP.000
c:\ucto2010\HELP.T00
c:\ucto2010\HELP02.000
c:\ucto2010\HELP02.T00
c:\ucto2010\HELP03.000
c:\ucto2010\HELP03.T00
c:\ucto2010\HELP04.000
c:\ucto2010\HELP04.T00
c:\ucto2010\HELP05.000
c:\ucto2010\HELP05.T00
c:\ucto2010\HELP06.000
c:\ucto2010\HELP06.T00
c:\ucto2010\HELP08.000
c:\ucto2010\HELP08.T00
c:\ucto2010\HELP98.000
c:\ucto2010\HELP98.T00
c:\ucto2010\HELP99.000
c:\ucto2010\HELP99.T00
c:\ucto2010\IMPORT.PRO
c:\ucto2010\IMPORT.TRO
c:\ucto2010\INFOHLP.000
c:\ucto2010\INFOHLP.T00
c:\ucto2010\ISSHARE.EXE
c:\ucto2010\KALENDAR.000
c:\ucto2010\KALKDPH.000
c:\ucto2010\KALKPOJP.000
c:\ucto2010\KALKPOJZ.000
c:\ucto2010\KALKPRUM.000
c:\ucto2010\KALKPV08.000
c:\ucto2010\KALKTABD.000
c:\ucto2010\KATEG.UUU
c:\ucto2010\LASTAKT.TXT
c:\ucto2010\LCD1.PAL
c:\ucto2010\LCD2.PAL
c:\ucto2010\MAKEDIR.BAT
c:\ucto2010\MF5460-1.UUU
c:\ucto2010\MODUL01.PRO
c:\ucto2010\MODUL01.TRO
c:\ucto2010\MODUL02.PRO
c:\ucto2010\MODUL02.TRO
c:\ucto2010\MODUL03.PRO
c:\ucto2010\MODUL03.TRO
c:\ucto2010\MODUL04.PRO
c:\ucto2010\MODUL04.TRO
c:\ucto2010\MODUL05.PRO
c:\ucto2010\MODUL05.TRO
c:\ucto2010\MODUL06.PRO
c:\ucto2010\MODUL06.TRO
c:\ucto2010\MODUL07.PRO
c:\ucto2010\MODUL07.TRO
c:\ucto2010\MODUL08.PRO
c:\ucto2010\MODUL08.TRO
c:\ucto2010\MODUL09.PRO
c:\ucto2010\MODUL09.TRO
c:\ucto2010\MODUL97.PRO
c:\ucto2010\MODUL97.TRO
c:\ucto2010\MODUL98.PRO
c:\ucto2010\MODUL98.TRO
c:\ucto2010\MODUL99.PRO
c:\ucto2010\MODUL99.TRO
c:\ucto2010\MZDYPU.000
c:\ucto2010\NUMKB.EXE
c:\ucto2010\NUMKB3.EXE
c:\ucto2010\OPRAVY.UUU
c:\ucto2010\PGM.CAT
c:\ucto2010\PGM.RDB
c:\ucto2010\PGM.TTT
c:\ucto2010\RADKY.TXT
c:\ucto2010\RENFILES.BAT
c:\ucto2010\RO.EXE
c:\ucto2010\SEARCHX.EXE
c:\ucto2010\SEST01.PRO
c:\ucto2010\SEST01.TRO
c:\ucto2010\SEST02.PRO
c:\ucto2010\SEST02.TRO
c:\ucto2010\SEST03.PRO
c:\ucto2010\SEST03.TRO
c:\ucto2010\SEST04.PRO
c:\ucto2010\SEST04.TRO
c:\ucto2010\SEST05.PRO
c:\ucto2010\SEST05.TRO
c:\ucto2010\SEST06.PRO
c:\ucto2010\SEST06.TRO
c:\ucto2010\SEST07.PRO
c:\ucto2010\SEST07.TRO
c:\ucto2010\SEST08.PRO
c:\ucto2010\SEST08.TRO
c:\ucto2010\SEST09.PRO
c:\ucto2010\SEST09.TRO
c:\ucto2010\SESTAVY.CAT
c:\ucto2010\SESTAVY.RDB
c:\ucto2010\SESTAVY.TTT
c:\ucto2010\SETDATE.EXE
c:\ucto2010\SETFILES.EXE
c:\ucto2010\SEZNTISK.000
c:\ucto2010\SEZNTISK.T00
c:\ucto2010\SLOVY.000
c:\ucto2010\SPEC01.PRO
c:\ucto2010\SPEC01.TRO
c:\ucto2010\SPEC02.PRO
c:\ucto2010\SPEC02.TRO
c:\ucto2010\SPEC03.PRO
c:\ucto2010\SPEC03.TRO
c:\ucto2010\SPEC04.PRO
c:\ucto2010\SPEC04.TRO
c:\ucto2010\SPEC05.PRO
c:\ucto2010\SPEC05.TRO
c:\ucto2010\SPEC06.PRO
c:\ucto2010\SPEC06.TRO
c:\ucto2010\SPEC07.PRO
c:\ucto2010\SPEC07.TRO
c:\ucto2010\SUBDIR.EXE
c:\ucto2010\SUDLICH.EXE
c:\ucto2010\TIPY.000
c:\ucto2010\TIPY.T00
c:\ucto2010\TIPY.X00
c:\ucto2010\TTT.CAT
c:\ucto2010\TTT.RDB
c:\ucto2010\TTT.TTT
c:\ucto2010\TTTNEW.UUU
c:\ucto2010\TXTNARTF.EXE
c:\ucto2010\U.BAT
c:\ucto2010\UCTO.000
c:\ucto2010\UCTO.PAL
c:\ucto2010\UCTO2010.CAT
c:\ucto2010\UCTO2010.ICO
c:\ucto2010\UCTO2010.RDB
c:\ucto2010\UCTO2010.TTT
c:\ucto2010\UCTOINFO.PRO
c:\ucto2010\UCTOINFO.TRO
c:\ucto2010\UCTOTXT.UUU
c:\ucto2010\UFAND.EXE
c:\ucto2010\UFAND.OVR
c:\ucto2010\UFANDHLP.000
c:\ucto2010\UFANDHLP.T00
c:\ucto2010\UK.BAT
c:\ucto2010\UPG.PRO
c:\ucto2010\UPG.TRO
c:\ucto2010\UPG01.PRO
c:\ucto2010\UPG01.TRO
c:\ucto2010\UPG02.PRO
c:\ucto2010\UPG02.TRO
c:\ucto2010\UPG03.PRO
c:\ucto2010\UPG03.TRO
c:\ucto2010\UPG04.PRO
c:\ucto2010\UPG04.TRO
c:\ucto2010\UPG05.PRO
c:\ucto2010\UPG05.TRO
c:\ucto2010\UPG06.PRO
c:\ucto2010\UPG06.TRO
c:\ucto2010\UPG07.PRO
c:\ucto2010\UPG07.TRO
c:\ucto2010\UPG08.PRO
c:\ucto2010\UPG08.TRO
c:\ucto2010\UPG09.PRO
c:\ucto2010\UPG09.TRO
c:\ucto2010\UPG97.PRO
c:\ucto2010\UPG97.TRO
c:\ucto2010\UPG99.PRO
c:\ucto2010\UPG99.TRO
c:\ucto2010\UPGPAR.000
c:\ucto2010\VEDLCIN.UUU
c:\ucto2010\VERZE.UUU
c:\ucto2010\VYBERTXT.EXE
c:\ucto2010\VZORTISK.000
c:\ucto2010\ZASTUPCE.CAT
c:\ucto2010\ZASTUPCE.INI
c:\ucto2010\ZASTUPCE.RDB
c:\ucto2010\ZASTUPCE.TTT
c:\ucto2010\ZETROZET.PAL
c:\ucto2010\ZZZ.BAT

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-07 do 2011-01-07 )))))))))))))))))))))))))))))))
.

2011-01-07 20:35 . 2011-01-07 20:35 -------- d-----w- c:\program files\trend micro
2011-01-07 20:35 . 2011-01-07 20:35 -------- d-----w- C:\rsit
2011-01-06 19:35 . 2011-01-06 19:35 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-06 19:00 . 2011-01-06 19:35 -------- d-----w- c:\program files\Microsoft Silverlight
2011-01-06 18:34 . 2011-01-06 18:34 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\McAfee
2011-01-06 18:33 . 2011-01-06 18:33 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-01-06 18:04 . 2011-01-06 18:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2011-01-06 18:04 . 2011-01-06 18:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee Security Scan
2011-01-06 18:04 . 2011-01-06 18:34 -------- d-----w- c:\program files\McAfee Security Scan
2011-01-05 18:01 . 2011-01-05 18:30 -------- d-----w- c:\documents and settings\tamara\Local Settings\Data aplikací\uTorrentBar
2011-01-05 18:01 . 2011-01-05 18:30 -------- d-----w- c:\documents and settings\tamara\Local Settings\Data aplikací\Conduit
2011-01-05 18:01 . 2011-01-05 18:01 -------- d-----w- c:\program files\Conduit
2011-01-05 18:00 . 2011-01-05 18:00 -------- d-----w- c:\program files\uTorrent
2011-01-05 17:59 . 2011-01-07 21:24 -------- d-----w- c:\documents and settings\tamara\Data aplikací\uTorrent
2011-01-04 15:19 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-01-04 15:19 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-01-04 15:19 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-01-04 15:17 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-01-04 15:14 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-01-03 19:00 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-01-03 18:59 . 2010-11-06 00:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-01-03 18:59 . 2010-11-06 00:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-01-03 18:59 . 2010-11-06 00:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-01-03 18:36 . 2009-07-31 09:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2011-01-03 18:36 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2011-01-03 18:33 . 2008-04-14 07:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2011-01-03 18:23 . 2006-12-28 23:31 19569 ----a-w- c:\windows\003135_.tmp
2011-01-03 17:54 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-01-03 17:54 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-01-03 17:53 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-01-03 17:53 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-01-03 17:51 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-01-03 17:50 . 2010-08-26 13:39 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2011-01-03 17:50 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-01-03 17:50 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-01-03 17:45 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-01-03 17:44 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-01-03 17:44 . 2010-06-14 07:43 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-01-03 17:30 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-01-03 17:06 . 2010-11-06 00:23 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-01-03 17:06 . 2010-11-06 00:23 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-01-03 17:06 . 2010-11-06 00:23 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-01-03 17:06 . 2010-04-16 13:24 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2011-01-03 17:06 . 2009-02-06 20:07 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-01-03 17:06 . 2009-03-08 03:11 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-01-03 17:06 . 2010-11-06 00:23 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-01-03 17:06 . 2009-03-08 03:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2011-01-02 18:17 . 2006-03-02 12:00 79872 -c--a-w- c:\windows\system32\dllcache\rwia330.dll
2011-01-02 18:16 . 2006-03-02 12:00 10129408 -c--a-w- c:\windows\system32\dllcache\hwxkor.dll
2011-01-02 18:15 . 2001-10-24 11:24 45056 -c--a-w- c:\windows\system32\dllcache\EXCH_aqadmin.dll
2011-01-02 18:15 . 2001-10-24 11:24 5632 -c--a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll
2011-01-02 18:15 . 2003-04-14 19:48 16384 -c--a-w- c:\windows\system32\dllcache\tcptsat.dll
2011-01-02 18:15 . 2003-04-14 19:48 212992 -c--a-w- c:\windows\system32\dllcache\fpmmcsat.dll
2011-01-02 18:13 . 2006-03-02 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2011-01-02 18:13 . 2006-03-02 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2011-01-02 18:02 . 2006-03-02 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2011-01-02 18:02 . 2006-03-02 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-01-02 18:02 . 2006-03-02 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2011-01-02 18:02 . 2006-03-02 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-01-02 18:02 . 2006-03-02 12:00 14573 ----a-r- c:\windows\SET142.tmp
2011-01-02 18:02 . 2006-03-02 12:00 14043 ----a-r- c:\windows\SET117.tmp
2011-01-02 18:02 . 2006-03-02 12:00 1086058 ----a-r- c:\windows\SET10B.tmp
2011-01-02 18:02 . 2006-03-02 12:00 1014483 ----a-r- c:\windows\SET108.tmp
2011-01-02 10:40 . 2011-01-02 10:38 390144 ----a-w- c:\windows\system32\CF12391.exe
2010-12-27 18:12 . 2010-12-27 18:13 -------- d-----w- c:\program files\Micro DVD Player
2010-12-27 18:10 . 2010-12-27 18:10 -------- d-----w- C:\PPK_CD
2010-12-25 14:28 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-12-25 13:22 . 2010-12-25 13:22 -------- d-----w- c:\program files\Mplayer
2010-12-25 13:18 . 2010-12-25 13:18 -------- d-----w- c:\program files\Fox
2010-12-14 18:34 . 2011-01-04 17:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-12-14 18:34 . 2011-01-04 16:04 -------- d-----w- c:\program files\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-07 17:02 . 2008-07-21 11:28 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2011-01-02 16:44 . 2009-08-31 09:25 870275 ----a-w- c:\documents and settings\tamara\Data aplikací\mdbu.bin
2010-11-18 18:15 . 2008-07-21 09:29 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-11-06 00:23 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2006-03-02 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2006-03-02 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:09 . 2006-03-02 12:00 290048 ----a-w- c:\windows\system32\atmfd(2)(3).dll
2010-10-26 13:58 . 2006-03-02 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-26 13:58 . 2006-03-02 12:00 1853312 ----a-w- c:\windows\system32\win32k(2)(2).sys
2008-01-28 13:21 . 2008-12-25 08:12 1110590 ----a-w- c:\program files\FlashPlayer.exe
2008-01-27 18:53 . 2008-12-25 08:12 171520 ----a-w- c:\program files\main.dll
2008-01-27 18:53 . 2008-12-25 08:12 11776 ----a-w- c:\program files\proplay.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 09:32 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detection"="c:\program files\HappyFoto\HF Designer\dd.exe" [2010-10-15 550400]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-20 26192680]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-01-05 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2007-10-11 1826816]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-09-13 380928]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"EPSON Stylus D68 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" [2005-01-25 98304]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-11-19 274608]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-16 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-03-02 44544]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-9-9 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2008-7-21 684032]
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2008-7-25 57344]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\Program Files\\WBGames\\Monolith Productions\\F.E.A.R. 2 SP Demo\\FEAR2SPDemo.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2462:UDP"= 2462:UDP:Windows Media Format SDK (iexplore.exe)
"2463:UDP"= 2463:UDP:Windows Media Format SDK (iexplore.exe)
"2464:UDP"= 2464:UDP:Windows Media Format SDK (iexplore.exe)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22.7.2008 9:38 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.7.2008 9:38 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [18.11.2008 17:43 222968]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [21.7.2008 11:22 36864]
R3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\drivers\AVerBDA3x.sys [21.7.2008 12:34 1180672]
R3 AVerEth;AVerMedia Ethernet Adapter for MPE Service;c:\windows\system32\drivers\AVerEth.sys [21.7.2008 12:34 19584]
S2 gupdate1c9a41fe3a632d2;Google Update Service (gupdate1c9a41fe3a632d2);c:\program files\Google\Update\GoogleUpdate.exe [13.3.2009 22:08 133104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [16.11.2008 16:30 30192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 13:49 227232]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [25.7.2008 9:39 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [21.8.2008 17:15 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [21.8.2008 17:15 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [25.7.2008 9:40 88688]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [25.7.2008 9:39 86560]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 21:08]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 21:08]

2011-01-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1078081533-287218729-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]

2011-01-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1078081533-287218729-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Crawler Search - tbr:iemenu
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
HKLM-Run-nwiz - nwiz.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-07 22:25
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1800)
c:\program files\FlashGet\fgmgr.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\ATKKBService.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-01-07 22:28:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-07 21:28

Před spuštěním: Volných bajtů: 39 089 655 808
Po spuštění: Volných bajtů: 39 247 265 792

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - BE03FD17200B41E7C55EFC91BC42A57B

Re: Blokování odkazů...

Napsal: 07 led 2011 22:58
od Rudy
Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Folder::
c:\program files\AskBarDis

Collect::
c:\windows\003135_.tmp
c:\windows\SET142.tmp
c:\windows\SET117.tmp
c:\windows\SET10B.tmp
c:\windows\SET108.tmp

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Blokování odkazů...

Napsal: 07 led 2011 23:51
od Tamara.Me
po proběhnutí programu a "odhlašování" se objevilo "vypínání", asi po čtvrt hodině, když se nic nedělo, jsem PC musela vypnout ručně. Po zapnutí vše pokračovalo dále, objevilo se "combofix potřebuje podrobit vzorky malware další analýze" pak "Nahrání selhalo, webový server se zdá být dočasně nedostupný. Vytvořil se formulář co má být uložen C:\CF-submit.htm pro pozdější odeslání (nevím kam).....

ComboFix 11-01-07.01 - tamara 07.01.2011 23:13:32.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.456 [GMT 1:00]
Spuštěný z: c:\documents and settings\tamara\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\tamara\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 110107-0] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

file zipped: c:\windows\003135_.tmp
file zipped: c:\windows\SET108.tmp
file zipped: c:\windows\SET10B.tmp
file zipped: c:\windows\SET117.tmp
file zipped: c:\windows\SET142.tmp
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\00090246.bin
c:\program files\AskBarDis\bar\Cache\00090534.bin
c:\program files\AskBarDis\bar\Cache\0009069B.bin
c:\program files\AskBarDis\bar\Cache\00090860.bin
c:\program files\AskBarDis\bar\Cache\000909D7.bin
c:\program files\AskBarDis\bar\Cache\00090B9C.bin
c:\program files\AskBarDis\bar\Cache\012D74CA
c:\program files\AskBarDis\bar\Cache\012D7A77
c:\program files\AskBarDis\bar\Cache\012D7C0D.bin
c:\program files\AskBarDis\bar\Cache\012D7DE2.bin
c:\program files\AskBarDis\bar\Cache\012D7FB7.bin
c:\program files\AskBarDis\bar\Cache\012D81DA.bin
c:\program files\AskBarDis\bar\Cache\012D83BE.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\PopSwatter\History\allowed
c:\program files\AskBarDis\PopSwatter\History\notallow
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\windows\003135_.tmp
c:\windows\SET108.tmp
c:\windows\SET10B.tmp
c:\windows\SET117.tmp
c:\windows\SET142.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-07 do 2011-01-07 )))))))))))))))))))))))))))))))
.

2011-01-07 20:35 . 2011-01-07 20:35 -------- d-----w- c:\program files\trend micro
2011-01-07 20:35 . 2011-01-07 20:35 -------- d-----w- C:\rsit
2011-01-06 19:35 . 2011-01-06 19:35 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-06 19:00 . 2011-01-06 19:35 -------- d-----w- c:\program files\Microsoft Silverlight
2011-01-06 18:34 . 2011-01-06 18:34 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\McAfee
2011-01-06 18:33 . 2011-01-06 18:33 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-01-06 18:04 . 2011-01-06 18:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2011-01-06 18:04 . 2011-01-06 18:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee Security Scan
2011-01-06 18:04 . 2011-01-06 18:34 -------- d-----w- c:\program files\McAfee Security Scan
2011-01-05 18:01 . 2011-01-05 18:30 -------- d-----w- c:\documents and settings\tamara\Local Settings\Data aplikací\uTorrentBar
2011-01-05 18:01 . 2011-01-05 18:30 -------- d-----w- c:\documents and settings\tamara\Local Settings\Data aplikací\Conduit
2011-01-05 18:01 . 2011-01-05 18:01 -------- d-----w- c:\program files\Conduit
2011-01-05 18:00 . 2011-01-05 18:00 -------- d-----w- c:\program files\uTorrent
2011-01-05 17:59 . 2011-01-07 22:37 -------- d-----w- c:\documents and settings\tamara\Data aplikací\uTorrent
2011-01-04 15:19 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-01-04 15:19 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-01-04 15:19 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-01-04 15:17 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-01-04 15:14 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-01-03 19:00 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-01-03 18:59 . 2010-11-06 00:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-01-03 18:59 . 2010-11-06 00:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-01-03 18:59 . 2010-11-06 00:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-01-03 18:36 . 2009-07-31 09:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2011-01-03 18:36 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2011-01-03 18:33 . 2008-04-14 07:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2011-01-03 17:54 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-01-03 17:54 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-01-03 17:53 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-01-03 17:53 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-01-03 17:51 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-01-03 17:50 . 2010-08-26 13:39 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2011-01-03 17:50 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-01-03 17:50 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-01-03 17:45 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-01-03 17:44 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-01-03 17:44 . 2010-06-14 07:43 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-01-03 17:30 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-01-03 17:06 . 2010-11-06 00:23 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-01-03 17:06 . 2010-11-06 00:23 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-01-03 17:06 . 2010-11-06 00:23 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-01-03 17:06 . 2010-04-16 13:24 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2011-01-03 17:06 . 2009-02-06 20:07 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-01-03 17:06 . 2009-03-08 03:11 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-01-03 17:06 . 2010-11-06 00:23 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-01-03 17:06 . 2009-03-08 03:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2011-01-02 18:17 . 2006-03-02 12:00 79872 -c--a-w- c:\windows\system32\dllcache\rwia330.dll
2011-01-02 18:16 . 2006-03-02 12:00 10129408 -c--a-w- c:\windows\system32\dllcache\hwxkor.dll
2011-01-02 18:15 . 2001-10-24 11:24 45056 -c--a-w- c:\windows\system32\dllcache\EXCH_aqadmin.dll
2011-01-02 18:15 . 2001-10-24 11:24 5632 -c--a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll
2011-01-02 18:15 . 2003-04-14 19:48 16384 -c--a-w- c:\windows\system32\dllcache\tcptsat.dll
2011-01-02 18:15 . 2003-04-14 19:48 212992 -c--a-w- c:\windows\system32\dllcache\fpmmcsat.dll
2011-01-02 18:13 . 2006-03-02 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2011-01-02 18:13 . 2006-03-02 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2011-01-02 18:02 . 2006-03-02 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2011-01-02 18:02 . 2006-03-02 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-01-02 18:02 . 2006-03-02 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2011-01-02 18:02 . 2006-03-02 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-01-02 10:40 . 2011-01-02 10:38 390144 ----a-w- c:\windows\system32\CF12391.exe
2010-12-27 18:12 . 2010-12-27 18:13 -------- d-----w- c:\program files\Micro DVD Player
2010-12-27 18:10 . 2010-12-27 18:10 -------- d-----w- C:\PPK_CD
2010-12-25 14:28 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-12-25 13:22 . 2010-12-25 13:22 -------- d-----w- c:\program files\Mplayer
2010-12-25 13:18 . 2010-12-25 13:18 -------- d-----w- c:\program files\Fox
2010-12-14 18:34 . 2011-01-04 17:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-12-14 18:34 . 2011-01-04 16:04 -------- d-----w- c:\program files\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-07 17:02 . 2008-07-21 11:28 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2011-01-02 16:44 . 2009-08-31 09:25 870275 ----a-w- c:\documents and settings\tamara\Data aplikací\mdbu.bin
2010-11-18 18:15 . 2008-07-21 09:29 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-11-06 00:23 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2006-03-02 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2006-03-02 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:09 . 2006-03-02 12:00 290048 ----a-w- c:\windows\system32\atmfd(2)(3).dll
2010-10-26 13:58 . 2006-03-02 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-26 13:58 . 2006-03-02 12:00 1853312 ----a-w- c:\windows\system32\win32k(2)(2).sys
2008-01-28 13:21 . 2008-12-25 08:12 1110590 ----a-w- c:\program files\FlashPlayer.exe
2008-01-27 18:53 . 2008-12-25 08:12 171520 ----a-w- c:\program files\main.dll
2008-01-27 18:53 . 2008-12-25 08:12 11776 ----a-w- c:\program files\proplay.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detection"="c:\program files\HappyFoto\HF Designer\dd.exe" [2010-10-15 550400]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-20 26192680]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-01-05 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2007-10-11 1826816]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-09-13 380928]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"EPSON Stylus D68 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE" [2005-01-25 98304]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-11-19 274608]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-16 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-03-02 44544]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-9-9 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2008-7-21 684032]
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2008-7-25 57344]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\Program Files\\WBGames\\Monolith Productions\\F.E.A.R. 2 SP Demo\\FEAR2SPDemo.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2462:UDP"= 2462:UDP:Windows Media Format SDK (iexplore.exe)
"2463:UDP"= 2463:UDP:Windows Media Format SDK (iexplore.exe)
"2464:UDP"= 2464:UDP:Windows Media Format SDK (iexplore.exe)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22.7.2008 9:38 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.7.2008 9:38 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [18.11.2008 17:43 222968]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [21.7.2008 11:22 36864]
R3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\drivers\AVerBDA3x.sys [21.7.2008 12:34 1180672]
R3 AVerEth;AVerMedia Ethernet Adapter for MPE Service;c:\windows\system32\drivers\AVerEth.sys [21.7.2008 12:34 19584]
S2 gupdate1c9a41fe3a632d2;Google Update Service (gupdate1c9a41fe3a632d2);c:\program files\Google\Update\GoogleUpdate.exe [13.3.2009 22:08 133104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [16.11.2008 16:30 30192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 13:49 227232]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [25.7.2008 9:39 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [21.8.2008 17:15 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [21.8.2008 17:15 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [25.7.2008 9:40 88688]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [25.7.2008 9:39 86560]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 21:08]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 21:08]

2011-01-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1078081533-287218729-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]

2011-01-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1078081533-287218729-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Crawler Search - tbr:iemenu
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-07 23:38
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2456)
c:\program files\FlashGet\fgmgr.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\ATKKBService.exe
c:\windows\RTHDCPL.EXE
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-01-07 23:42:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-07 22:42
ComboFix2.txt 2011-01-07 21:28

Před spuštěním: Volných bajtů: 39 249 682 432
Po spuštění: Volných bajtů: 39 248 142 336

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 4E53D69136995BB1D1AAA5A4BBF65863

Re: Blokování odkazů...

Napsal: 08 led 2011 11:33
od Rudy
Log již vypadá čistý. Nastala nějaká změna?

Re: Blokování odkazů...

Napsal: 08 led 2011 11:58
od Tamara.Me
Bohužel to stále nefunguje, a nevíte proč mi to odstranilo ten program na účto2010? můžu si ho tam znovu z CD nainstalovat? a možná tam mám i nainstalováno dost ochranných programů, tak jestli si vzájemně nějak nebrání, nemám něco odinstalovat? asi jediné řešení bude přeinstalace windows XP a začít od začátku..... A zkusím ještě odeslat ty vzorky malware na webový server.

Re: Blokování odkazů...

Napsal: 08 led 2011 12:25
od Rudy
1. CF maže z pro mne neznámých důvodů program účto. Můžete ho znovu nainstalovat, příp. obnovit z adresáře C:\Quoobox.
2. Odkazy patrně blokuje něktará aplikace. na zkoušku vypněte antivir, systémový firewall. Pokud to nepomůže, přemýšlejte, co jste instalovala těsně před tím, než se problém objevil.

Re: Blokování odkazů...

Napsal: 08 led 2011 15:47
od Tamara.Me
o.k. vyzkouším. Ono už mi to dělá asi přes rok, ale předtím jsem to neřešila, takže už si nevzpomenu kdy to začalo dělat.
V každém případě díky za rady, aspoň se mi snad vyčistil PC :)
díky, Tamara

Re: Blokování odkazů...

Napsal: 08 led 2011 17:57
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz