VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vick at 2011-08-31 21:10:55
Microsoft Windows 7 Professional
System drive C: has 73 GB (62%) free of 119 GB
Total RAM: 4014 MB (67% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\update.7.1\svchostdriver.exe srv
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {7A71A6E1-A92D-461E-9CEB-198130A0B814}
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\systemup.exe" stand
"C:\Windows\l1rezerv.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\update.7.1\svchostdriver.exe" stand
taskhost.exe C:\Windows\system32\defrag.exe -c
"C:\Users\Vick\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4064619925-1116126423-1769207058-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4064619925-1116126423-1769207058-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll [2011-01-06 1057712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16 346736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-16 318960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-02 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C749E08-6B62-11E0-B6DA-075F4824019B}]
BrowserPlugin - C:\Users\Vick\AppData\Local\GamePlayLabs Plugin\BHO.dll [2011-04-25 436864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll [2010-10-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll [2011-01-06 721840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-16 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-16 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16 346736]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16 256112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-10-04 1049912]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll [2011-08-17 734048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Google Update"=C:\Users\Vick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-16 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-27 6998656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe [2010-10-26 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Vick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-09-24 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-03 9642528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-08-17 534880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-10-11 14940040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-05-23 431616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-11-13 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Auto YouTube Downloader.lnk]
C:\PROGRA~2\AUTOYO~1\AUTOYO~1.EXE [2010-09-30 4713472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{F0DF4~1\_A1DDD~1.EXE [2010-04-16 12862]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"=C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"RemoteControl9"=C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe [2009-04-28 50472]
"DATAMNGR"=C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE [2011-01-06 1114552]
"wxpdrv"=C:\Windows\services32.exe [2011-07-20 1147392]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-7-0\svchost.exe [2011-07-20 1147392]
"tray_ico1"=C:\Windows\update.tray-8-0\svchost.exe [2011-07-20 1147392]
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-07-26 256000]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-07-26 256000]
"systemup"=C:\Windows\systemup.exe [2011-08-30 130560]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-08-04 232960]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-08-17 534880]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 336384]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=D:\Hry\Rockstar Games\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Vick\Downloads\facebook-pic00005267.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Users\Vick\Downloads\Flash-Player.exe"="C:\Users\Vick\Downloads\Flash-Player.exe:*:Enabled:C:\Users\Vick\Downloads\Flash-Player.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\services32.exe"="C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-31 20:39:20 ----D---- C:\rsit
2011-08-31 20:39:20 ----D---- C:\Program Files\trend micro
2011-08-31 16:17:40 ----D---- C:\ProgramData\ATI
2011-08-31 16:17:00 ----D---- C:\Program Files (x86)\AMD APP
2011-08-31 16:16:51 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-08-31 16:15:31 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2011-08-31 16:15:31 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2011-08-31 16:15:31 ----A---- C:\Windows\system32\coinst.dll
2011-08-31 16:15:31 ----A---- C:\Windows\system32\atiglpxx.dll
2011-08-31 16:15:31 ----A---- C:\Windows\system32\aticfx64.dll
2011-08-31 16:15:30 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2011-08-31 16:15:30 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2011-08-31 16:15:30 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2011-08-31 16:15:30 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2011-08-31 16:15:30 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2011-08-31 16:15:30 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2011-08-31 16:15:29 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2011-08-31 16:15:27 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2011-08-31 16:15:27 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2011-08-31 16:15:27 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2011-08-31 16:15:27 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2011-08-31 16:15:26 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2011-08-31 16:15:26 ----A---- C:\Windows\SYSWOW64\atiumdmv.dll
2011-08-31 16:15:26 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2011-08-31 16:15:26 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2011-08-31 16:15:26 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2011-08-31 16:15:25 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2011-08-31 16:15:25 ----A---- C:\Windows\system32\atidxx64.dll
2011-08-31 16:15:24 ----A---- C:\Windows\system32\atiuxp64.dll
2011-08-31 16:15:24 ----A---- C:\Windows\system32\atiu9p64.dll
2011-08-31 16:15:24 ----A---- C:\Windows\system32\atig6txx.dll
2011-08-31 16:15:24 ----A---- C:\Windows\system32\atig6pxx.dll
2011-08-31 16:15:24 ----A---- C:\Windows\system32\aticalrt64.dll
2011-08-31 16:15:24 ----A---- C:\Windows\system32\aticalcl64.dll
2011-08-31 16:15:23 ----A---- C:\Windows\system32\aticaldd64.dll
2011-08-31 16:15:22 ----A---- C:\Windows\system32\atipdl64.dll
2011-08-31 16:15:22 ----A---- C:\Windows\system32\atio6axx.dll
2011-08-31 16:15:22 ----A---- C:\Windows\system32\atiedu64.dll
2011-08-31 16:15:22 ----A---- C:\Windows\system32\ATIDEMGX.dll
2011-08-31 16:15:21 ----A---- C:\Windows\system32\atiumd6v.dll
2011-08-31 16:15:21 ----A---- C:\Windows\system32\atimuixx.dll
2011-08-31 16:15:21 ----A---- C:\Windows\system32\atiesrxx.exe
2011-08-31 16:15:21 ----A---- C:\Windows\system32\atieclxx.exe
2011-08-31 16:15:21 ----A---- C:\Windows\system32\atiapfxx.exe
2011-08-31 16:15:20 ----A---- C:\Windows\system32\atiumd6a.dll
2011-08-31 16:15:20 ----A---- C:\Windows\system32\atitmm64.dll
2011-08-31 16:15:20 ----A---- C:\Windows\system32\atimpc64.dll
2011-08-31 16:15:20 ----A---- C:\Windows\system32\atiicdxx.dat
2011-08-31 16:15:20 ----A---- C:\Windows\system32\atiadlxx.dll
2011-08-31 16:15:20 ----A---- C:\Windows\system32\amdpcom64.dll
2011-08-31 16:15:19 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2011-08-31 16:15:19 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2011-08-31 16:15:19 ----A---- C:\Windows\system32\atiumd64.dll
2011-08-31 16:15:18 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2011-08-30 17:18:39 ----D---- C:\Program Files (x86)\YouTube Downloader Toolbar
2011-08-30 17:18:39 ----D---- C:\Program Files (x86)\Application Updater
2011-08-28 19:53:53 ----A---- C:\ProgramData\NTUSER.DAT
2011-08-26 08:15:22 ----HD---- C:\Windows\update.8.1
2011-08-20 11:55:49 ----HD---- C:\Windows\update.7.1
2011-08-12 09:33:46 ----A---- C:\Windows\w_distrib_iplist.txt
2011-08-12 09:33:19 ----HD---- C:\Windows\update.3

======List of files/folders modified in the last 1 month======

2011-08-31 21:10:59 ----D---- C:\Windows\Prefetch
2011-08-31 21:10:57 ----D---- C:\Windows\Temp
2011-08-31 21:09:33 ----D---- C:\Windows\system32\LogFiles
2011-08-31 21:09:32 ----D---- C:\Windows\Minidump
2011-08-31 21:09:32 ----D---- C:\Windows
2011-08-31 20:51:39 ----D---- C:\Windows\system32\config
2011-08-31 20:41:42 ----D---- C:\Windows\system32\Tasks
2011-08-31 20:41:31 ----A---- C:\Windows\SYSWOW64\log.txt
2011-08-31 20:39:20 ----RD---- C:\Program Files
2011-08-31 20:15:25 ----A---- C:\Windows\system32\acovcnt.exe
2011-08-31 20:07:59 ----D---- C:\Windows\SysWOW64
2011-08-31 20:07:59 ----AD---- C:\Windows\System32
2011-08-31 19:57:50 ----D---- C:\Windows\system32\catroot2
2011-08-31 19:56:47 ----D---- C:\Program Files (x86)\Garena
2011-08-31 19:25:32 ----A---- C:\Windows\iecheck_iplist.txt
2011-08-31 19:25:02 ----A---- C:\Windows\iplist.txt
2011-08-31 19:25:00 ----A---- C:\Windows\btc_client_iplist.txt
2011-08-31 16:50:01 ----D---- C:\Windows\system32\drivers
2011-08-31 16:49:11 ----D---- C:\Windows\system32\catroot
2011-08-31 16:17:40 ----HD---- C:\ProgramData
2011-08-31 16:17:09 ----SHD---- C:\Windows\Installer
2011-08-31 16:17:00 ----RD---- C:\Program Files (x86)
2011-08-31 16:16:51 ----D---- C:\Program Files\Common Files
2011-08-31 16:16:51 ----D---- C:\Program Files (x86)\Common Files
2011-08-31 16:16:32 ----D---- C:\Program Files\ATI Technologies
2011-08-31 16:15:16 ----D---- C:\Windows\inf
2011-08-31 16:15:14 ----D---- C:\Windows\system32\DriverStore
2011-08-31 13:40:13 ----RD---- C:\Users
2011-08-30 17:13:34 ----A---- C:\Windows\system32\ServiceFilter.ini
2011-08-30 09:29:21 ----A---- C:\Windows\systemup.exe
2011-08-30 09:26:46 ----A---- C:\Windows\ddh_iplist.txt
2011-08-30 08:53:18 ----D---- C:\Windows\system32\wfp
2011-08-30 08:53:16 ----D---- C:\Windows\system32\wbem
2011-08-30 08:52:21 ----HD---- C:\Windows\update.tray-8-0-lnk
2011-08-30 08:52:21 ----HD---- C:\Windows\update.tray-8-0
2011-08-30 08:52:21 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-08-30 08:52:21 ----HD---- C:\Windows\update.tray-7-0
2011-08-30 08:52:21 ----HD---- C:\Windows\update.5.0
2011-08-30 08:52:21 ----HD---- C:\Windows\update.2
2011-08-30 08:52:21 ----HD---- C:\Windows\update.1
2011-08-30 08:52:21 ----D---- C:\Windows\Tasks
2011-08-30 08:52:21 ----D---- C:\Windows\system32\drivers\etc
2011-08-30 08:52:21 ----D---- C:\ProgramData\P4G
2011-08-30 08:52:20 ----D---- C:\Windows\system32\CodeIntegrity
2011-08-30 08:52:17 ----D---- C:\Windows\av_ico
2011-08-30 08:52:17 ----D---- C:\Windows\AppCompat
2011-08-30 08:52:17 ----D---- C:\Users\Vick\AppData\Roaming\vlc
2011-08-30 08:52:05 ----D---- C:\Windows\registration
2011-08-30 08:51:16 ----D---- C:\Users\Vick\AppData\Roaming\Skype
2011-08-28 11:52:53 ----SHD---- C:\System Volume Information
2011-08-17 17:32:15 ----D---- C:\Users\Vick\AppData\Roaming\skypePM
2011-08-17 16:57:51 ----D---- C:\Users\Vick\AppData\Roaming\ICQ
2011-08-04 16:26:22 ----A---- C:\Windows\l1rezerv.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-02 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-06-17 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-06-17 83120]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-25 9359872]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-25 309760]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-03 2217504]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-27 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-27 176640]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-05-20 202016]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-25 9359872]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-01-22 13352]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-01-22 27176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7; C:\Windows\system32\DRIVERS\ts_athwx.sys [2010-03-02 2103336]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2010-04-19 50688]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-25 204288]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-08-17 402328]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-03 864032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ddservice;ddservice; C:\Windows\update.7.1\svchostdriver.exe [2011-08-30 382464]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-07-02 75064]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-05-27 244904]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe []
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-16 182768]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 932640]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-03 407336]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------
Uz mi to dela hrozny sviky napriklad sama se hybe mys a klika,kopiruje soubory tak že treba film mam na disku xkrat pokazde nekde jinde,graficke ovladace selhani,na fb to samozrejme pise kazdemu... Dekuju za pomoc.

FB vir tam je. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Tak cekam na dokonceni necekal jsem takhle rychlou reakci Parada

Tak tady je log:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7622

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

31.8.2011 21:48:16
omg

Typ: Rychlá kontrola
Kontrolované objekty: 179796
Uplynulý čas: 1 minut, 35 sekund

Infikované procesy v paměti: 3
Infikované moduly v paměti: 0
Infikované klíče v registru: 18
Infikované hodnoty v registru: 12
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 27

Infikované procesy v paměti:
c:\Windows\update.7.1\svchostdriver.exe (Spyware.Agent) -> 1180 -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> 4028 -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent.Gen) -> 2788 -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ddservice (Spyware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1C749E08-6B62-11E0-B6DA-075F4824019B} (Spyware.GamePlayLabs) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{199C34A4-5436-403F-A250-219E16672570} (Spyware.GamePlayLabs) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8E7AD93B-3E87-423D-947F-A321FA7E31C4} (Spyware.GamePlayLabs) -> No action taken.
HKEY_CLASSES_ROOT\BHO.BrowserPlugin.1 (Spyware.GamePlayLabs) -> No action taken.
HKEY_CLASSES_ROOT\BHO.BrowserPlugin (Spyware.GamePlayLabs) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C749E08-6B62-11E0-B6DA-075F4824019B} (Spyware.GamePlayLabs) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C749E08-6B62-11E0-B6DA-075F4824019B} (Spyware.GamePlayLabs) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C749E08-6B62-11E0-B6DA-075F4824019B} (Spyware.GamePlayLabs) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.Agent.Gen) -> Value: systemup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ddservice\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> No action taken.

Infikované soubory:
c:\Windows\update.7.1\svchostdriver.exe (Spyware.Agent) -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> No action taken.
c:\Windows\services32.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-8-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\sysdriver32.exe (Trojan.Agent) -> No action taken.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> No action taken.
c:\Users\Vick\AppData\Local\gameplaylabs plugin\BHO.dll (Spyware.GamePlayLabs) -> No action taken.
c:\program files (x86)\youtube downloader toolbar\IE\4.6\youtubedownloadertoolbarie.dll (PUP.Dealio.TB) -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent.Gen) -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Agent) -> No action taken.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> No action taken.

Smažte vše, co MBAM nalezl. Pak restartujte PC a na dočištění dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Tak jsem vycistil malwarem a tady je log s combofixu

ComboFix 11-09-01.03 - Vick 01.09.2011 20:23:24.1.8 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4014.2455 [GMT 2:00]
Spuštěný z: c:\users\Vick\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\facemoods.com
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\facemoods.crx
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\facemoods.png
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsApp.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsEng.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\uninstall.exe
c:\program files (x86)\facemoods.com\sqlite3.dll
c:\programdata\FullRemove.exe
c:\programdata\ntuser.dat
c:\users\Vick\AppData\Roaming\Mikrotik
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\advtool.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\advtool.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\dhcp.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\dhcp.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\hotspot.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\hotspot.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\ppp.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\ppp.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\roteros.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\roteros.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\roting2.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\roting2.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\secure.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\secure.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\system.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\system.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\wlan2.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.13-1073440822\wlan2.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\advtool.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\advtool.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\dhcp.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\dhcp.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\hotspot.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\hotspot.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\ppp.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\ppp.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\roteros.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\roteros.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\roting2.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\roting2.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\secure.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\secure.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\system.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\system.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\wlan2.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.27-2361866979\wlan2.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\advtool.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\advtool.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\dhcp.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\dhcp.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\hotspot.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\hotspot.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\ppp.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\ppp.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\roteros.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\roteros.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\roting2.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\roting2.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\secure.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\secure.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\system.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\system.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\wlan2.crc
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\3.31-3800835064\wlan2.dll
c:\users\Vick\AppData\Roaming\Mikrotik\Winbox\winbox.cfg
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.pyc
c:\windows\phoenix\kernels\phatk\c5861be85342fb2b7f97295ed98d23d1.elf
c:\windows\phoenix\kernels\phatk\ce044e4cd4c8e62b5907b3aac1b6303a.elf
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\b3dd6f4dfa39bff7f686dec88ed197ea.elf
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.pyc
c:\windows\phoenix\kernels\poclbm\efc6e4a6af26a8e200897be897f9df7f.elf
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer.rar
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.2
c:\windows\update.3
c:\windows\update.5.0
c:\windows\update.7.1
c:\windows\w_distrib_iplist.txt
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 18:29 . 2011-09-01 18:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-31 19:22 . 2011-08-31 19:22 -------- d-----w- c:\users\Vick\AppData\Roaming\Malwarebytes
2011-08-31 19:22 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-31 19:22 . 2011-08-31 19:22 -------- d-----w- c:\programdata\Malwarebytes
2011-08-31 19:22 . 2011-08-31 19:22 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-31 19:22 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 18:39 . 2011-08-31 19:10 -------- d-----w- c:\program files\trend micro
2011-08-31 18:39 . 2011-08-31 18:39 -------- d-----w- C:\rsit
2011-08-31 17:41 . 2011-08-31 17:41 512 ----a-w- C:\PhysicalMBR.bin
2011-08-31 14:17 . 2011-08-31 14:17 -------- d-----w- c:\programdata\ATI
2011-08-31 14:17 . 2011-08-31 14:17 -------- d-----w- c:\program files (x86)\AMD APP
2011-08-31 14:16 . 2011-08-31 14:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-08-31 14:16 . 2011-08-31 14:16 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-08-30 15:18 . 2011-08-30 15:18 -------- d-----w- c:\program files (x86)\YouTube Downloader Toolbar
2011-08-30 15:18 . 2011-08-30 15:18 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-08-30 15:18 . 2011-08-30 15:18 -------- d-----w- c:\program files (x86)\Application Updater
2011-08-26 06:15 . 2011-08-26 06:15 -------- d--h--w- c:\windows\update.8.1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-31 18:15 . 2010-12-20 19:30 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-07-29 10:07 . 2011-07-29 10:00 2829 ----a-w- c:\windows\War3Unin.pif
2011-07-29 10:07 . 2011-07-29 10:00 139264 ----a-w- c:\windows\War3Unin.exe
2011-07-28 15:49 . 2011-07-28 15:49 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-07-28 15:48 . 2011-07-28 15:48 16552960 ----a-w- c:\windows\system32\amdocl64.dll
2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-07-20 13:10 . 2011-07-20 13:07 246272 ----a-w- c:\windows\unrar.exe
2011-07-04 11:43 . 2010-07-12 09:26 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-07-12 09:26 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-07-04 11:43 . 2011-01-30 12:08 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-07-26 12:58 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-07-12 09:26 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-07-12 09:26 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-07-12 09:26 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-07-12 09:26 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-07-12 09:26 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-17 10:37 . 2011-07-28 12:54 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-17 10:37 . 2011-07-28 12:54 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-16 01:34 . 2011-06-16 01:34 79872 ----a-w- c:\windows\SysWow64\SlotMaximizerAg.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 2117632 ----a-w- c:\windows\SysWow64\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-06-15 12:26 . 2010-07-02 10:25 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-12-20 09:51 87480 ----a-w- c:\progra~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-01-06 14:06 721840 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\progra~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480]
.
[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"="c:\program files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\Cyberlink\PowerDVD9\Language\Language.exe" [2009-04-28 50472]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-08-17 534880]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-4-16 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7;c:\windows\system32\DRIVERS\ts_athwx.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-08-17 402328]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4064619925-1116126423-1769207058-1000Core.job
- c:\users\Vick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 14:49]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4064619925-1116126423-1769207058-1000UA.job
- c:\users\Vick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 14:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-01-06 14:06 1057712 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.rcnsearch.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files (x86)\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 10.109.226.1 10.109.255.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico2 - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-ASUS_N_Series_Screensaver - c:\windows\system32\ASUS_N_Series_Screensaver.scr
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-09-01 20:32:15
ComboFix-quarantined-files.txt 2011-09-01 18:32
.
Před spuštěním: Volných bajtů: 76 806 279 168
Po spuštění: Volných bajtů: 76 390 682 624
.
- - End Of File - - 5CA19E9B1118445464044D8B9C3BB67D

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\system32\acovcnt.exe

Folder::
c:\progra~2\BEARSH~1
c:\program files (x86)\Common Files\Spigot
c:\windows\update.8.1

Registry::
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"=-
[-HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

tak sem udelal jak ste napsal a log je tu.... Je to ok?

ComboFix 11-09-01.03 - Vick 01.09.2011 22:48:26.2.8 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4014.2386 [GMT 2:00]
Spuštěný z: c:\users\Vick\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vick\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~2\BEARSH~1
c:\progra~2\BEARSH~1\BearShare\ammp3.dll
c:\progra~2\BEARSH~1\BearShare\avcodec-51.dll
c:\progra~2\BEARSH~1\BearShare\avformat-51.dll
c:\progra~2\BEARSH~1\BearShare\avutil-49.dll
c:\progra~2\BEARSH~1\BearShare\BearShare.exe
c:\progra~2\BEARSH~1\BearShare\BearShare.ico
c:\progra~2\BEARSH~1\BearShare\BerkeleyLoader.dll
c:\progra~2\BEARSH~1\BearShare\Copy_Folder.bat
c:\progra~2\BEARSH~1\BearShare\DiscoveryHelper.dll
c:\progra~2\BEARSH~1\BearShare\FixAudioDriverSignature.reg
c:\progra~2\BEARSH~1\BearShare\GIFAnimator.dll
c:\progra~2\BEARSH~1\BearShare\HTML\error.html
c:\progra~2\BEARSH~1\BearShare\HTML\Images\bg-top.jpg
c:\progra~2\BEARSH~1\BearShare\HTML\Images\closeRecommend.gif
c:\progra~2\BEARSH~1\BearShare\HTML\loading.html
c:\progra~2\BEARSH~1\BearShare\HTML\noInternet.html
c:\progra~2\BEARSH~1\BearShare\HTML\offline.html
c:\progra~2\BEARSH~1\BearShare\HTML\Recommendation_Offline.html
c:\progra~2\BEARSH~1\BearShare\htmlayout.dll
c:\progra~2\BEARSH~1\BearShare\ImageUploader5.ocx
c:\progra~2\BEARSH~1\BearShare\IMTrProgress.dll
c:\progra~2\BEARSH~1\BearShare\IMWebControl.dll
c:\progra~2\BEARSH~1\BearShare\Launcher_x64.exe
c:\progra~2\BEARSH~1\BearShare\libungif4.dll
c:\progra~2\BEARSH~1\BearShare\lic_helper.dll
c:\progra~2\BEARSH~1\BearShare\license.txt
c:\progra~2\BEARSH~1\BearShare\NCTAudioCDGrabber2.dll
c:\progra~2\BEARSH~1\BearShare\NCTAudioCDWriter2.dll
c:\progra~2\BEARSH~1\BearShare\NCTAudioCompress3.dll
c:\progra~2\BEARSH~1\BearShare\NCTAudioFile3.dll
c:\progra~2\BEARSH~1\BearShare\NCTAudioFileWMA3.dll
c:\progra~2\BEARSH~1\BearShare\NCTAudioFormatSettings3.dll
c:\progra~2\BEARSH~1\BearShare\NCTDataCDWriter2.dll
c:\progra~2\BEARSH~1\BearShare\Nickel.ocx
c:\progra~2\BEARSH~1\BearShare\ResourcesLoc.dll
c:\progra~2\BEARSH~1\BearShare\SHW32.DLL
c:\progra~2\BEARSH~1\BearShare\Skins\Default.skn
c:\progra~2\BEARSH~1\BearShare\Skins\Default.xml
c:\progra~2\BEARSH~1\BearShare\Skins\html\albumsview\albums.html
c:\progra~2\BEARSH~1\BearShare\Skins\html\albumsview\images\defpreview.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\albumsview\images\playbtn.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\albumsview\images\playing.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\artistsview\artists.html
c:\progra~2\BEARSH~1\BearShare\Skins\html\artistsview\images\defpreview.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\artistsview\images\play.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\artistsview\images\play_disabled.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\artistsview\images\play_down.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\artistsview\images\play_over.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\artistsview\menu.html
c:\progra~2\BEARSH~1\BearShare\Skins\html\cdripview\cdrip.html
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\active.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\azure.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\black.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\blue.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\bs.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\byzantium.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\close-hovered.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\close-normal.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\close-pressed.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\close.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\dark-blue.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\green.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\grey.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\hover.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\inactive.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\magenta.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\olive.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\orange.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\pink.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\pro.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\images\red.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\pro-view.html
c:\progra~2\BEARSH~1\BearShare\Skins\html\colorschemebubble\view.html
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\defalbum.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\defbutton.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\ls_btn.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\ls_btn_hover.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\ls_btn_pressed.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_bottom.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_bottom_over.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_bottom_pressed.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_fill.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_slider.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_slider_center.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_slider_center_over.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_slider_center_pressed.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_slider_over.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_slider_pressed.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_top.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_top_over.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\sbv_top_pressed.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\th_btn.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\th_btn_hover.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\th_btn_pressed.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\tip.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\tipb.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\images\white.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\videosview\images\defpreview.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\videosview\images\list_btn.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\videosview\images\playbtn.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\videosview\images\playing.png
c:\progra~2\BEARSH~1\BearShare\Skins\html\videosview\videos.html
c:\progra~2\BEARSH~1\BearShare\Skins\Images\DefArtwork.jpg
c:\progra~2\BEARSH~1\BearShare\Skins\Images\DefFemale.gif
c:\progra~2\BEARSH~1\BearShare\Skins\Images\DefMale.gif
c:\progra~2\BEARSH~1\BearShare\Skins\Images\FriendshipNotif.jpg
c:\progra~2\BEARSH~1\BearShare\Skins\Images\SendPlaylist.jpg
c:\progra~2\BEARSH~1\BearShare\Skins\Images\TAFLogo.PNG
c:\progra~2\BEARSH~1\BearShare\Skins\Images\ToGoLogo.PNG
c:\progra~2\BEARSH~1\BearShare\Skins\RemoteSkin.wmz
c:\progra~2\BEARSH~1\BearShare\Skins\Settings.xml
c:\progra~2\BEARSH~1\BearShare\Smiley.ico
c:\progra~2\BEARSH~1\BearShare\UninstallUsers.exe
c:\progra~2\BEARSH~1\BearShare\UpdateInst.exe
c:\progra~2\BEARSH~1\BearShare\WMAProfiles.prx
c:\progra~2\BEARSH~1\BearShare\WMHelper.dll
c:\progra~2\BEARSH~1\BearShare\WMHelper.log
c:\progra~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll
c:\progra~2\BEARSH~1\MediaBar\Datamngr\datamngrUI.exe
c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll
c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngrUI.exe
c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
c:\progra~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
c:\progra~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarTb.dll
c:\progra~2\BEARSH~1\MediaBar\ToolBar\components\windowmediator.js
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\bearshare.js
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\data\search\engines.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\data\search\search.xsl
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\about.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\external.js
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\preferences.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\toolbar.htm
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\toolbar.xul
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\bearshare.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\bluelite.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\bluesky.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\btn-search-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\btn-search.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\btn-settings.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\btn-widgets.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\btn_settings.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-down-back-ff.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-down-back.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-down-left.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-down-right.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-down-splitter.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-drop-back.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-drop-left.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-drop-right.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-drop-splitter.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-hover-back.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-hover-left.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-hover-right.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\button-hover-splitter.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\ca.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\dictionary.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\divider.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\downloadcom.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\dtxlogo.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\email.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\email_on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\games.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\graphred0.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\graphred0_5.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\grey.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\headsup.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\ico-shield.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\images.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\add.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\aol.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\blank.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\collapse.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\comcast.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\dtx.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\expand.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\found.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\gmail.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\highlight.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\chevron.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\imap.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\lock.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\modify.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\move.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\pop.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\reload.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\remove.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\rename.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\rss.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\search-go.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\search.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\lichen.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\logo-about.jpg
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\logo-about.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\logo-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\logo.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\logo_old.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\maps.bmp
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\modify-save.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\modify.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\modifyhot.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\music.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\news.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\options\options-main.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\options\options-search.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\orange.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\pixsy.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\relatedlinks.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-collapse.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-delete.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-expand.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-feed.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-folder.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-found.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-reload.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rss.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rssback.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\rsstopback.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\search-over.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\search.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\settings.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\shopping.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\siteinfo.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\skin-grey.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\skin-lichen.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\skin-orange.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\skin-yellow.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\technorati.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\throbber.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\video.bmp
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\weather.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\web.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_allocine.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_bliptv.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_calcal.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_calculator.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_gservices.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_sudoku.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_todo.jpg
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_todo.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_trio.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widget_uconverter.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\widgets.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\wikipedia.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\yahoosearch.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\yellow.gif
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\youtube.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\chrome\skin\zoom.png
c:\progra~2\BEARSH~1\MediaBar\ToolBar\manifest.xml
c:\progra~2\BEARSH~1\MediaBar\ToolBar\uninstall.exe
c:\progra~2\BEARSH~1\MediaBar\uninstall.exe
c:\program files (x86)\Common Files\Spigot
c:\program files (x86)\Common Files\Spigot\Search Settings\config.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\windows\system32\acovcnt.exe
c:\windows\update.8.1
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-08-31 19:22 . 2011-08-31 19:22 -------- d-----w- c:\users\Vick\AppData\Roaming\Malwarebytes
2011-08-31 19:22 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-31 19:22 . 2011-08-31 19:22 -------- d-----w- c:\programdata\Malwarebytes
2011-08-31 19:22 . 2011-08-31 19:22 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-31 19:22 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 18:39 . 2011-08-31 19:10 -------- d-----w- c:\program files\trend micro
2011-08-31 18:39 . 2011-08-31 18:39 -------- d-----w- C:\rsit
2011-08-31 17:41 . 2011-08-31 17:41 512 ----a-w- C:\PhysicalMBR.bin
2011-08-31 14:17 . 2011-08-31 14:17 -------- d-----w- c:\programdata\ATI
2011-08-31 14:17 . 2011-08-31 14:17 -------- d-----w- c:\program files (x86)\AMD APP
2011-08-31 14:16 . 2011-08-31 14:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-08-31 14:16 . 2011-08-31 14:16 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-08-30 15:18 . 2011-08-30 15:18 -------- d-----w- c:\program files (x86)\YouTube Downloader Toolbar
2011-08-30 15:18 . 2011-08-30 15:18 -------- d-----w- c:\program files (x86)\Application Updater
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-29 10:07 . 2011-07-29 10:00 2829 ----a-w- c:\windows\War3Unin.pif
2011-07-29 10:07 . 2011-07-29 10:00 139264 ----a-w- c:\windows\War3Unin.exe
2011-07-28 15:49 . 2011-07-28 15:49 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-07-28 15:48 . 2011-07-28 15:48 16552960 ----a-w- c:\windows\system32\amdocl64.dll
2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-07-20 13:10 . 2011-07-20 13:07 246272 ----a-w- c:\windows\unrar.exe
2011-07-04 11:43 . 2010-07-12 09:26 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-07-12 09:26 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-07-04 11:43 . 2011-01-30 12:08 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-07-26 12:58 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-07-12 09:26 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-07-12 09:26 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-07-12 09:26 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-07-12 09:26 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-07-12 09:26 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-17 10:37 . 2011-07-28 12:54 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-17 10:37 . 2011-07-28 12:54 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-16 01:34 . 2011-06-16 01:34 79872 ----a-w- c:\windows\SysWow64\SlotMaximizerAg.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 2117632 ----a-w- c:\windows\SysWow64\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-06-15 12:26 . 2010-07-02 10:25 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-01_18.29.45 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-09-01 18:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-09-01 20:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-09-01 18:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-09-01 20:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-10-01 12:11 . 2011-09-01 18:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-10-01 12:11 . 2011-09-01 20:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-09-01 18:16 . 2011-09-01 18:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-09-01 20:54 . 2011-09-01 20:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-09-01 20:54 . 2011-09-01 20:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-09-01 18:16 . 2011-09-01 18:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 04:54 . 2011-09-01 20:54 311296 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-09-01 18:16 311296 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-15 15:05 . 2011-09-01 18:15 700040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-08-15 15:05 . 2011-09-01 20:53 700040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"="c:\program files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\Cyberlink\PowerDVD9\Language\Language.exe" [2009-04-28 50472]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-4-16 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7;c:\windows\system32\DRIVERS\ts_athwx.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-08-17 402328]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4064619925-1116126423-1769207058-1000Core.job
- c:\users\Vick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 14:49]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4064619925-1116126423-1769207058-1000UA.job
- c:\users\Vick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 14:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.rcnsearch.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files (x86)\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 10.109.226.1 10.109.255.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-DATAMNGR - c:\progra~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-BearShare 2 MediaBar - c:\program files (x86)\BearShare Applications\MediaBar\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\users\Vick\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Vick\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Vick\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Vick\AppData\Local\Google\Chrome\Application\chrome.exe
c:\windows\SysWOW64\rundll32.exe
c:\users\Vick\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2011-09-01 23:00:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-01 21:00
ComboFix2.txt 2011-09-01 18:32
.
Před spuštěním: Volných bajtů: 76 555 124 736
Po spuštění: Volných bajtů: 76 310 212 608
.
- - End Of File - - 56E888CD4ABD4BE0CB704AC1B460F56D
Nahr nˇ probŘhlo ŁspŘçnŘ

Smazáno, log již vypadá čistý. Doinstalujte antivir. Mělo by to být vše.

Napisete mis icq do mailu? pridam si vas.... Kubi1000@seznam.cz

Pri instalaci antiviraku doslo k chybe ze nemuze ncist nejakou knihovnu .dll sosnul jsem avasta 6 ze stahuj.cz ... Cim by to mohlo byt?

Nejprve odinstalujte to, co z Avastu zbylo pomocí odinstalátoru Avast: http://www.avast.com/cs-cz/uninstall-utility a pak ho znovu nainstalujte.