VIRY.CZ

Dobrý den, bohužel včera večer se mi podařilo stáhnout vir z FB, je to již tolik omílaný vir z chatu, který vás odkáže na youtube. Pokusil jsem se s tím poprat, a podařilo se mi projet počítač antivirem. Hodilo to spoustu souborů do karantény, ale určitě jsem ho neodstranil. Přikládám log z RSIT. Předem děkuji za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by svata at 2011-07-22 10:01:53
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 90 GB (61%) free of 148 GB
Total RAM: 3037 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:02:52, on 22.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\svata\Desktop\RSIT.exe
C:\Program Files\trend micro\svata.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5535
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [systemup] "C:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe (file missing)
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10552 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job

=========Mozilla firefox=========

ProfilePath - C:\Users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.1, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {4217f6d7-406e-4b66-856d-d1a373e4f41a}:2.6.42, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.19"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.7&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox 3.6 Beta 3\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox 3.6 Beta 3\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsILegitCheckPlugin.xpt
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox 3.6 Beta 3\plugins\
np-mswmp.dll
npdeployJava1.dll
npLegitCheckPlugin.dll
npnul32.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox 3.6 Beta 3\searchplugins\
google.xml
googledesktop.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\
DTToolbar@toolbarnet.com
{20a82645-c095-46ed-80e3-08825760534b}
{4217f6d7-406e-4b66-856d-d1a373e4f41a}
{800b5000-a755-47e1-992b-48a1c1357f07}
{b66bc4c3-6d25-4a10-8c59-01daa9063051}

C:\Users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-14 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-05-29 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-05-29 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-05-12 167936]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-25 30192]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-06-11 409600]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-05-31 10082920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"tray_ico"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"systemup"=C:\Windows\systemup.exe stand []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1489803.exe]
C:\Users\svata\AppData\Local\Temp\1489803.exe [2011-07-21 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\44132968-loader2.exe]
C:\Windows\Temp\44132968-loader2.exe [2011-07-21 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\5424370.exe]
C:\Windows\Temp\5424370.exe [2011-07-21 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\6388751.exe]
C:\Windows\Temp\6388751.exe [2011-07-21 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\8206470.exe]
C:\Windows\Temp\8206470.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\8274513.exe]
C:\Users\svata\AppData\Local\Temp\8274513.exe [2011-07-21 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9652116.exe]
C:\Users\svata\AppData\Local\Temp\9652116.exe [2011-07-21 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5]
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.5\ICQ.exe [2011-07-15 124216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\l1rezerv.exe]
C:\Windows\l1rezerv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-09-11 809480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-02-04 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysdriver32.exe]
C:\Windows\sysdriver32.exe rezerv []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysdriver32_.exe]
C:\Windows\sysdriver32_.exe rezerv []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2WCM_McciTrayApp]
C:\Program Files\TO2WCM\McciTrayApp.exe [2008-01-30 1473536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tray_ico0]
C:\Windows\update.tray-2-0\svchost.exe [2011-07-21 1178112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tray_ico1]
C:\Windows\update.tray-14-0\svchost.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe -hide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wxpdrv]
C:\Windows\services32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^svata^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orion.lnk]
C:\PROGRA~1\CONVES~1\Orion\MESSEN~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^svata^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-22 09:15:30 ----D---- C:\Windows\system32\xlive
2011-07-22 09:13:34 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-07-22 09:13:34 ----A---- C:\Windows\system32\PresentationHost.exe
2011-07-22 09:13:34 ----A---- C:\Windows\system32\mscoree.dll
2011-07-22 09:13:33 ----A---- C:\Windows\system32\netfxperf.dll
2011-07-22 09:13:32 ----A---- C:\Windows\system32\dfshim.dll
2011-07-22 02:40:25 ----D---- C:\Program Files\HD Tune
2011-07-22 02:14:47 ----A---- C:\Windows\system32\drivers\netio.sys
2011-07-22 02:10:19 ----D---- C:\Program Files\trend micro
2011-07-22 02:10:18 ----D---- C:\rsit
2011-07-22 01:30:51 ----D---- C:\ProgramData\ESET
2011-07-22 01:30:51 ----D---- C:\Program Files\ESET
2011-07-22 01:26:38 ----ASH---- C:\hiberfil.sys
2011-07-22 01:25:22 ----HD---- C:\Windows\update.tray-2-0-lnk
2011-07-22 01:25:22 ----HD---- C:\Windows\update.tray-2-0
2011-07-21 23:59:18 ----A---- C:\Windows\system32\GDIPFONTCACHEV1.DAT
2011-07-21 23:52:13 ----HD---- C:\Windows\update.tray-14-0-lnk
2011-07-21 23:52:13 ----HD---- C:\Windows\update.tray-14-0
2011-07-21 23:50:40 ----A---- C:\Windows\ntbtlog.txt
2011-07-21 23:25:50 ----SHD---- C:\Config.Msi
2011-07-21 22:37:11 ----D---- C:\Program Files\Microsoft Security Client
2011-07-21 22:29:05 ----D---- C:\6d87e2c4a0c56beee99a4eefe7e1
2011-07-21 22:27:07 ----A---- C:\Windows\ddh_iplist.txt
2011-07-21 22:26:18 ----D---- C:\Windows\ufa
2011-07-21 22:26:18 ----D---- C:\Windows\rpcminer
2011-07-21 22:26:18 ----D---- C:\Windows\phoenix
2011-07-21 22:25:53 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-21 22:25:40 ----A---- C:\Windows\unrar.exe
2011-07-21 22:25:31 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-21 22:25:26 ----HD---- C:\Windows\update.2
2011-07-21 22:24:54 ----HD---- C:\Windows\update.5.0
2011-07-21 22:24:26 ----A---- C:\Windows\iplist.txt
2011-07-21 22:24:04 ----A---- C:\Windows\front_ip_list.txt
2011-07-21 22:20:06 ----D---- C:\Windows\av_ico
2011-07-21 22:18:03 ----HD---- C:\Windows\update.1
2011-07-21 22:17:50 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-07-21 22:17:50 ----HD---- C:\Windows\update.tray-7-0
2011-07-21 22:17:50 ----HD---- C:\Windows\update.tray-15-0-lnk
2011-07-21 22:17:50 ----HD---- C:\Windows\update.tray-15-0
2011-07-21 22:06:29 ----A---- C:\Windows\winlog-ids.txt
2011-07-21 22:06:29 ----A---- C:\Windows\winlog-dirs.txt
2011-07-20 11:48:03 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-07-17 00:10:46 ----A---- C:\Windows\iun6002.exe
2011-07-17 00:04:49 ----D---- C:\Program Files\Secure Folder
2011-07-15 23:54:19 ----D---- C:\Users\svata\AppData\Roaming\COWON
2011-07-15 23:52:02 ----D---- C:\Program Files\Common Files\COWON
2011-07-15 23:52:01 ----D---- C:\Program Files\JetAudio
2011-07-15 14:29:21 ----D---- C:\Program Files\ICQ7.5
2011-07-15 14:28:12 ----D---- C:\Program Files\Apple Software Update
2011-07-13 09:03:08 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-13 09:03:08 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-13 09:03:05 ----A---- C:\Windows\system32\win32k.sys
2011-07-13 09:03:02 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 09:02:56 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 09:02:56 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-01 09:42:53 ----A---- C:\Windows\system32\schannel.dll

======List of files/folders modified in the last 1 month======

2011-07-22 10:02:52 ----D---- C:\Windows\Temp
2011-07-22 09:51:41 ----RSD---- C:\Windows\Fonts
2011-07-22 09:49:38 ----SHD---- C:\Windows\Installer
2011-07-22 09:49:35 ----RSD---- C:\Windows\assembly
2011-07-22 09:49:11 ----D---- C:\Program Files\Microsoft Office
2011-07-22 09:47:55 ----D---- C:\Windows\winsxs
2011-07-22 09:47:44 ----D---- C:\Windows\system32\catroot
2011-07-22 09:46:16 ----SHD---- C:\System Volume Information
2011-07-22 09:43:37 ----D---- C:\Windows\System32
2011-07-22 09:43:36 ----D---- C:\Windows\inf
2011-07-22 09:43:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-22 09:31:21 ----D---- C:\Windows
2011-07-22 09:30:58 ----D---- C:\Windows\rescache
2011-07-22 09:15:35 ----D---- C:\Windows\Logs
2011-07-22 09:15:29 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-07-22 08:48:18 ----D---- C:\Windows\system32\config
2011-07-22 08:48:10 ----D---- C:\Windows\Tasks
2011-07-22 08:48:10 ----D---- C:\Windows\system32\spool
2011-07-22 08:48:10 ----D---- C:\Windows\system32\Msdtc
2011-07-22 08:48:08 ----D---- C:\Windows\system32\wbem
2011-07-22 08:48:08 ----D---- C:\Windows\registration
2011-07-22 08:45:09 ----D---- C:\Windows\system32\LogFiles
2011-07-22 02:43:20 ----D---- C:\Windows\system32\drivers
2011-07-22 02:40:25 ----RD---- C:\Program Files
2011-07-22 02:15:03 ----D---- C:\Windows\system32\catroot2
2011-07-22 01:54:06 ----D---- C:\Windows\system32\drivers\etc
2011-07-22 01:30:51 ----HD---- C:\ProgramData
2011-07-21 23:41:57 ----D---- C:\Windows\Microsoft.NET
2011-07-21 23:31:27 ----D---- C:\Windows\system32\cs-CZ
2011-07-21 23:28:40 ----D---- C:\Windows\system32\Tasks
2011-07-21 23:13:04 ----D---- C:\Program Files\MyFree Codec
2011-07-21 22:37:27 ----SD---- C:\ProgramData\Microsoft
2011-07-21 22:27:57 ----SD---- C:\Users\svata\AppData\Roaming\Microsoft
2011-07-21 22:22:21 ----HD---- C:\Windows\system32\GroupPolicy
2011-07-21 22:16:21 ----D---- C:\Users\svata\AppData\Roaming\ICQ
2011-07-19 09:45:16 ----D---- C:\Windows\Minidump
2011-07-17 00:13:16 ----D---- C:\Program Files\Google
2011-07-16 21:28:35 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-16 21:28:32 ----D---- C:\Program Files\Cyberlink
2011-07-16 21:21:35 ----D---- C:\Users\svata\AppData\Roaming\Samsung
2011-07-16 21:21:35 ----D---- C:\ProgramData\Samsung
2011-07-16 00:20:28 ----D---- C:\Users\svata\AppData\Roaming\vlc
2011-07-15 23:52:02 ----D---- C:\Program Files\Common Files
2011-07-14 09:02:43 ----A---- C:\Windows\system32\mrt.exe
2011-07-14 09:02:34 ----D---- C:\ProgramData\Microsoft Help
2011-07-11 09:57:35 ----D---- C:\Program Files\Mozilla Firefox 3.6 Beta 3
2011-07-04 13:43:51 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-05-27 173576]
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]
R0 nhcDriverDevice;Notebook Hardware Control Driver; C:\Windows\system32\drivers\nhcDriver.sys [2011-05-21 71680]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-24 691696]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-31 13824]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl7f4d9802;MpKsl7f4d9802; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{57AB7CF5-B03B-4396-9DC2-B240521F8CE1}\MpKsl7f4d9802.sys [2011-07-22 28752]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 137144]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-08-15 921600]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-25 3844608]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-05-31 3511080]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-03-12 61440]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S1 MpKsl0b179a1e;MpKsl0b179a1e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{57AB7CF5-B03B-4396-9DC2-B240521F8CE1}\MpKsl0b179a1e.sys []
S3 anjmnahq;anjmnahq; C:\Windows\system32\drivers\anjmnahq.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 100224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-25 692224]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-06-24 107832]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe srv []
S2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe srv []
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-25 30192]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Zdravim a pekny den preji

Udelame poradek v tech antivirech, at tam mate jen jeden - nechte MSE, ostatni odinstalujte - vice antiviru zpusobuje nestabilitu

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  motji píše: Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

Aplikujte exeHelper by Raktor

• Linky ke stazeni
  • COM soubor http://vyosek.ic.cz/BE/exeHelper.com
  • SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
• Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt

Aplikujte RogueKiller

stell píše: pouzijes RogueKiller>.spustis>>stlac 2> [enter] log vloz sem
http://www.viry.cz/forum/viewtopic.php? ... 05#p981205

Jeste znovu RogueKiller ale nyni s moznosti 3 a pote jeste jednou s moznosti 4

RKill, eXeHelper i RogueKiller by mely udelat logy, vlozte mi je sem

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 22.07.2011 at 10:29:18.
Operating System: Windows Vista (TM) Home Premium


Processes terminated by Rkill or while it was running:

C:\Users\svata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\svata\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\svata\AppData\Local\Google\Chrome\Application\chrome.exe


Rkill completed on 22.07.2011 at 10:29:26.


exeHelper by Raktor
Build 20100414
Run at 10:30:02 on 07/22/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: svata [Admin rights]
Mode: Remove -- Date : 07/22/2011 10:30:42

Bad processes: 1
[SUSP PATH] exeHelper.scr -- c:\users\svata\desktop\exehelper.scr -> KILLED

Registry Entries: 10
[SUSP PATH] HKLM\[...]\Run : systemup ("C:\Windows\systemup.exe" stand) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[FILE ASSO] HKLM\[...]Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command : (C:\Program Files\Mozilla Firefox 3.6 Beta 3\firefox.exe) -> REPLACED : ("")

HOSTS File:


Finished : << RKreport[1].txt >>
RKreport[1].txt


RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: svata [Admin rights]
Mode: HOSTSFix -- Date : 07/22/2011 10:31:10

Bad processes: 0

HOSTS File:


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: svata [Admin rights]
Mode: ProxyFix -- Date : 07/22/2011 10:31:18

Bad processes: 0

Registry Entries: 0

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

vyborne Pujdem dale

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-07-21.04 - svata 22.07.2011 10:44:40.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3037.2009 [GMT 2:00]
Spuštěný z: c:\users\svata\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\svata\AppData\Roaming\.#
c:\users\svata\AppData\Roaming\.#\MBX@D68@1B42990.###
c:\users\svata\AppData\Roaming\.#\MBX@D68@1B429C0.###
c:\users\svata\AppData\Roaming\.#\MBX@D68@1B429F0.###
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\proc_list1.log
c:\windows\rpcminer.rar
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\system32\muzapp.exe
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_srviecheck
-------\Service_srvsysdriver32
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-22 do 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 07:15 . 2011-07-22 07:15 -------- d-----w- c:\windows\system32\xlive
2011-07-22 07:13 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-07-22 07:13 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-07-22 07:13 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-07-22 07:13 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-07-22 07:13 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-07-22 00:40 . 2011-07-22 00:40 -------- d-----w- c:\program files\HD Tune
2011-07-22 00:28 . 2011-07-22 00:28 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75F8F589-E634-41F4-AB9D-4F7A09193BE4}\gapaengine.dll
2011-07-22 00:28 . 2011-07-12 18:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{57AB7CF5-B03B-4396-9DC2-B240521F8CE1}\mpengine.dll
2011-07-22 00:14 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-07-22 00:10 . 2011-07-22 08:01 -------- d-----w- c:\program files\trend micro
2011-07-22 00:10 . 2011-07-22 00:10 -------- d-----w- C:\rsit
2011-07-21 23:25 . 2011-07-22 08:14 -------- d--h--w- c:\windows\update.tray-2-0
2011-07-21 23:25 . 2011-07-22 07:12 -------- d--h--w- c:\windows\update.tray-2-0-lnk
2011-07-21 21:52 . 2011-07-22 00:24 -------- d--h--w- c:\windows\update.tray-14-0-lnk
2011-07-21 21:52 . 2011-07-22 00:24 -------- d--h--w- c:\windows\update.tray-14-0
2011-07-21 20:37 . 2011-07-22 00:17 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-21 20:29 . 2011-07-21 20:29 -------- d-----w- C:\6d87e2c4a0c56beee99a4eefe7e1
2011-07-21 20:26 . 2011-07-21 20:26 -------- d-----w- c:\windows\ufa
2011-07-21 20:26 . 2011-07-21 20:26 -------- d-----w- c:\windows\rpcminer
2011-07-21 20:26 . 2011-07-21 20:26 -------- d-----w- c:\windows\phoenix
2011-07-21 20:25 . 2011-07-21 20:26 246272 ----a-w- c:\windows\unrar.exe
2011-07-21 20:20 . 2011-07-21 23:27 -------- d-----w- c:\windows\av_ico
2011-07-21 20:17 . 2011-07-22 06:48 -------- d--h--w- c:\windows\update.tray-7-0
2011-07-21 20:17 . 2011-07-22 06:48 -------- d--h--w- c:\windows\update.tray-15-0
2011-07-21 20:17 . 2011-07-22 00:15 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-07-21 20:17 . 2011-07-22 00:15 -------- d--h--w- c:\windows\update.tray-15-0-lnk
2011-07-20 09:48 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-16 22:10 . 2011-07-16 22:10 737280 ----a-w- c:\windows\iun6002.exe
2011-07-16 22:04 . 2011-07-16 22:04 -------- d-----w- c:\program files\Secure Folder
2011-07-15 21:54 . 2011-07-15 21:54 -------- d-----w- c:\users\svata\AppData\Roaming\COWON
2011-07-15 21:52 . 2011-07-15 21:52 -------- d-----w- c:\program files\Common Files\COWON
2011-07-15 21:52 . 2011-07-15 21:52 -------- d-----w- c:\program files\JetAudio
2011-07-15 12:29 . 2011-07-15 12:31 -------- d-----w- c:\program files\ICQ7.5
2011-07-15 12:28 . 2011-07-15 12:28 -------- d-----w- c:\program files\Apple Software Update
2011-07-13 07:03 . 2011-04-21 13:55 508416 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-07-13 07:03 . 2009-06-17 13:23 30208 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-07-13 07:03 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 07:02 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 07:02 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-01 07:42 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-04 11:43 . 2011-05-20 15:08 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-05-20 15:08 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-05-20 15:10 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-05-20 15:10 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2011-05-20 15:10 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-05-20 15:10 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2011-05-20 15:10 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-17 04:34 . 2011-06-17 04:34 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-17 04:34 . 2011-06-17 04:34 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-17 04:34 . 2011-06-17 04:34 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-17 04:34 . 2011-06-17 04:34 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-17 04:34 . 2011-06-17 04:34 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-17 04:34 . 2011-06-17 04:34 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-17 04:34 . 2011-06-17 04:34 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-17 04:34 . 2011-06-17 04:34 367104 ----a-w- c:\windows\system32\html.iec
2011-06-17 04:34 . 2011-06-17 04:34 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-17 04:34 . 2011-06-17 04:34 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-17 04:34 . 2011-06-17 04:34 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-17 04:34 . 2011-06-17 04:34 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-17 04:34 . 2011-06-17 04:34 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-17 04:34 . 2011-06-17 04:34 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-17 04:34 . 2011-06-17 04:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-17 04:34 . 2011-06-17 04:34 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-17 04:34 . 2011-06-17 04:34 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-17 04:34 . 2011-06-17 04:34 101888 ----a-w- c:\windows\system32\admparse.dll
2011-06-17 04:34 . 2011-06-17 04:34 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-17 04:34 . 2011-06-17 04:34 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-17 04:34 . 2011-06-17 04:34 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-16 11:03 . 2009-02-01 18:30 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-06-07 15:55 . 2011-07-19 18:22 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{755157DA-4123-45BE-B58D-60423142EBBD}\mpengine.dll
2011-05-31 16:45 . 2011-06-16 11:03 1404928 ----a-w- c:\windows\system32\RCoRes.dat
2011-05-31 15:21 . 2011-06-16 11:03 3511080 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2011-05-31 14:38 . 2011-06-16 11:03 75368 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-05-31 08:09 . 2011-06-16 11:03 4158568 ----a-w- c:\windows\system32\RtkAPO.dll
2011-05-31 07:42 . 2011-06-16 11:02 601704 ----a-w- c:\windows\system32\DTSVoiceClarityDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 631400 ----a-w- c:\windows\system32\DTSSymmetryDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 1509480 ----a-w- c:\windows\system32\DTSS2SpeakerDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 458344 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 375400 ----a-w- c:\windows\system32\DTSLimiterDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 218216 ----a-w- c:\windows\system32\DTSLFXAPO.dll
2011-05-31 07:42 . 2011-06-16 11:02 1292904 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 389736 ----a-w- c:\windows\system32\DTSGainCompensatorDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 218728 ----a-w- c:\windows\system32\DTSGFXAPONS.dll
2011-05-31 07:42 . 2011-06-16 11:02 218728 ----a-w- c:\windows\system32\DTSGFXAPO.dll
2011-05-31 07:42 . 2011-06-16 11:02 654952 ----a-w- c:\windows\system32\DTSBassEnhancementDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 1220200 ----a-w- c:\windows\system32\DTSBoostDLL.dll
2011-05-27 15:58 . 2009-02-01 18:30 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-05-24 13:01 . 2011-06-16 11:03 1493608 ----a-w- c:\windows\system32\RTSndMgr.cpl
2011-05-21 20:47 . 2011-05-21 20:47 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-05-20 08:44 . 2011-06-16 11:03 2170472 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-05-05 13:24 . 2011-06-16 11:02 1740352 ----a-w- c:\windows\system32\FMAPO.dll
2011-05-05 12:14 . 2011-06-16 11:03 214368 ----a-w- c:\windows\system32\SFNHK.dll
2011-05-05 12:14 . 2011-06-16 11:03 68960 ----a-w- c:\windows\system32\SFAPO.dll
2011-05-05 12:14 . 2011-06-16 11:03 74080 ----a-w- c:\windows\system32\SFCOM.dll
2011-05-04 02:52 . 2010-05-29 10:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-02 17:16 . 2011-06-16 17:29 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-02 12:27 . 2011-06-16 11:03 88408 ----a-w- c:\windows\system32\R4EEA32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 61272 ----a-w- c:\windows\system32\R4EEG32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 345944 ----a-w- c:\windows\system32\R4EED32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 3296600 ----a-w- c:\windows\system32\R4EEP32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 103256 ----a-w- c:\windows\system32\R4EEL32A.dll
2011-04-29 13:25 . 2011-06-16 17:29 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25 . 2011-06-16 17:29 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24 . 2011-06-16 17:29 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24 . 2011-06-16 17:29 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24 . 2011-06-16 17:29 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-27 12:20 . 2011-05-07 17:31 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-04-27 12:19 . 2011-04-27 12:19 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-04-27 12:19 . 2011-04-27 12:19 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-04-27 12:19 . 2011-04-27 12:19 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-04-27 12:19 . 2011-04-27 12:19 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-04-27 12:19 . 2011-04-27 12:19 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-04-27 12:19 . 2011-04-27 12:19 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-04-27 12:19 . 2011-04-27 12:19 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-04-27 12:19 . 2011-04-27 12:19 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-04-27 12:19 . 2011-04-27 12:19 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-04-27 12:19 . 2011-04-27 12:19 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-04-27 12:19 . 2011-04-27 12:19 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-04-27 12:19 . 2011-04-27 12:19 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-04-27 12:19 . 2011-04-27 12:19 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-04-27 12:19 . 2011-04-27 12:19 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-04-27 12:19 . 2011-04-27 12:19 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-04-27 12:19 . 2011-04-27 12:19 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-04-27 12:19 . 2011-04-27 12:19 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-04-27 12:19 . 2011-04-27 12:19 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-04-27 12:19 . 2011-04-27 12:19 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-04-27 12:19 . 2011-04-27 12:19 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-04-27 12:19 . 2011-04-27 12:19 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-04-27 12:19 . 2011-04-27 12:19 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2009-11-20 10:21 . 2009-11-20 10:21 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-29 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-29 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-25 30192]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 409600]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-05-31 10082920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^svata^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orion.lnk]
path=c:\users\svata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
backup=c:\windows\pss\Orion.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^svata^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\svata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-07-15 12:29 124216 ----a-w- c:\program files\ICQ7.5\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 04:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-09-10 22:02 809480 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2010-11-30 11:20 997408 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-02-04 11:27 23975720 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- c:\program files\TO2SSM\McciTrayApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2WCM_McciTrayApp]
2008-01-30 13:11 1473536 ----a-w- c:\program files\TO2WCM\McciTrayApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R1 MpKsl0b179a1e;MpKsl0b179a1e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{57AB7CF5-B03B-4396-9DC2-B240521F8CE1}\MpKsl0b179a1e.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-25 30192]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 100224]
R4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-24 691696]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0209&m=aspire_5535
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: FoxGame: {b66bc4c3-6d25-4a10-8c59-01daa9063051} - %profile%\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051}
FF - Ext: StOgame: {4217f6d7-406e-4b66-856d-d1a373e4f41a} - %profile%\extensions\{4217f6d7-406e-4b66-856d-d1a373e4f41a}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico2 - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
MSConfigStartUp-1489803 - c:\users\svata\AppData\Local\Temp\1489803.exe
MSConfigStartUp-44132968-loader2 - c:\windows\Temp\44132968-loader2.exe
MSConfigStartUp-5424370 - c:\windows\Temp\5424370.exe
MSConfigStartUp-6388751 - c:\windows\Temp\6388751.exe
MSConfigStartUp-8206470 - c:\windows\Temp\8206470.exe
MSConfigStartUp-8274513 - c:\users\svata\AppData\Local\Temp\8274513.exe
MSConfigStartUp-9652116 - c:\users\svata\AppData\Local\Temp\9652116.exe
MSConfigStartUp-avast5 - c:\progra~1\ALWILS~1\Avast5\avastUI.exe
MSConfigStartUp-l1rezerv - c:\windows\l1rezerv.exe
MSConfigStartUp-RocketDock - c:\program files\RocketDock\RocketDock.exe
MSConfigStartUp-sysdriver32 - c:\windows\sysdriver32.exe
MSConfigStartUp-sysdriver32_ - c:\windows\sysdriver32_.exe
MSConfigStartUp-tray_ico0 - c:\windows\update.tray-2-0\svchost.exe
MSConfigStartUp-tray_ico1 - c:\windows\update.tray-14-0\svchost.exe
MSConfigStartUp-Windows Defender - c:\program files\Windows Defender\MSASCui.exe
MSConfigStartUp-wxpdrv - c:\windows\services32.exe
AddRemove-Governor of Poker 2 PE 1.0 - d:\hry\Governor of Poker 2 PE\Uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-22 10:55
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(228)
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-07-22 11:00:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-22 09:00
.
Před spuštěním: Volných bajtů: 94 555 734 016
Po spuštění: Volných bajtů: 94 265 163 776
.
- - End Of File - - AE0C268BC49193EC6AE98569D988593D

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\windows\update.tray-2-0
  c:\windows\update.tray-2-0-lnk
  c:\windows\update.tray-2-0-lnk
  c:\windows\update.tray-14-0-lnk
  c:\windows\update.tray-14-0
  c:\windows\ufa
  c:\windows\rpcminer
  c:\windows\phoenix
  c:\windows\av_ico
  c:\windows\update.tray-7-0
  c:\windows\update.tray-15-0
  c:\windows\update.tray-7-0-lnk
  c:\windows\update.tray-15-0-lnk
  C:\Program Files\DAEMON Tools Toolbar
  
  Collect::
  c:\windows\unrar.exe
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "WMPNSCFG"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SunJavaUpdateSched"=-
  "Adobe ARM"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "FirewallOverride"=dword:00000000
  "DisableThumbnailCache"=dword:00000000
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
  "DisableMonitoring"=dword:00000000
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
  
  Driver::
  MpKsl0b179a1e
  srviecheck
  srvsysdriver32
  BBSvc
  
  DDS::
  uStart Page = hxxp://start.icq.com/
  uDefault_Search_URL = hxxp://www.google.com/ie
  mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5535
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  
  Firefox::
  FF - ProfilePath - c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\
  FF - prefs.js: browser.search.selectedEngine - ICQ Search
  FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
  FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  
  RegLock::
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 11-07-21.04 - svata 22.07.2011 12:53:37.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3037.1839 [GMT 2:00]
Spuštěný z: c:\users\svata\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\svata\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
file zipped: c:\windows\unrar.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\download.ico
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\faq.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\home.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\manual.ico
c:\program files\DAEMON Tools Toolbar\Resources\map.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\soft24.ico
c:\program files\DAEMON Tools Toolbar\Resources\soft24_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_defender_start.ico
c:\windows\av_ico\ico_Essentials_start.ico
c:\windows\av_ico\ico_NOD_AV_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-14-0-lnk
c:\windows\update.tray-14-0
c:\windows\update.tray-15-0-lnk
c:\windows\update.tray-15-0
c:\windows\update.tray-15-0\svchost.exe
c:\windows\update.tray-2-0-lnk
c:\windows\update.tray-2-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0
c:\windows\update.tray-7-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL0B179A1E
-------\Service_BBSvc
-------\Service_MpKsl0b179a1e
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-22 do 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 11:00 . 2011-07-22 11:02 -------- d-----w- c:\users\svata\AppData\Local\temp
2011-07-22 11:00 . 2011-07-22 11:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-22 10:14 . 2011-07-22 10:14 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7AAD0E22-C77E-4E0F-A3BA-3732172DB346}\MpKsl7161eed0.sys
2011-07-22 10:14 . 2011-07-12 18:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7AAD0E22-C77E-4E0F-A3BA-3732172DB346}\mpengine.dll
2011-07-22 07:15 . 2011-07-22 07:15 -------- d-----w- c:\windows\system32\xlive
2011-07-22 07:13 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-07-22 07:13 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-07-22 07:13 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-07-22 07:13 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-07-22 07:13 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-07-22 00:40 . 2011-07-22 00:40 -------- d-----w- c:\program files\HD Tune
2011-07-22 00:28 . 2011-07-22 00:28 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{75F8F589-E634-41F4-AB9D-4F7A09193BE4}\gapaengine.dll
2011-07-22 00:14 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-07-22 00:10 . 2011-07-22 08:01 -------- d-----w- c:\program files\trend micro
2011-07-22 00:10 . 2011-07-22 00:10 -------- d-----w- C:\rsit
2011-07-21 20:37 . 2011-07-22 00:17 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-21 20:29 . 2011-07-21 20:29 -------- d-----w- C:\6d87e2c4a0c56beee99a4eefe7e1
2011-07-20 09:48 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-16 22:10 . 2011-07-16 22:10 737280 ----a-w- c:\windows\iun6002.exe
2011-07-16 22:04 . 2011-07-16 22:04 -------- d-----w- c:\program files\Secure Folder
2011-07-15 21:54 . 2011-07-15 21:54 -------- d-----w- c:\users\svata\AppData\Roaming\COWON
2011-07-15 21:52 . 2011-07-15 21:52 -------- d-----w- c:\program files\Common Files\COWON
2011-07-15 21:52 . 2011-07-15 21:52 -------- d-----w- c:\program files\JetAudio
2011-07-15 12:29 . 2011-07-15 12:31 -------- d-----w- c:\program files\ICQ7.5
2011-07-15 12:28 . 2011-07-15 12:28 -------- d-----w- c:\program files\Apple Software Update
2011-07-13 07:03 . 2011-04-21 13:55 508416 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-07-13 07:03 . 2009-06-17 13:23 30208 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-07-13 07:03 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 07:02 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 07:02 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-01 07:42 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-04 11:43 . 2011-05-20 15:08 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-05-20 15:08 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-05-20 15:10 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-05-20 15:10 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2011-05-20 15:10 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-05-20 15:10 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2011-05-20 15:10 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-17 04:34 . 2011-06-17 04:34 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-17 04:34 . 2011-06-17 04:34 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-17 04:34 . 2011-06-17 04:34 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-17 04:34 . 2011-06-17 04:34 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-17 04:34 . 2011-06-17 04:34 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-17 04:34 . 2011-06-17 04:34 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-17 04:34 . 2011-06-17 04:34 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-17 04:34 . 2011-06-17 04:34 367104 ----a-w- c:\windows\system32\html.iec
2011-06-17 04:34 . 2011-06-17 04:34 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-17 04:34 . 2011-06-17 04:34 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-17 04:34 . 2011-06-17 04:34 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-17 04:34 . 2011-06-17 04:34 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-17 04:34 . 2011-06-17 04:34 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-17 04:34 . 2011-06-17 04:34 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-17 04:34 . 2011-06-17 04:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-17 04:34 . 2011-06-17 04:34 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-17 04:34 . 2011-06-17 04:34 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-17 04:34 . 2011-06-17 04:34 101888 ----a-w- c:\windows\system32\admparse.dll
2011-06-17 04:34 . 2011-06-17 04:34 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-17 04:34 . 2011-06-17 04:34 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-17 04:34 . 2011-06-17 04:34 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-16 11:03 . 2009-02-01 18:30 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-06-07 15:55 . 2011-07-19 18:22 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{755157DA-4123-45BE-B58D-60423142EBBD}\mpengine.dll
2011-05-31 16:45 . 2011-06-16 11:03 1404928 ----a-w- c:\windows\system32\RCoRes.dat
2011-05-31 15:21 . 2011-06-16 11:03 3511080 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2011-05-31 14:38 . 2011-06-16 11:03 75368 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-05-31 08:09 . 2011-06-16 11:03 4158568 ----a-w- c:\windows\system32\RtkAPO.dll
2011-05-31 07:42 . 2011-06-16 11:02 601704 ----a-w- c:\windows\system32\DTSVoiceClarityDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 631400 ----a-w- c:\windows\system32\DTSSymmetryDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 1509480 ----a-w- c:\windows\system32\DTSS2SpeakerDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 458344 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 375400 ----a-w- c:\windows\system32\DTSLimiterDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 218216 ----a-w- c:\windows\system32\DTSLFXAPO.dll
2011-05-31 07:42 . 2011-06-16 11:02 1292904 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 389736 ----a-w- c:\windows\system32\DTSGainCompensatorDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 218728 ----a-w- c:\windows\system32\DTSGFXAPONS.dll
2011-05-31 07:42 . 2011-06-16 11:02 218728 ----a-w- c:\windows\system32\DTSGFXAPO.dll
2011-05-31 07:42 . 2011-06-16 11:02 654952 ----a-w- c:\windows\system32\DTSBassEnhancementDLL.dll
2011-05-31 07:42 . 2011-06-16 11:02 1220200 ----a-w- c:\windows\system32\DTSBoostDLL.dll
2011-05-27 15:58 . 2009-02-01 18:30 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-05-24 13:01 . 2011-06-16 11:03 1493608 ----a-w- c:\windows\system32\RTSndMgr.cpl
2011-05-21 20:47 . 2011-05-21 20:47 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-05-20 08:44 . 2011-06-16 11:03 2170472 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-05-05 13:24 . 2011-06-16 11:02 1740352 ----a-w- c:\windows\system32\FMAPO.dll
2011-05-05 12:14 . 2011-06-16 11:03 214368 ----a-w- c:\windows\system32\SFNHK.dll
2011-05-05 12:14 . 2011-06-16 11:03 68960 ----a-w- c:\windows\system32\SFAPO.dll
2011-05-05 12:14 . 2011-06-16 11:03 74080 ----a-w- c:\windows\system32\SFCOM.dll
2011-05-04 02:52 . 2010-05-29 10:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-02 17:16 . 2011-06-16 17:29 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-02 12:27 . 2011-06-16 11:03 88408 ----a-w- c:\windows\system32\R4EEA32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 61272 ----a-w- c:\windows\system32\R4EEG32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 345944 ----a-w- c:\windows\system32\R4EED32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 3296600 ----a-w- c:\windows\system32\R4EEP32A.dll
2011-05-02 12:27 . 2011-06-16 11:03 103256 ----a-w- c:\windows\system32\R4EEL32A.dll
2011-04-29 13:25 . 2011-06-16 17:29 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25 . 2011-06-16 17:29 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24 . 2011-06-16 17:29 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24 . 2011-06-16 17:29 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24 . 2011-06-16 17:29 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-27 12:20 . 2011-05-07 17:31 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-04-27 12:19 . 2011-04-27 12:19 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-04-27 12:19 . 2011-04-27 12:19 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-04-27 12:19 . 2011-04-27 12:19 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-04-27 12:19 . 2011-04-27 12:19 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-04-27 12:19 . 2011-04-27 12:19 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-04-27 12:19 . 2011-04-27 12:19 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-04-27 12:19 . 2011-04-27 12:19 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-04-27 12:19 . 2011-04-27 12:19 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-04-27 12:19 . 2011-04-27 12:19 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-04-27 12:19 . 2011-04-27 12:19 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-04-27 12:19 . 2011-04-27 12:19 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-04-27 12:19 . 2011-04-27 12:19 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-04-27 12:19 . 2011-04-27 12:19 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-04-27 12:19 . 2011-04-27 12:19 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-04-27 12:19 . 2011-04-27 12:19 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-04-27 12:19 . 2011-04-27 12:19 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-04-27 12:19 . 2011-04-27 12:19 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-04-27 12:19 . 2011-04-27 12:19 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-04-27 12:19 . 2011-04-27 12:19 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-04-27 12:19 . 2011-04-27 12:19 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-04-27 12:19 . 2011-04-27 12:19 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-04-27 12:19 . 2011-04-27 12:19 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2009-11-20 10:21 . 2009-11-20 10:21 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-29 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-29 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-25 30192]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 409600]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-05-31 10082920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^svata^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orion.lnk]
path=c:\users\svata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
backup=c:\windows\pss\Orion.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^svata^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\svata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-09-10 22:02 809480 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2010-11-30 11:20 997408 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- c:\program files\TO2SSM\McciTrayApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2WCM_McciTrayApp]
2008-01-30 13:11 1473536 ----a-w- c:\program files\TO2WCM\McciTrayApp.exe
.
R3 CFcatchme;CFcatchme;c:\users\svata\AppData\Local\Temp\CFcatchme.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-25 30192]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 100224]
R4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-24 691696]
S1 MpKsl7161eed0;MpKsl7161eed0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7AAD0E22-C77E-4E0F-A3BA-3732172DB346}\MpKsl7161eed0.sys [2011-07-22 28752]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\svata\AppData\Roaming\Mozilla\Firefox\Profiles\2pa9s043.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 3.6 Beta 3\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: FoxGame: {b66bc4c3-6d25-4a10-8c59-01daa9063051} - %profile%\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051}
FF - Ext: StOgame: {4217f6d7-406e-4b66-856d-d1a373e4f41a} - %profile%\extensions\{4217f6d7-406e-4b66-856d-d1a373e4f41a}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-22 13:02
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(560)
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\conime.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-07-22 13:09:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-22 11:09
ComboFix2.txt 2011-07-22 09:00
.
Před spuštěním: Volných bajtů: 94 180 036 608
Po spuštění: Volných bajtů: 93 997 346 816
.
- - End Of File - - 6E480D14EAFEA754E16FA813878CFB51
Nahr nˇ probŘhlo ŁspŘçnŘ

Jak se chova PC

Zatím v pořádku. Děkuji mnohokrát za pomoc, a kdyby se něco ještě přihodilo, opět se zde obrátím. Znova mockrát děkuji, ani nevíte jak jste mi pomohly. Opravdu, klobouk dolů . Děkuji a příjemný zbytek dne.

Jeste mi neutikejte, uklidime po tech smrdutych mazadlech co tam zustaly

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /UninstallA
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Dobrá, provedeno, přečištěno, pro jistotu projeto antivirem a vše v pohodě. Pc se chová tak jak má a nedělá problémy. Díka a doufám, že toto už nebudu muset řešit. S pozdravem M

Antivir by jiz nemel nic najit, pokud ano, tak napiste...

Jinak nemate zac, rado se stalo