VIRY.CZ

Dobrý den, při psaní www.facebook.com jsem omylem napsal faceook, vyjel rámeček s upozorněním:
today is your 6th birthday, tak jsem ukončil proces a na googlu jsem se dočetl že stránka je infikovaná.
Tak vás prosím o kontrolu logu, jestli je tomu tak

Logfile of random's system information tool 1.08 (written by random/random)
Run by Baguvix at 2011-05-19 19:59:41
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 509 GB (72%) free of 704 GB
Total RAM: 4094 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:59:43, on 19.5.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files (x86)\System Protect\SysProtect_Tray.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~2\Crawler\CToolbar.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Baguvix\Desktop\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Baguvix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60049
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.3\iobitToolbarIE.dll (file missing)
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\ctbr.dll
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.3\iobitToolbarIE.dll (file missing)
O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Baguvix\AppData\Roaming\Complitly\AutocompletePro.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\ctbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\4.3\iobitToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SystemProtect] "C:\Program Files (x86)\System Protect\SysProtect_Tray.exe"
O4 - HKLM\..\Run: [BitTorrent] "C:\PROGRA~2\BITTOR~1\BITTOR~1.EXE"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\ctbr.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - MySQL AB - C:\Program Files (x86)\xamp\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: System Protect Deletion Prevention Service (SP_Service) - Xacti Corporation - C:\Program Files (x86)\System Protect\SysProtect_srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12655 bytes

======Scheduled tasks folder======

C:\Windows\tasks\PCDRScheduledMaintenance.job
C:\Windows\tasks\User_Feed_Synchronization-{817A4E78-C655-4E25-830D-119D66B46C9B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.3\iobitToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Users\Baguvix\AppData\Roaming\Complitly\AutocompletePro.dll [2011-02-27 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\ctbr.dll [2010-10-14 1252200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\ctbr.dll [2010-10-14 1252200]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files (x86)\IObit Toolbar\IE\4.3\iobitToolbarIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"KBD"=C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [2008-07-21 12288]
"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-01-27 61440]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04 75016]
"TSMAgent"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640]
"DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200]
"SpywareTerminator"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-17 2176512]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SystemProtect"=C:\Program Files (x86)\System Protect\SysProtect_Tray.exe [2011-02-22 1223680]
"BitTorrent"=C:\PROGRA~2\BITTOR~1\BITTOR~1.EXE [2011-04-13 4770672]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-01-28 526336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-04-04 1644088]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"BitTorrent"=C:\Program Files (x86)\BitTorrent\BitTorrent.exe [2011-04-13 4770672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-05-15 20:01:10 ----D---- C:\Users\Baguvix\AppData\Roaming\Need for Speed World
2011-05-14 20:56:56 ----D---- C:\ProgramData\Electronic Arts
2011-05-14 20:56:56 ----D---- C:\ProgramData\EA Core
2011-05-14 20:42:26 ----D---- C:\Program Files (x86)\Electronic Arts
2011-05-14 20:42:26 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2011-05-14 20:42:26 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2011-05-14 20:42:25 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2011-05-14 20:42:25 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2011-05-14 20:27:25 ----D---- C:\ProgramData\Solidshield
2011-05-11 17:28:25 ----D---- C:\Windows\Minidump
2011-05-08 14:31:43 ----D---- C:\Program Files (x86)\Common Files\Spigot
2011-05-08 14:31:43 ----D---- C:\Program Files (x86)\Application Updater
2011-05-08 13:11:52 ----A---- C:\Windows\SysWOW64\vbscript.dll
2011-05-08 13:11:52 ----A---- C:\Windows\SysWOW64\jscript.dll
2011-05-08 13:11:36 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-05-08 13:11:35 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-05-08 13:11:34 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-05-08 13:11:34 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-05-08 13:11:29 ----A---- C:\Windows\SysWOW64\mstime.dll
2011-05-08 13:11:29 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2011-05-08 13:11:29 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\occache.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\iesetup.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\iernonce.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\iepeers.dll
2011-05-08 13:11:28 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2011-05-08 13:11:25 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2011-05-08 13:11:24 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2011-05-07 10:47:18 ----D---- C:\Program Files (x86)\URUSoft
2011-05-07 10:41:44 ----A---- C:\Windows\SysWOW64\icardie.dll
2011-05-07 10:41:44 ----A---- C:\Windows\SysWOW64\advpack.dll
2011-05-07 10:41:44 ----A---- C:\Windows\SysWOW64\admparse.dll
2011-05-07 10:41:43 ----A---- C:\Windows\SysWOW64\ieakeng.dll
2011-05-07 10:41:43 ----A---- C:\Windows\SysWOW64\corpol.dll
2011-05-07 10:41:41 ----A---- C:\Windows\SysWOW64\msls31.dll
2011-05-07 10:41:40 ----A---- C:\Windows\SysWOW64\wextract.exe
2011-05-07 10:41:40 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2011-05-07 10:41:40 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2011-05-07 10:41:39 ----A---- C:\Windows\SysWOW64\imgutil.dll
2011-05-07 10:41:38 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2011-05-07 10:41:38 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2011-05-07 10:41:34 ----A---- C:\Windows\SysWOW64\inseng.dll
2011-05-07 10:41:33 ----A---- C:\Windows\SysWOW64\webcheck.dll
2011-05-07 10:41:33 ----A---- C:\Windows\SysWOW64\msrating.dll
2011-05-07 10:41:33 ----A---- C:\Windows\SysWOW64\ieakui.dll
2011-05-07 10:41:33 ----A---- C:\Windows\SysWOW64\ieaksie.dll
2011-05-07 10:41:32 ----A---- C:\Windows\SysWOW64\WinFXDocObj.exe
2011-05-07 10:41:31 ----A---- C:\Windows\SysWOW64\url.dll
2011-05-07 10:41:31 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2011-05-07 10:41:30 ----A---- C:\Windows\SysWOW64\mshta.exe
2011-05-07 10:41:29 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-05-07 10:41:29 ----A---- C:\Windows\SysWOW64\SetDepNx.exe
2011-05-07 10:41:29 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-05-07 10:41:29 ----A---- C:\Windows\SysWOW64\PDMSetup.exe
2011-05-07 10:41:29 ----A---- C:\Windows\SysWOW64\iexpress.exe
2011-05-07 10:31:04 ----D---- C:\Windows\cs
2011-05-07 10:26:17 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-05-07 10:20:31 ----D---- C:\Program Files (x86)\Windows Live
2011-05-07 10:18:33 ----D---- C:\Program Files (x86)\Microsoft
2011-05-07 10:18:30 ----D---- C:\Program Files (x86)\MSN Toolbar
2011-05-07 10:18:09 ----D---- C:\Program Files (x86)\Bing Bar Installer
2011-05-07 10:17:06 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2011-05-07 10:16:07 ----A---- C:\Windows\SysWOW64\webservices.dll
2011-05-03 22:26:19 ----D---- C:\ProgramData\IObit
2011-04-27 15:44:48 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2011-04-27 15:44:43 ----A---- C:\Windows\SysWOW64\GameUXLegacyGDFs.dll
2011-04-27 15:44:43 ----A---- C:\Windows\SysWOW64\Apphlpdm.dll

======List of files/folders modified in the last 1 months======

2011-05-19 19:59:42 ----D---- C:\Windows\Temp
2011-05-19 19:59:42 ----D---- C:\Program Files (x86)\trend micro
2011-05-19 19:56:29 ----D---- C:\Users\Baguvix\AppData\Roaming\BitTorrent
2011-05-19 19:50:18 ----D---- C:\Program Files (x86)\Crawler
2011-05-19 19:49:52 ----D---- C:\Users\Baguvix\AppData\Roaming\Skype
2011-05-19 19:46:02 ----D---- C:\Users\Baguvix\AppData\Roaming\skypePM
2011-05-19 19:36:09 ----SHD---- C:\System Volume Information
2011-05-19 18:32:27 ----D---- C:\ProgramData\Spyware Terminator
2011-05-19 18:31:48 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-05-19 18:28:25 ----D---- C:\Fraps
2011-05-19 18:26:51 ----D---- C:\Users\Baguvix\AppData\Roaming\Spyware Terminator
2011-05-19 14:59:45 ----RD---- C:\Program Files (x86)
2011-05-19 14:57:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-19 14:56:10 ----D---- C:\Program Files (x86)\Steam
2011-05-19 14:52:06 ----HD---- C:\ProgramData
2011-05-19 14:52:03 ----D---- C:\Windows\SysWOW64
2011-05-19 14:44:42 ----SHD---- C:\Windows\Installer
2011-05-19 14:44:42 ----D---- C:\Windows
2011-05-14 20:42:26 ----D---- C:\Windows\System32
2011-05-14 20:41:49 ----RSD---- C:\Windows\assembly
2011-05-14 19:01:45 ----D---- C:\CFLog
2011-05-14 12:50:20 ----D---- C:\Program Files (x86)\Common Files\Steam
2011-05-12 05:48:25 ----D---- C:\Windows\winsxs
2011-05-12 05:34:42 ----D---- C:\ProgramData\Microsoft Help
2011-05-12 05:34:05 ----D---- C:\Program Files (x86)\Windows Mail
2011-05-12 05:31:19 ----D---- C:\Windows\Debug
2011-05-10 14:10:55 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2011-05-08 22:40:45 ----D---- C:\Program Files (x86)\Internet Explorer
2011-05-08 22:40:44 ----D---- C:\Windows\SysWOW64\migration
2011-05-08 14:31:43 ----D---- C:\Program Files (x86)\Common Files
2011-05-07 19:51:28 ----D---- C:\Users\Baguvix\AppData\Roaming\TS3Client
2011-05-07 18:44:24 ----D---- C:\Windows\rescache
2011-05-07 17:54:04 ----D---- C:\Windows\SysWOW64\cs-CZ
2011-05-07 17:54:02 ----D---- C:\Windows\SysWOW64\en-US
2011-05-07 17:53:59 ----D---- C:\Windows\PolicyDefinitions
2011-05-07 13:55:36 ----D---- C:\Program Files (x86)\CCleaner
2011-05-07 10:58:48 ----SD---- C:\Users\Baguvix\AppData\Roaming\Microsoft
2011-05-07 10:33:02 ----D---- C:\Windows\Microsoft.NET
2011-05-07 10:21:41 ----SD---- C:\ProgramData\Microsoft
2011-05-07 10:21:38 ----RSD---- C:\Windows\Fonts
2011-05-07 10:20:01 ----RD---- C:\Program Files
2011-05-07 10:19:33 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-05-07 10:09:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-05-06 20:57:46 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-05-02 02:54:55 ----D---- C:\Windows\inf
2011-04-27 18:52:56 ----D---- C:\Windows\AppPatch
2011-04-24 22:41:23 ----D---- C:\Windows\Prefetch
2011-04-21 18:21:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 AVER_H193;AVerMedia H193 Video Capture; C:\Windows\system32\drivers\AVer888RC_64.sys []
R3 CXCIR;AVerMedia Consumer Infrared Receiver; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys []
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS []
S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS []
S3 a37ok19m;a37ok19m; C:\Windows\SysWOW64\drivers\a37ok19m.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\Windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-02 4682]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
S3 sp_prot;System Protect Filter Driver; \??\C:\Windows\SysWOW64\drivers\sp_prot.sys [2011-02-22 13312]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 X6va001;X6va001; \??\C:\Users\Baguvix\AppData\Local\Temp\0019C0D.tmp []
S3 X6va002;X6va002; \??\C:\Users\Baguvix\AppData\Local\Temp\00250BE.tmp []
S3 X6va003;X6va003; \??\C:\Users\Baguvix\AppData\Local\Temp\00371AB.tmp []
S3 X6va005;X6va005; \??\C:\Users\Baguvix\AppData\Local\Temp\0052D97.tmp []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]
R2 HPBtnSrv;HP Easy Backup Button Service; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-07-20 75064]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2010-04-17 488960]
R2 SP_Service;System Protect Deletion Prevention Service; C:\Program Files (x86)\System Protect\SysProtect_srv.exe [2011-02-22 598528]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MySQL;MySQL; C:\Program Files (x86)\xamp\xampp\mysql\bin\mysqld.exe [2009-12-20 6095504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-08-30 3893752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-05-07 403240]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-05-18.04 - Baguvix 19.05.2011 21:20:24.1.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2249 [GMT 2:00]
Spuštěný z: c:\users\Baguvix\Desktop\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\CrashLog_20090301.txt
c:\cflog\CrashLog_20100718.txt
c:\cflog\CrashLog_20100722.txt
c:\cflog\CrashLog_20100724.txt
c:\cflog\CrashLog_20100726.txt
c:\cflog\CrashLog_20100731.txt
c:\cflog\CrashLog_20100824.txt
c:\cflog\CrashLog_20100826.txt
c:\cflog\CrashLog_20100828.txt
c:\cflog\CrashLog_20100830.txt
c:\cflog\CrashLog_20100831.txt
c:\cflog\CrashLog_20100918.txt
c:\cflog\CrashLog_20100923.txt
c:\cflog\CrashLog_20100928.txt
c:\cflog\CrashLog_20101004.txt
c:\cflog\CrashLog_20101009.txt
c:\cflog\CrashLog_20101014.txt
c:\cflog\CrashLog_20101018.txt
c:\cflog\CrashLog_20101031.txt
c:\cflog\CrashLog_20101101.txt
c:\cflog\CrashLog_20101106.txt
c:\cflog\CrashLog_20101107.txt
c:\cflog\CrashLog_20101109.txt
c:\cflog\CrashLog_20101110.txt
c:\cflog\CrashLog_20101113.txt
c:\cflog\CrashLog_20101115.txt
c:\cflog\CrashLog_20101116.txt
c:\cflog\CrashLog_20101127.txt
c:\cflog\CrashLog_20101220.txt
c:\cflog\CrashLog_20110127.txt
c:\cflog\CrashLog_20110428.txt
c:\cflog\CrashLog_20110501.txt
c:\cflog\CrashLog_20110504.txt
c:\cflog\CrashLog_20110506.txt
c:\cflog\CrashLog_20110508.txt
c:\cflog\CrashLog_20110509.txt
c:\cflog\CrashLog_20110510.txt
c:\cflog\CrashLog_20110512.txt
c:\cflog\CrashLog_20110514.txt
c:\programdata\Amazon.ico
c:\programdata\MercadoLivre.ico
c:\programdata\QuickStores.ico
c:\users\Baguvix\AppData\Roaming\Microsoft\Windows\Recent\Download Games, Soft, Music, Video WebPunkt.RU.url.url
c:\users\Baguvix\AppData\Roaming\Microsoft\Windows\Recent\GTA IV ASI Loader v1.0.2.0b.url
c:\users\Baguvix\AppData\Roaming\Microsoft\Windows\Recent\GTA IV C++ Script Hook.url
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-19 do 2011-05-19 )))))))))))))))))))))))))))))))
.
.
2011-05-19 19:46 . 2011-05-19 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-19 19:46 . 2011-05-19 19:46 -------- d-----w- c:\users\Baguvix\AppData\Local\temp
2011-05-17 15:34 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{66352731-2420-48F9-B7CF-10843D963B41}\mpengine.dll
2011-05-15 18:01 . 2011-05-15 18:01 -------- d-----w- c:\users\Baguvix\AppData\Roaming\Need for Speed World
2011-05-15 17:25 . 2011-05-15 17:25 -------- d-----w- c:\users\Baguvix\AppData\Local\Electronic_Arts_Inc
2011-05-14 18:56 . 2011-05-15 17:25 -------- d-----w- c:\programdata\Electronic Arts
2011-05-14 18:56 . 2011-05-14 18:56 -------- d-----w- c:\programdata\EA Core
2011-05-14 18:42 . 2011-05-15 17:25 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-05-14 18:42 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-05-14 18:27 . 2011-05-14 18:27 -------- d-----w- c:\programdata\Solidshield
2011-05-11 12:58 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-11 12:58 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-05-08 12:31 . 2011-05-08 12:31 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-05-08 12:31 . 2011-05-08 12:31 -------- d-----w- c:\program files (x86)\Application Updater
2011-05-07 08:47 . 2011-05-07 08:47 -------- d-----w- c:\program files (x86)\URUSoft
2011-05-07 08:44 . 2010-10-19 04:56 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-05-07 08:44 . 2010-10-19 04:27 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-05-07 08:31 . 2011-05-07 08:31 -------- d-----w- c:\windows\cs
2011-05-07 08:26 . 2011-05-07 08:26 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-05-07 08:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-07 08:20 . 2011-05-07 08:31 -------- d-----w- c:\program files (x86)\Windows Live
2011-05-07 08:20 . 2011-05-07 08:20 -------- d-----w- c:\program files\Windows Live
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\Microsoft
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\MSN Toolbar
2011-05-07 08:18 . 2011-05-07 08:19 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2011-05-07 08:17 . 2011-05-13 20:53 -------- d-----w- c:\users\Baguvix\AppData\Local\Windows Live
2011-05-07 08:17 . 2011-05-07 08:17 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-05-07 08:16 . 2009-08-04 08:12 1103872 ----a-w- c:\windows\system32\webservices.dll
2011-05-07 08:16 . 2009-08-04 08:02 754688 ----a-w- c:\windows\SysWow64\webservices.dll
2011-05-03 20:26 . 2011-05-03 20:26 -------- d-----w- c:\programdata\IObit
2011-04-27 13:44 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 13:44 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 13:44 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll
2011-04-27 13:44 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-24 13:30 . 2011-05-03 22:33 -------- d-----w- c:\users\Baguvix\AppData\Local\GamePlayLabs Plugin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-10 12:10 . 2011-04-17 10:16 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-17 10:16 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-04-17 10:18 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-04-17 10:18 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2011-04-17 10:18 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-17 10:18 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-17 10:18 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-17 10:18 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-17 10:18 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-07 08:20 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-10 17:18 . 2011-04-15 12:40 1360384 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:18 . 2011-04-15 12:40 1398784 ----a-w- c:\windows\system32\mfc42.dll
2011-03-10 17:03 . 2011-04-15 12:40 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-10 17:03 . 2011-04-15 12:40 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-05 20:37 . 2010-07-20 20:45 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-05 20:37 . 2009-12-24 21:21 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-03 16:02 . 2011-04-15 12:41 975872 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:59 . 2011-04-27 13:44 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:59 . 2011-04-27 13:44 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59 . 2011-04-27 13:44 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 15:42 . 2011-04-15 12:41 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 13:44 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 13:44 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 13:44 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 13:44 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:46 . 2011-04-15 12:40 2762240 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 16:12 . 2011-04-15 12:39 117760 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-26 01:19 . 2011-02-26 01:19 27536 ----a-w- c:\windows\system32\xfcodec64.dll
2011-02-24 16:38 . 2011-04-15 12:42 991104 ----a-w- c:\windows\system32\winresume.efi
2011-02-24 16:38 . 2011-04-15 12:42 979840 ----a-w- c:\windows\system32\winresume.exe
2011-02-24 16:37 . 2011-04-15 12:42 1076608 ----a-w- c:\windows\system32\winload.efi
2011-02-24 16:37 . 2011-04-15 12:42 1063296 ----a-w- c:\windows\system32\winload.exe
2011-02-24 16:37 . 2011-04-15 12:42 20864 ----a-w- c:\windows\system32\kdusb.dll
2011-02-24 16:37 . 2011-04-15 12:42 18816 ----a-w- c:\windows\system32\kd1394.dll
2011-02-24 16:37 . 2011-04-15 12:42 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-02-22 19:41 . 2011-02-22 19:41 13312 ----a-w- c:\windows\SysWow64\drivers\sp_prot.sys
2011-02-22 14:47 . 2011-03-23 10:49 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 14:13 . 2011-03-23 10:49 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 13:53 . 2011-03-23 10:49 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:53 . 2011-03-23 10:49 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 13:33 . 2011-03-23 10:49 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-04-04 1644088]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-04-13 4770672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-27 61440]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-04-09 185640]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-03-19 1148200]
"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-17 2176512]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SystemProtect"="c:\program files (x86)\System Protect\SysProtect_Tray.exe" [2011-02-22 1223680]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-28 526336]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
R3 sp_prot;System Protect Filter Driver;c:\windows\SysWOW64\drivers\sp_prot.sys [2011-02-22 13312]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R3 X6va001;X6va001;c:\users\Baguvix\AppData\Local\Temp\0019C0D.tmp [x]
R3 X6va002;X6va002;c:\users\Baguvix\AppData\Local\Temp\00250BE.tmp [x]
R3 X6va003;X6va003;c:\users\Baguvix\AppData\Local\Temp\00371AB.tmp [x]
R3 X6va005;X6va005;c:\users\Baguvix\AppData\Local\Temp\0052D97.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 SP_Service;System Protect Deletion Prevention Service;c:\program files (x86)\System Protect\SysProtect_srv.exe [2011-02-22 598528]
S3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC_64.sys [x]
S3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 18:59]
.
2011-05-19 c:\windows\Tasks\User_Feed_Synchronization-{817A4E78-C655-4E25-830D-119D66B46C9B}.job
- c:\windows\system32\msfeedssync.exe [2011-05-08 04:43]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60049
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=93&bd=Pavilion&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\ctbr.dll
FF - ProfilePath - c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: YoYo Games InstantPlay: yyginstantplay@yoyogames.com - %profile%\extensions\yyginstantplay@yoyogames.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: OnRPG Toolbar: {d22f6f66-2f47-4184-8625-fbfa4cbdb7ce} - %profile%\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: Complitly - Speed up your search with your personal search suggestions tool: {33e0daa6-3af3-d8b5-6752-10e949c61516} - %profile%\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF - Ext: Media Plugin: plugin3@gameplaylabs.com - %profile%\extensions\plugin3@gameplaylabs.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files (x86)\Crawler\firefox
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_apb.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va001]
"ImagePath"="\??\c:\users\Baguvix\AppData\Local\Temp\0019C0D.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va002]
"ImagePath"="\??\c:\users\Baguvix\AppData\Local\Temp\00250BE.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va003]
"ImagePath"="\??\c:\users\Baguvix\AppData\Local\Temp\00371AB.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va005]
"ImagePath"="\??\c:\users\Baguvix\AppData\Local\Temp\0052D97.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-681789511-3910678979-346427176-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BA1C2374-6DE5-D508-ACAC-FA2A51EA3D1D}*]
"oakmknajihgbnfmjejiaijjgfhccle"=hex:6b,61,6f,6e,62,63,63,62,6a,6d,65,6c,66,6f,
6b,64,64,6a,6b,68,65,6a,00,00
"naamaeklaafekglffeakhpdgmplg"=hex:6a,61,68,6e,6b,62,67,65,6f,6d,69,61,64,69,
6d,6b,68,6e,65,65,00,00
"oaolkhdkpboamlamdjmkldmkjdgbnl"=hex:64,61,6f,6e,64,63,6f,6e,00,49
.
[HKEY_USERS\S-1-5-21-681789511-3910678979-346427176-1000\Software\SecuROM\License information*]
"datasecu"=hex:59,e3,30,0f,71,69,53,03,af,e2,e0,2d,0d,bf,9c,a2,f0,7d,5e,2e,dd,
da,75,e6,b6,52,1e,d5,9f,e6,ce,d6,f9,14,e2,d3,31,d6,ff,5b,28,7b,8c,30,0a,0a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
@SACL=
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@SACL=
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-05-19 21:52:33
ComboFix-quarantined-files.txt 2011-05-19 19:52
.
Před spuštěním: Volných bajtů: 551 160 430 592
Po spuštění: Volných bajtů: 551 030 607 872
.
Current=1 Default=1 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - A7A36C993249269DFB7CB31DD0E0965E

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files (x86)\Common Files\Spigot

Collect::
c:\users\Baguvix\AppData\Local\Temp\0019C0D.tmp
c:\users\Baguvix\AppData\Local\Temp\00250BE.tmp
c:\users\Baguvix\AppData\Local\Temp\00371AB.tmp
c:\users\Baguvix\AppData\Local\Temp\0052D97.tmp

Driver::
X6va001
X6va002
X6va003
X6va005

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-

Regnull::
[HKEY_USERS\S-1-5-21-681789511-3910678979-346427176-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BA1C2374-6DE5-D508-ACAC-FA2A51EA3D1D}*]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

ComboFix 11-05-18.04 - Baguvix 20.05.2011 6:12.2.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2354 [GMT 2:00]
Spuštěný z: c:\users\Baguvix\Desktop\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Baguvix\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Spigot
c:\program files (x86)\Common Files\Spigot\Search Settings\config.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
c:\program files (x86)\Common Files\Spigot\wtxpcom\chrome.manifest
c:\program files (x86)\Common Files\Spigot\wtxpcom\install.rdf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA001
-------\Legacy_X6VA002
-------\Legacy_X6VA003
-------\Legacy_X6VA005
-------\Service_X6va001
-------\Service_X6va002
-------\Service_X6va003
-------\Service_X6va005
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-20 do 2011-05-20 )))))))))))))))))))))))))))))))
.
.
2011-05-20 04:23 . 2011-05-20 04:25 -------- d-----w- c:\users\Baguvix\AppData\Local\temp
2011-05-20 04:23 . 2011-05-20 04:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 15:34 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{66352731-2420-48F9-B7CF-10843D963B41}\mpengine.dll
2011-05-15 18:01 . 2011-05-15 18:01 -------- d-----w- c:\users\Baguvix\AppData\Roaming\Need for Speed World
2011-05-15 17:25 . 2011-05-15 17:25 -------- d-----w- c:\users\Baguvix\AppData\Local\Electronic_Arts_Inc
2011-05-14 18:56 . 2011-05-15 17:25 -------- d-----w- c:\programdata\Electronic Arts
2011-05-14 18:56 . 2011-05-14 18:56 -------- d-----w- c:\programdata\EA Core
2011-05-14 18:42 . 2011-05-15 17:25 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-05-14 18:42 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-05-14 18:27 . 2011-05-14 18:27 -------- d-----w- c:\programdata\Solidshield
2011-05-11 12:58 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-11 12:58 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-05-08 12:31 . 2011-05-08 12:31 -------- d-----w- c:\program files (x86)\Application Updater
2011-05-07 08:47 . 2011-05-07 08:47 -------- d-----w- c:\program files (x86)\URUSoft
2011-05-07 08:44 . 2010-10-19 04:56 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-05-07 08:44 . 2010-10-19 04:27 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-05-07 08:31 . 2011-05-07 08:31 -------- d-----w- c:\windows\cs
2011-05-07 08:26 . 2011-05-07 08:26 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-05-07 08:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-07 08:20 . 2011-05-07 08:31 -------- d-----w- c:\program files (x86)\Windows Live
2011-05-07 08:20 . 2011-05-07 08:20 -------- d-----w- c:\program files\Windows Live
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\Microsoft
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\MSN Toolbar
2011-05-07 08:18 . 2011-05-07 08:19 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2011-05-07 08:17 . 2011-05-13 20:53 -------- d-----w- c:\users\Baguvix\AppData\Local\Windows Live
2011-05-07 08:17 . 2011-05-07 08:17 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-05-07 08:16 . 2009-08-04 08:12 1103872 ----a-w- c:\windows\system32\webservices.dll
2011-05-07 08:16 . 2009-08-04 08:02 754688 ----a-w- c:\windows\SysWow64\webservices.dll
2011-05-03 20:26 . 2011-05-03 20:26 -------- d-----w- c:\programdata\IObit
2011-04-27 13:44 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 13:44 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 13:44 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll
2011-04-27 13:44 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-24 13:30 . 2011-05-03 22:33 -------- d-----w- c:\users\Baguvix\AppData\Local\GamePlayLabs Plugin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-10 12:10 . 2011-04-17 10:16 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-17 10:16 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-04-17 10:18 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-04-17 10:18 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2011-04-17 10:18 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-17 10:18 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-17 10:18 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-17 10:18 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-17 10:18 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-07 08:20 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-10 17:18 . 2011-04-15 12:40 1360384 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:18 . 2011-04-15 12:40 1398784 ----a-w- c:\windows\system32\mfc42.dll
2011-03-10 17:03 . 2011-04-15 12:40 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-10 17:03 . 2011-04-15 12:40 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-05 20:37 . 2010-07-20 20:45 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-05 20:37 . 2009-12-24 21:21 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-03 16:02 . 2011-04-15 12:41 975872 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:59 . 2011-04-27 13:44 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:59 . 2011-04-27 13:44 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59 . 2011-04-27 13:44 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 15:42 . 2011-04-15 12:41 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 13:44 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 13:44 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 13:44 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 13:44 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:46 . 2011-04-15 12:40 2762240 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 16:12 . 2011-04-15 12:39 117760 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-26 01:19 . 2011-02-26 01:19 27536 ----a-w- c:\windows\system32\xfcodec64.dll
2011-02-24 16:38 . 2011-04-15 12:42 991104 ----a-w- c:\windows\system32\winresume.efi
2011-02-24 16:38 . 2011-04-15 12:42 979840 ----a-w- c:\windows\system32\winresume.exe
2011-02-24 16:37 . 2011-04-15 12:42 1076608 ----a-w- c:\windows\system32\winload.efi
2011-02-24 16:37 . 2011-04-15 12:42 1063296 ----a-w- c:\windows\system32\winload.exe
2011-02-24 16:37 . 2011-04-15 12:42 20864 ----a-w- c:\windows\system32\kdusb.dll
2011-02-24 16:37 . 2011-04-15 12:42 18816 ----a-w- c:\windows\system32\kd1394.dll
2011-02-24 16:37 . 2011-04-15 12:42 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-02-22 19:41 . 2011-02-22 19:41 13312 ----a-w- c:\windows\SysWow64\drivers\sp_prot.sys
2011-02-22 14:47 . 2011-03-23 10:49 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 14:13 . 2011-03-23 10:49 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 13:53 . 2011-03-23 10:49 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:53 . 2011-03-23 10:49 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 13:33 . 2011-03-23 10:49 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-19_19.46.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 03:20 . 2011-05-20 04:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-01-21 03:20 . 2011-05-19 18:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-23 18:25 . 2011-05-20 04:25 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-23 18:25 . 2011-05-19 18:07 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-21 03:20 . 2011-05-20 04:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-01-21 03:20 . 2011-05-19 18:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 02:23 . 2011-05-20 04:02 74870 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-01-21 02:23 . 2011-05-19 16:27 74870 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-12-01 12:18 . 2011-05-20 04:26 19234 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-681789511-3910678979-346427176-1000_UserData.bin
- 2009-12-25 10:37 . 2011-05-19 16:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-25 10:37 . 2011-05-20 04:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-25 10:37 . 2011-05-19 16:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-25 10:37 . 2011-05-20 04:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-20 04:24 . 2011-05-20 04:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-19 16:25 . 2011-05-19 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-20 04:24 . 2011-05-20 04:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-05-19 16:25 . 2011-05-19 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 15:45 . 2011-05-20 04:26 133454 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2010-06-29 15:27 . 2011-05-20 04:23 377052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-06-29 15:27 . 2011-05-19 15:48 377052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-07-02 04:30 . 2011-05-20 04:23 4423864 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-07-02 04:30 . 2011-05-19 15:48 4423864 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-06-29 15:27 . 2011-05-19 20:03 3808856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-681789511-3910678979-346427176-1000-8192.dat
- 2010-06-29 15:27 . 2011-05-15 00:08 3808856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-681789511-3910678979-346427176-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-04-04 1644088]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-04-13 4770672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-27 61440]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-04-09 185640]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-03-19 1148200]
"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-17 2176512]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SystemProtect"="c:\program files (x86)\System Protect\SysProtect_Tray.exe" [2011-02-22 1223680]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
R3 sp_prot;System Protect Filter Driver;c:\windows\SysWOW64\drivers\sp_prot.sys [2011-02-22 13312]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
S2 SP_Service;System Protect Deletion Prevention Service;c:\program files (x86)\System Protect\SysProtect_srv.exe [2011-02-22 598528]
S3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC_64.sys [x]
S3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 18:59]
.
2011-05-19 c:\windows\Tasks\User_Feed_Synchronization-{817A4E78-C655-4E25-830D-119D66B46C9B}.job
- c:\windows\system32\msfeedssync.exe [2011-05-08 04:43]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF9237.cfxxe" [X]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [BU]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60049
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=93&bd=Pavilion&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\ctbr.dll
FF - ProfilePath - c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: YoYo Games InstantPlay: yyginstantplay@yoyogames.com - %profile%\extensions\yyginstantplay@yoyogames.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: OnRPG Toolbar: {d22f6f66-2f47-4184-8625-fbfa4cbdb7ce} - %profile%\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: Complitly - Speed up your search with your personal search suggestions tool: {33e0daa6-3af3-d8b5-6752-10e949c61516} - %profile%\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF - Ext: Media Plugin: plugin3@gameplaylabs.com - %profile%\extensions\plugin3@gameplaylabs.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files (x86)\Crawler\firefox
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-681789511-3910678979-346427176-1000\Software\SecuROM\License information*]
"datasecu"=hex:59,e3,30,0f,71,69,53,03,af,e2,e0,2d,0d,bf,9c,a2,f0,7d,5e,2e,dd,
da,75,e6,b6,52,1e,d5,9f,e6,ce,d6,f9,14,e2,d3,31,d6,ff,5b,28,7b,8c,30,0a,0a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
@SACL=
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@SACL=
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\xamp\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Spyware Terminator\sp_rsser.exe
.
**************************************************************************
.
Celkový čas: 2011-05-20 06:32:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-20 04:32
ComboFix2.txt 2011-05-19 19:52
.
Před spuštěním: Volných bajtů: 553 978 703 872
Po spuštění: Volných bajtů: 553 451 786 240
.
Current=1 Default=1 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - 8C14E90E22C7A4A5E9FCA0523E2A62A3

OK, smazáno. Spusťte ještě jednou CF tímto skriptem:

Firefox::
FF - ProfilePath - c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: YoYo Games InstantPlay: yyginstantplay@yoyogames.com - %profile%\extensions\yyginstantplay@yoyogames.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: OnRPG Toolbar: {d22f6f66-2f47-4184-8625-fbfa4cbdb7ce} - %profile%\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: Complitly - Speed up your search with your personal search suggestions tool: {33e0daa6-3af3-d8b5-6752-10e949c61516} - %profile%\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF - Ext: Media Plugin: plugin3@gameplaylabs.com - %profile%\extensions\plugin3@gameplaylabs.com
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files (x86)\Crawler\firefox

Jde o pročištění profilu Firefoxu.

ComboFix 11-05-18.04 - Baguvix 21.05.2011 8:06.3.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2601 [GMT 2:00]
Spuštěný z: c:\users\Baguvix\Desktop\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Baguvix\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\Crawler\firefox
c:\program files (x86)\Crawler\firefox\components\xcomm.dll
c:\program files (x86)\Crawler\firefox\components\xplugin.xpt
c:\program files (x86)\Crawler\firefox\components\xshared.dll
c:\program files (x86)\Crawler\firefox\components\xshared.xpt
c:\program files (x86)\Crawler\firefox\components\xsupport.dll
c:\program files (x86)\Crawler\firefox\components\xsupport.xpt
c:\program files (x86)\Crawler\firefox\components\xwsg.dll
c:\program files (x86)\Crawler\firefox\chrome.manifest
c:\program files (x86)\Crawler\firefox\chrome\common.jar
c:\program files (x86)\Crawler\firefox\chrome\stwsg.jar
c:\program files (x86)\Crawler\firefox\install.ini
c:\program files (x86)\Crawler\firefox\install.rdf
c:\program files (x86)\Crawler\firefox\stwsg_ff.ini
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExtInterface.xpt
c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\content\bkmrksync.png
c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\chrome.manifest
c:\program files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\defaults\preferences\predictad.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\appIcon.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\browserOverlay.xul
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\options.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\options.xul
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\utils.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitAutoCompleteSearch.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitAutoCompleteSearch.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.idl
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\ConduitToolbar.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCore.dll
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCore.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko19.dll
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\alertSettingsComponent.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\appContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\engineContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\engineSettings.json
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\fbAlert.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\getAppsContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\postAppsContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\toolbarContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults\unsharedAppsContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome\bittorrentbar.jar
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\lib\xpcom.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\manifest.mf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\zigbert.rsa
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF\zigbert.sf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.ico
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.PNG
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.src
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin\conduit.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\setup.ini
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\version.txt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\ConduitAutoCompleteSearch.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\ConduitAutoCompleteSearch.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\ConduitToolbar.idl
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\ConduitToolbar.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\ConduitToolbar.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\FFExternalAlert.dll
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\FFExternalAlert.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\RadioWMPCore.dll
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\RadioWMPCore.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\defaults\default_radio_skin.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\defaults\fbAlert.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\chrome\onrpg.jar
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\lib\xpcom.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\META-INF\manifest.mf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\META-INF\zigbert.rsa
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\META-INF\zigbert.sf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\searchplugin\conduit.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\searchplugin\conduit.ico
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\searchplugin\conduit.PNG
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\searchplugin\conduit.src
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\searchplugin\conduit.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\version.txt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\install.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\META-INF\manifest.mf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\META-INF\zigbert.rsa
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\META-INF\zigbert.sf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\ConduitToolbar.idl
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\ConduitToolbar.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\appContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\engineSettings.json
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\fbAlert.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\DualPackage\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\chrome\conduitengine.jar
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\lib\xpcom.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\META-INF\manifest.mf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\META-INF\zigbert.rsa
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\META-INF\zigbert.sf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\searchplugin\conduit.gif
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\searchplugin\conduit.ico
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\searchplugin\conduit.PNG
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\searchplugin\conduit.src
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\searchplugin\conduit.xml
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\setup.ini
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\engine@conduit.com\version.txt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\defaults\preferences\prefs.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\chrome\content\ff-overlay.xul
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\chrome\content\icon.png
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\chrome\content\overlay.js
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\chrome\locale\en-US\overlay.properties
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\META-INF\manifest.mf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\META-INF\zigbert.rsa
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\META-INF\zigbert.sf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\plugin3@gameplaylabs.com\setup.ini
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com\chrome.manifest
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com\install.rdf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com\META-INF\manifest.mf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com\META-INF\zigbert.rsa
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com\META-INF\zigbert.sf
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com\plugins\IYYGInstantPlayCtrl.xpt
c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\extensions\yyginstantplay@yoyogames.com\plugins\NPYYGInstantPlay.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-21 do 2011-05-21 )))))))))))))))))))))))))))))))
.
.
2011-05-21 06:16 . 2011-05-21 06:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-21 06:16 . 2011-05-21 06:16 -------- d-----w- c:\users\Baguvix\AppData\Local\temp
2011-05-20 17:18 . 2011-05-20 17:18 -------- d-----w- c:\program files (x86)\Application Updater
2011-05-20 17:18 . 2011-05-20 17:18 -------- d-----w- c:\program files (x86)\IObit Toolbar
2011-05-20 17:18 . 2011-05-20 17:18 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-05-20 13:24 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F50FC8D3-F96B-4681-8F4E-0F9C9DAEAD6B}\mpengine.dll
2011-05-15 18:01 . 2011-05-15 18:01 -------- d-----w- c:\users\Baguvix\AppData\Roaming\Need for Speed World
2011-05-15 17:25 . 2011-05-15 17:25 -------- d-----w- c:\users\Baguvix\AppData\Local\Electronic_Arts_Inc
2011-05-14 18:56 . 2011-05-15 17:25 -------- d-----w- c:\programdata\Electronic Arts
2011-05-14 18:56 . 2011-05-14 18:56 -------- d-----w- c:\programdata\EA Core
2011-05-14 18:42 . 2011-05-15 17:25 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-05-14 18:42 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-05-14 18:27 . 2011-05-14 18:27 -------- d-----w- c:\programdata\Solidshield
2011-05-11 12:58 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-11 12:58 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-05-07 08:47 . 2011-05-07 08:47 -------- d-----w- c:\program files (x86)\URUSoft
2011-05-07 08:44 . 2010-10-19 04:56 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-05-07 08:44 . 2010-10-19 04:27 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-05-07 08:31 . 2011-05-07 08:31 -------- d-----w- c:\windows\cs
2011-05-07 08:26 . 2011-05-07 08:26 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-05-07 08:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-07 08:20 . 2011-05-07 08:31 -------- d-----w- c:\program files (x86)\Windows Live
2011-05-07 08:20 . 2011-05-07 08:20 -------- d-----w- c:\program files\Windows Live
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\Microsoft
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\MSN Toolbar
2011-05-07 08:18 . 2011-05-07 08:19 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2011-05-07 08:17 . 2011-05-13 20:53 -------- d-----w- c:\users\Baguvix\AppData\Local\Windows Live
2011-05-07 08:17 . 2011-05-07 08:17 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-05-07 08:16 . 2009-08-04 08:12 1103872 ----a-w- c:\windows\system32\webservices.dll
2011-05-07 08:16 . 2009-08-04 08:02 754688 ----a-w- c:\windows\SysWow64\webservices.dll
2011-05-03 20:26 . 2011-05-03 20:26 -------- d-----w- c:\programdata\IObit
2011-04-27 13:44 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 13:44 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 13:44 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll
2011-04-27 13:44 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-24 13:30 . 2011-05-03 22:33 -------- d-----w- c:\users\Baguvix\AppData\Local\GamePlayLabs Plugin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-10 12:10 . 2011-04-17 10:16 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-17 10:16 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-04-17 10:18 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-04-17 10:18 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2011-04-17 10:18 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-17 10:18 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-17 10:18 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-17 10:18 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-17 10:18 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-07 08:20 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-10 17:18 . 2011-04-15 12:40 1360384 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:18 . 2011-04-15 12:40 1398784 ----a-w- c:\windows\system32\mfc42.dll
2011-03-10 17:03 . 2011-04-15 12:40 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-10 17:03 . 2011-04-15 12:40 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-05 20:37 . 2010-07-20 20:45 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-05 20:37 . 2009-12-24 21:21 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-03 16:02 . 2011-04-15 12:41 975872 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:59 . 2011-04-27 13:44 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:59 . 2011-04-27 13:44 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59 . 2011-04-27 13:44 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 15:42 . 2011-04-15 12:41 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 13:44 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 13:44 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 13:44 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 13:44 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:46 . 2011-04-15 12:40 2762240 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 16:12 . 2011-04-15 12:39 117760 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-26 01:19 . 2011-02-26 01:19 27536 ----a-w- c:\windows\system32\xfcodec64.dll
2011-02-24 16:38 . 2011-04-15 12:42 991104 ----a-w- c:\windows\system32\winresume.efi
2011-02-24 16:38 . 2011-04-15 12:42 979840 ----a-w- c:\windows\system32\winresume.exe
2011-02-24 16:37 . 2011-04-15 12:42 1076608 ----a-w- c:\windows\system32\winload.efi
2011-02-24 16:37 . 2011-04-15 12:42 1063296 ----a-w- c:\windows\system32\winload.exe
2011-02-24 16:37 . 2011-04-15 12:42 20864 ----a-w- c:\windows\system32\kdusb.dll
2011-02-24 16:37 . 2011-04-15 12:42 18816 ----a-w- c:\windows\system32\kd1394.dll
2011-02-24 16:37 . 2011-04-15 12:42 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-02-22 19:41 . 2011-02-22 19:41 13312 ----a-w- c:\windows\SysWow64\drivers\sp_prot.sys
2011-02-22 14:47 . 2011-03-23 10:49 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 14:13 . 2011-03-23 10:49 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 13:53 . 2011-03-23 10:49 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:53 . 2011-03-23 10:49 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 13:33 . 2011-03-23 10:49 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-19_19.46.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 03:20 . 2011-05-21 05:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-01-21 03:20 . 2011-05-19 18:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-23 18:25 . 2011-05-21 05:52 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-23 18:25 . 2011-05-19 18:07 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-01-21 03:20 . 2011-05-19 18:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 03:20 . 2011-05-21 05:52 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 02:23 . 2011-05-21 05:54 74870 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-01-21 02:23 . 2011-05-19 16:27 74870 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-12-01 12:18 . 2011-05-21 05:54 19258 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-681789511-3910678979-346427176-1000_UserData.bin
+ 2009-12-01 12:19 . 2011-05-20 13:21 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-01 12:19 . 2011-05-19 12:39 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-20 18:13 . 2011-05-19 12:39 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-07-20 18:13 . 2011-05-20 13:21 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-01 12:19 . 2011-05-20 13:21 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-01 12:19 . 2011-05-19 12:39 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-25 10:37 . 2011-05-19 16:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-25 10:37 . 2011-05-21 05:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-25 10:37 . 2011-05-21 05:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-25 10:37 . 2011-05-19 16:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-20 17:18 . 2011-05-20 17:18 53248 c:\windows\Installer\{784EE8DF-2273-4EBD-8372-7CE597613BCF}\ARPPRODUCTICON.exe
+ 2011-05-21 05:52 . 2011-05-21 05:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-19 16:25 . 2011-05-19 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-19 16:25 . 2011-05-19 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-21 05:52 . 2011-05-21 05:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 15:45 . 2011-05-21 05:54 133680 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2010-06-29 15:27 . 2011-05-19 15:48 377052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-06-29 15:27 . 2011-05-20 20:01 377052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-07-02 04:30 . 2011-05-19 15:48 4423864 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-07-02 04:30 . 2011-05-20 20:01 4423864 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-06-29 15:27 . 2011-05-20 18:12 3808856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-681789511-3910678979-346427176-1000-8192.dat
- 2010-06-29 15:27 . 2011-05-15 00:08 3808856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-681789511-3910678979-346427176-1000-8192.dat
+ 2011-05-20 17:18 . 2011-05-20 17:18 1021440 c:\windows\Installer\dc9197.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-04-04 1644088]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-04-13 4770672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-27 61440]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-04-09 185640]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-03-19 1148200]
"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-17 2176512]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SystemProtect"="c:\program files (x86)\System Protect\SysProtect_Tray.exe" [2011-02-22 1223680]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-05-06 532320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
R3 sp_prot;System Protect Filter Driver;c:\windows\SysWOW64\drivers\sp_prot.sys [2011-02-22 13312]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R3 X6va005;X6va005;c:\users\Baguvix\AppData\Local\Temp\005ED0D.tmp [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-05-06 393112]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 SP_Service;System Protect Deletion Prevention Service;c:\program files (x86)\System Protect\SysProtect_srv.exe [2011-02-22 598528]
S3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC_64.sys [x]
S3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 18:59]
.
2011-05-21 c:\windows\Tasks\User_Feed_Synchronization-{817A4E78-C655-4E25-830D-119D66B46C9B}.job
- c:\windows\system32\msfeedssync.exe [2011-05-08 04:43]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [BU]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60049
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=93&bd=Pavilion&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\ctbr.dll
FF - ProfilePath - c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va005]
"ImagePath"="\??\c:\users\Baguvix\AppData\Local\Temp\005ED0D.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-681789511-3910678979-346427176-1000\Software\SecuROM\License information*]
"datasecu"=hex:59,e3,30,0f,71,69,53,03,af,e2,e0,2d,0d,bf,9c,a2,f0,7d,5e,2e,dd,
da,75,e6,b6,52,1e,d5,9f,e6,ce,d6,f9,14,e2,d3,31,d6,ff,5b,28,7b,8c,30,0a,0a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
@SACL=
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@SACL=
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-05-21 08:18:21
ComboFix-quarantined-files.txt 2011-05-21 06:18
ComboFix2.txt 2011-05-20 04:32
ComboFix3.txt 2011-05-19 19:52
.
Před spuštěním: Volných bajtů: 553 448 583 168
Po spuštění: Volných bajtů: 553 397 972 992
.
Current=1 Default=1 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - 6D41DFD5922D3E3C3953C206C4333AD2

Chlape, kam chodíte, že se vám ty šmejdy stále vrací?

Ještě jedno spuštění s tímto skriptem:

KillAll::

Folder::
c:\program files (x86)\Common Files\Spigot

Collect::
c:\users\Baguvix\AppData\Local\Temp\005ED0D.tmp

Driver::
X6va005

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-

ComboFix 11-05-18.04 - Baguvix 21.05.2011 23:17:38.4.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.4094.2370 [GMT 2:00]
Spuštěný z: c:\users\Baguvix\Desktop\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Baguvix\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\Common Files\Spigot
c:\program files (x86)\Common Files\Spigot\Search Settings\config.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
c:\program files (x86)\Common Files\Spigot\wtxpcom\chrome.manifest
c:\program files (x86)\Common Files\Spigot\wtxpcom\install.rdf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA005
-------\Service_X6va005
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-21 do 2011-05-21 )))))))))))))))))))))))))))))))
.
.
2011-05-21 21:29 . 2011-05-21 21:32 -------- d-----w- c:\users\Baguvix\AppData\Local\temp
2011-05-21 21:29 . 2011-05-21 21:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-21 10:26 . 2011-05-21 10:26 -------- d-----w- c:\program files (x86)\Piranha-Bytes
2011-05-21 10:26 . 2001-04-11 16:25 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-05-21 10:26 . 2001-04-11 16:21 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-05-21 10:26 . 2001-04-11 16:20 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-05-21 10:26 . 2001-04-11 16:25 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-05-20 17:18 . 2011-05-20 17:18 -------- d-----w- c:\program files (x86)\Application Updater
2011-05-20 17:18 . 2011-05-20 17:18 -------- d-----w- c:\program files (x86)\IObit Toolbar
2011-05-20 13:24 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F50FC8D3-F96B-4681-8F4E-0F9C9DAEAD6B}\mpengine.dll
2011-05-15 18:01 . 2011-05-15 18:01 -------- d-----w- c:\users\Baguvix\AppData\Roaming\Need for Speed World
2011-05-15 17:25 . 2011-05-15 17:25 -------- d-----w- c:\users\Baguvix\AppData\Local\Electronic_Arts_Inc
2011-05-14 18:56 . 2011-05-15 17:25 -------- d-----w- c:\programdata\Electronic Arts
2011-05-14 18:56 . 2011-05-14 18:56 -------- d-----w- c:\programdata\EA Core
2011-05-14 18:42 . 2011-05-15 17:25 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-05-14 18:42 . 2010-02-04 08:01 78680 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2011-05-14 18:42 . 2010-02-04 08:01 530776 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2011-05-14 18:42 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2011-05-14 18:42 . 2010-02-04 08:01 176984 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-05-14 18:27 . 2011-05-14 18:27 -------- d-----w- c:\programdata\Solidshield
2011-05-11 12:58 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-11 12:58 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-05-07 08:47 . 2011-05-07 08:47 -------- d-----w- c:\program files (x86)\URUSoft
2011-05-07 08:44 . 2010-10-19 04:56 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-05-07 08:44 . 2010-10-19 04:27 7680 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-05-07 08:31 . 2011-05-07 08:31 -------- d-----w- c:\windows\cs
2011-05-07 08:26 . 2011-05-07 08:26 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-05-07 08:20 . 2010-09-22 22:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-05-07 08:20 . 2011-05-07 08:31 -------- d-----w- c:\program files (x86)\Windows Live
2011-05-07 08:20 . 2011-05-07 08:20 -------- d-----w- c:\program files\Windows Live
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\Microsoft
2011-05-07 08:18 . 2011-05-07 08:18 -------- d-----w- c:\program files (x86)\MSN Toolbar
2011-05-07 08:18 . 2011-05-07 08:19 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2011-05-07 08:17 . 2011-05-13 20:53 -------- d-----w- c:\users\Baguvix\AppData\Local\Windows Live
2011-05-07 08:17 . 2011-05-07 08:17 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-05-07 08:16 . 2009-08-04 08:12 1103872 ----a-w- c:\windows\system32\webservices.dll
2011-05-07 08:16 . 2009-08-04 08:02 754688 ----a-w- c:\windows\SysWow64\webservices.dll
2011-05-03 20:26 . 2011-05-03 20:26 -------- d-----w- c:\programdata\IObit
2011-04-27 13:44 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 13:44 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 13:44 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll
2011-04-27 13:44 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll
2011-04-27 13:44 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-24 13:30 . 2011-05-03 22:33 -------- d-----w- c:\users\Baguvix\AppData\Local\GamePlayLabs Plugin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-10 12:10 . 2011-04-17 10:16 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-17 10:16 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-04-17 10:18 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-04-17 10:18 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2011-04-17 10:18 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-17 10:18 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-17 10:18 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-17 10:18 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-17 10:18 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-07 08:20 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-10 17:18 . 2011-04-15 12:40 1360384 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:18 . 2011-04-15 12:40 1398784 ----a-w- c:\windows\system32\mfc42.dll
2011-03-10 17:03 . 2011-04-15 12:40 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-10 17:03 . 2011-04-15 12:40 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-05 20:37 . 2010-07-20 20:45 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-05 20:37 . 2009-12-24 21:21 188704 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-03 16:02 . 2011-04-15 12:41 975872 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:59 . 2011-04-27 13:44 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:59 . 2011-04-27 13:44 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59 . 2011-04-27 13:44 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 15:42 . 2011-04-15 12:41 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-03 15:40 . 2011-04-27 13:44 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 13:44 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 13:44 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 13:44 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:46 . 2011-04-15 12:40 2762240 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 16:12 . 2011-04-15 12:39 117760 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-26 01:19 . 2011-02-26 01:19 27536 ----a-w- c:\windows\system32\xfcodec64.dll
2011-02-24 16:38 . 2011-04-15 12:42 991104 ----a-w- c:\windows\system32\winresume.efi
2011-02-24 16:38 . 2011-04-15 12:42 979840 ----a-w- c:\windows\system32\winresume.exe
2011-02-24 16:37 . 2011-04-15 12:42 1076608 ----a-w- c:\windows\system32\winload.efi
2011-02-24 16:37 . 2011-04-15 12:42 1063296 ----a-w- c:\windows\system32\winload.exe
2011-02-24 16:37 . 2011-04-15 12:42 20864 ----a-w- c:\windows\system32\kdusb.dll
2011-02-24 16:37 . 2011-04-15 12:42 18816 ----a-w- c:\windows\system32\kd1394.dll
2011-02-24 16:37 . 2011-04-15 12:42 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-02-22 19:41 . 2011-02-22 19:41 13312 ----a-w- c:\windows\SysWow64\drivers\sp_prot.sys
2011-02-22 14:47 . 2011-03-23 10:49 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 14:13 . 2011-03-23 10:49 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 13:53 . 2011-03-23 10:49 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:53 . 2011-03-23 10:49 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 13:33 . 2011-03-23 10:49 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-19_19.46.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 03:20 . 2011-05-21 21:31 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-01-21 03:20 . 2011-05-19 18:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-23 18:25 . 2011-05-21 21:31 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-23 18:25 . 2011-05-19 18:07 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-01-21 03:20 . 2011-05-19 18:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 03:20 . 2011-05-21 21:31 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-01-21 02:23 . 2011-05-21 10:35 74870 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-01-21 02:23 . 2011-05-19 16:27 74870 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-12-01 12:18 . 2011-05-21 21:33 19314 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-681789511-3910678979-346427176-1000_UserData.bin
- 2009-12-01 12:19 . 2011-05-19 12:39 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-01 12:19 . 2011-05-21 10:26 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-20 18:13 . 2011-05-21 10:26 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-20 18:13 . 2011-05-19 12:39 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-01 12:19 . 2011-05-19 12:39 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-01 12:19 . 2011-05-21 10:26 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-25 09:22 . 2011-05-21 13:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-25 09:22 . 2011-05-19 14:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-25 09:22 . 2011-05-19 14:26 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-25 09:22 . 2011-05-21 13:31 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-25 09:22 . 2011-05-19 14:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-25 09:22 . 2011-05-21 13:31 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-25 10:37 . 2011-05-19 16:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-25 10:37 . 2011-05-21 21:31 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-25 10:37 . 2011-05-21 21:31 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-25 10:37 . 2011-05-19 16:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-20 17:18 . 2011-05-20 17:18 53248 c:\windows\Installer\{784EE8DF-2273-4EBD-8372-7CE597613BCF}\ARPPRODUCTICON.exe
- 2011-05-19 16:25 . 2011-05-19 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-21 21:31 . 2011-05-21 21:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-21 21:31 . 2011-05-21 21:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-05-19 16:25 . 2011-05-19 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-21 10:37 . 2011-05-21 10:37 4096 c:\windows\d3dx.dat
+ 2006-11-02 15:45 . 2011-05-21 21:33 133804 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2011-05-07 16:29 . 2011-05-07 16:29 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-05-07 16:29 . 2011-05-21 10:26 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-06-29 15:27 . 2011-05-19 15:48 377052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-06-29 15:27 . 2011-05-21 21:29 377052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-07-02 04:30 . 2011-05-19 15:48 4423864 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-07-02 04:30 . 2011-05-21 21:29 4423864 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-06-29 15:27 . 2011-05-15 00:08 3808856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-681789511-3910678979-346427176-1000-8192.dat
+ 2010-06-29 15:27 . 2011-05-21 21:29 3808856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-681789511-3910678979-346427176-1000-8192.dat
+ 2011-05-20 17:18 . 2011-05-20 17:18 1021440 c:\windows\Installer\dc9197.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-04-04 1644088]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-04-13 4770672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-27 61440]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-04-09 1328424]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-04-09 185640]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-03-19 1148200]
"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-17 2176512]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SystemProtect"="c:\program files (x86)\System Protect\SysProtect_Tray.exe" [2011-02-22 1223680]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-02-02 23536]
R3 sp_prot;System Protect Filter Driver;c:\windows\SysWOW64\drivers\sp_prot.sys [2011-02-22 13312]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-05-06 393112]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]
S2 SP_Service;System Protect Deletion Prevention Service;c:\program files (x86)\System Protect\SysProtect_srv.exe [2011-02-22 598528]
S3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC_64.sys [x]
S3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 18:59]
.
2011-05-21 c:\windows\Tasks\User_Feed_Synchronization-{817A4E78-C655-4E25-830D-119D66B46C9B}.job
- c:\windows\system32\msfeedssync.exe [2011-05-08 04:43]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF640.cfxxe" [X]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2008-10-13 281600]
"SmartMenu"="c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [BU]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60049
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=93&bd=Pavilion&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\ctbr.dll
FF - ProfilePath - c:\users\Baguvix\AppData\Roaming\Mozilla\Firefox\Profiles\r3r6nvgl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-681789511-3910678979-346427176-1000\Software\SecuROM\License information*]
"datasecu"=hex:59,e3,30,0f,71,69,53,03,af,e2,e0,2d,0d,bf,9c,a2,f0,7d,5e,2e,dd,
da,75,e6,b6,52,1e,d5,9f,e6,ce,d6,f9,14,e2,d3,31,d6,ff,5b,28,7b,8c,30,0a,0a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
@SACL=
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@SACL=
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\xamp\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Spyware Terminator\sp_rsser.exe
.
**************************************************************************
.
Celkový čas: 2011-05-21 23:38:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-21 21:38
ComboFix2.txt 2011-05-21 06:18
ComboFix3.txt 2011-05-20 04:32
ComboFix4.txt 2011-05-19 19:52
.
Před spuštěním: Volných bajtů: 551 853 010 944
Po spuštění: Volných bajtů: 551 700 320 256
.
Current=1 Default=1 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - 81AAA15CBC13138FD9761A355DDE55D9

Log již vypadá čistý.

Dobře, tak děkuji za pomoc

Nemáte zač!