Autorun...

[glutamen]

Zdravím. Opět mně AVíRA trápí s hláškou o přítomnosti "autorun.inf" na flash disku. Mohl by mi někdo poradit jak se toho účinně zbavit?
Předem děkuji!

[Rudy]

Také zdravím!
Nejprve dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

[glutamen]

Logfile of random's system information tool 1.09 (written by random/random)
Run by michal at 2011-11-19 13:51:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 10 GB (12%) free of 90 GB
Total RAM: 3597 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:52:06, on 19.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Java\jre6\launch4j-tmp\frd.exe
C:\Program Files (x86)\Opera\opera.exe
C:\PROGRA~2\MICROS~2\OFFICE11\WINWORD.EXE
C:\Program Files\trend micro\michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MyPlayCity Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdagent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7975 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000660
\??\C:\Windows\system32\conhost.exe "-185608729113246400631480401873-583214938-87220384814459432601581492205-668129719
taskeng.exe {6A735AAC-7103-4E4C-81FC-F0B5D72B6E96}
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files (x86)\Java\jre6\launch4j-tmp\frd.exe" -Xms32m -Xmx128m -jar "C:\Program Files\Free Rapid Downloader\FreeRapid-0.85u1-build566\frd.jar"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\PROGRA~2\MICROS~2\OFFICE11\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 8192
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-87021092-b54e-4cee-817f-d41846e75f4c -SystemEventPortName:HostProcess-ba20e56d-0032-494b-ba8d-c6f50b03931d -IoCancelEventPortName:HostProcess-d3860bdc-0a46-4478-8f01-7162b76e4f98 -NonStateChangingEventPortName:HostProcess-738b0926-318d-449e-a193-5952309eaf86 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6b9c15d4-b748-49a1-b560-37deec146f03
C:\Windows\system32\msiexec.exe /V
"C:\Users\michal\AppData\Local\Opera\Opera\temporary_downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\SlimDrivers Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\fnx3sc22.default

prefs.js - "extensions.enabledItems" - "{e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\fnx3sc22.default\extensions\
toolbar@ask.com
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
MyPlayCity Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - MyPlayCity Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-07-12 9048392]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 12666984]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-31 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-31 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-31 416024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-03-29 399736]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-10-27 3077528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-01-10 281768]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-31 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-07-03 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-11-19 13:51:57 ----D---- C:\rsit
2011-11-19 13:45:01 ----D---- C:\Program Files (x86)\MSECache
2011-11-19 11:28:43 ----D---- C:\Program Files (x86)\Intel Desktop Board
2011-11-12 16:44:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-12 16:44:05 ----A---- C:\Windows\system32\win32k.sys
2011-10-29 13:10:36 ----D---- C:\Users\michal\AppData\Roaming\Artogon
2011-10-29 13:10:31 ----D---- C:\Users\michal\AppData\Roaming\wrapper
2011-10-29 13:09:37 ----D---- C:\Users\michal\AppData\Roaming\Špidla Data Processing, s.r.o
2011-10-29 13:09:37 ----D---- C:\ProgramData\Špidla Data Processing, s.r.o
2011-10-27 12:17:27 ----D---- C:\ProgramData\PMB Files
2011-10-27 12:17:01 ----D---- C:\Program Files (x86)\Pando Networks
2011-10-26 06:13:36 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-26 06:13:35 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-26 06:13:35 ----A---- C:\Windows\SYSWOW64\java.exe
2011-10-25 22:12:00 ----D---- C:\Users\michal\AppData\Roaming\Might & Magic Heroes VI
2011-10-22 16:44:28 ----D---- C:\Users\michal\AppData\Roaming\Apple Computer
2011-10-21 18:11:50 ----D---- C:\Program Files\gs
2011-10-21 18:09:19 ----D---- C:\Program Files\Ghostgum
2011-10-21 18:04:28 ----D---- C:\Users\michal\AppData\Roaming\Neuratron
2011-10-21 18:03:07 ----A---- C:\Windows\SYSWOW64\Drs832.dll
2011-10-21 18:03:06 ----D---- C:\Program Files (x86)\Neuratron PhotoScore Ultimate Demo
2011-10-21 17:31:42 ----D---- C:\Program Files (x86)\AdultPDF
2011-10-21 17:23:19 ----D---- C:\Users\michal\AppData\Roaming\pdf2image2009
2011-10-21 17:23:19 ----D---- C:\Program Files (x86)\PdfSvg

======List of files/folders modified in the last 1 month======

2011-11-19 13:52:06 ----D---- C:\Windows\Prefetch
2011-11-19 13:52:05 ----D---- C:\Program Files\trend micro
2011-11-19 13:51:53 ----D---- C:\Users\michal\AppData\Roaming\uTorrent
2011-11-19 13:45:34 ----SHD---- C:\Windows\Installer
2011-11-19 13:45:31 ----D---- C:\Program Files (x86)\Microsoft Office
2011-11-19 13:45:19 ----SHD---- C:\System Volume Information
2011-11-19 13:45:01 ----RD---- C:\Program Files (x86)
2011-11-19 13:38:42 ----D---- C:\Windows\System32
2011-11-19 13:38:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-19 13:25:48 ----D---- C:\Users\michal\AppData\Roaming\vlc
2011-11-19 13:08:34 ----D---- C:\Windows\temp
2011-11-19 13:05:44 ----D---- C:\Program Files (x86)\Docx Reader
2011-11-19 10:48:39 ----D---- C:\Windows\system32\config
2011-11-19 10:37:10 ----A---- C:\Windows\SYSWOW64\log.txt
2011-11-19 10:34:45 ----D---- C:\Windows\system32\drivers
2011-11-19 10:34:17 ----D---- C:\Windows
2011-11-18 19:42:52 ----D---- C:\Users\michal\AppData\Roaming\dvdcss
2011-11-18 19:39:58 ----D---- C:\Users\michal\AppData\Roaming\foobar2000
2011-11-18 11:47:08 ----D---- C:\Users\michal\AppData\Roaming\Media Player Classic
2011-11-18 11:47:07 ----D---- C:\Users\michal\AppData\Roaming\Miranda
2011-11-18 11:46:55 ----D---- C:\Windows\debug
2011-11-13 03:18:50 ----D---- C:\Windows\winsxs
2011-11-13 03:17:26 ----D---- C:\Program Files\Common Files\System
2011-11-13 03:02:05 ----D---- C:\Windows\system32\catroot
2011-11-13 03:01:57 ----A---- C:\Windows\win.ini
2011-11-13 03:00:33 ----A---- C:\Windows\system32\MRT.exe
2011-11-12 23:32:26 ----D---- C:\Users\michal\AppData\Roaming\gtk-2.0
2011-11-12 20:18:31 ----D---- C:\Users\michal\AppData\Roaming\Ashampoo
2011-11-12 20:12:48 ----D---- C:\Program Files (x86)\Ashampoo
2011-11-12 16:43:51 ----D---- C:\Windows\system32\catroot2
2011-11-03 17:46:19 ----SD---- C:\Users\michal\AppData\Roaming\Microsoft
2011-10-29 15:24:07 ----D---- C:\Windows\system32\Tasks
2011-10-29 13:09:37 ----D---- C:\ProgramData
2011-10-28 18:15:11 ----D---- C:\Windows\SysWOW64
2011-10-28 18:05:40 ----D---- C:\Users\michal\AppData\Roaming\Audacity
2011-10-28 17:34:50 ----D---- C:\Windows\system32\DriverStore
2011-10-28 17:34:50 ----D---- C:\Windows\inf
2011-10-28 15:49:14 ----RSD---- C:\Windows\assembly
2011-10-28 15:47:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-28 15:47:13 ----D---- C:\Program Files (x86)\Ubisoft
2011-10-26 13:18:54 ----D---- C:\Users\michal\AppData\Roaming\Mp3tag
2011-10-26 06:13:44 ----D---- C:\Program Files (x86)\Common Files
2011-10-26 06:13:32 ----D---- C:\Program Files (x86)\Java
2011-10-25 21:20:42 ----RSD---- C:\Windows\Fonts
2011-10-21 18:11:50 ----RD---- C:\Program Files
2011-10-21 18:05:37 ----AD---- C:\ProgramData\TEMP
2011-10-20 21:53:23 ----D---- C:\Program Files (x86)\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-08-07 526392]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-06-28 123784]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-07-12 252344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-07-12 41712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-12 270912]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-07-12 92688]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-06-28 88288]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35344]
R3 appliandMP;appliandMP; C:\Windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-31 12306848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 3053160]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 a8ftewyb;a8ftewyb; C:\Windows\system32\drivers\a8ftewyb.sys []
S3 appliand;Applian Network Service; C:\Windows\system32\DRIVERS\appliand.sys [2010-06-24 33888]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2011-11-19 15672]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-06-28 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
R2 cmdagent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-07-12 2528096]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-07-09 75136]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-04 1255736]

-----------------EOF-----------------

[Rudy]

OK. Poprosím ještě o kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic namžte.

[glutamen]

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 8193

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

19.11.2011 14:12:37
mbam-log-2011-11-19 (14-12-37).txt

Typ: Rychlá kontrola
Kontrolované objekty: 189401
Uplynulý čas: 3 minut, 4 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Rudy]

Toto je OK. Na flash disk zkuste použít USBfix: http://www.viry.cz/forum/viewtopic.php?f=24&t=102308 .

[glutamen]

############################## | UsbFix 7.059 | [Research]

User: michal (Administrator) # MICHAL-PC [Gigabyte Technology Co., Ltd. H67MA-D2H]
Updated 16/09/2011 by El Desaparecido
Started at 13:33:58 | 20/11/2011
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
CPU 2: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Windows Firewall: Disabled /!\
RAM -> 3597 Mb
C:\ (%systemdrive%) -> Fixed drive # 88 Gb (10 Mb free - 11%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 844 Gb (126 Mb free - 15%) [] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
J:\ -> Removable drive # 4 Gb (3 Mb free - 91%) [KINGSTON] # FAT32

################## | Files # Infected Folders |

Found ! C:\Users\michal\Dokumenty – zástupce.lnk
Found ! G:\Autorun.exe
Found ! G:\Autorun.inf
Found ! G:\autorun.exe

################## | Registry |


################## | Mountpoints2 |


################## | Vaccin |

(!) This computer is not vaccinated!

################## | E.O.F |

[glutamen]

Pokusil jsem se o smazání infikovaných souborů...

############################## | UsbFix 7.059 | [Deletion]

User: michal (Administrator) # MICHAL-PC [Gigabyte Technology Co., Ltd. H67MA-D2H]
Updated 16/09/2011 by El Desaparecido
Started at 14:28:36 | 20/11/2011
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
CPU 2: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Windows Firewall: Disabled /!\
RAM -> 3597 Mb
C:\ (%systemdrive%) -> Fixed drive # 88 Gb (10 Mb free - 11%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 844 Gb (125 Mb free - 15%) [] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
J:\ -> Removable drive # 4 Gb (3 Mb free - 91%) [KINGSTON] # FAT32

################## | Files # Infected Folders |

Deleted ! C:\Users\michal\Dokumenty – zástupce.lnk
Not deleted ! G:\Autorun.exe
Not deleted ! C:\$RECYCLE.BIN\S-1-5-21-149605367-3085631734-1079412155-1000
Not deleted ! C:\$RECYCLE.BIN\S-1-5-21-149605367-3085631734-1079412155-1001
Deleted ! E:\$RECYCLE.BIN\S-1-5-21-149605367-3085631734-1079412155-1000
Deleted ! E:\$RECYCLE.BIN\S-1-5-21-149605367-3085631734-1079412155-1001
Not deleted ! G:\Autorun.inf
Not deleted ! G:\autorun.exe

(!) Temporary files deleted.


################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[08/09/2011 - 17:48:01 | SHD ] C:\$RECYCLE.BIN
[03/09/2011 - 11:50:48 | D ] C:\Alone in the Dark
[07/09/2011 - 21:37:49 | D ] C:\Autorun.inf
[02/02/2011 - 17:36:54 | N | 180] C:\csb.log
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[19/11/2011 - 10:34:11 | ASH | 2829131776] C:\hiberfil.sys
[02/02/2011 - 17:35:55 | N | 189] C:\Install.log
[02/02/2011 - 17:34:01 | D ] C:\Intel
[19/11/2011 - 10:34:13 | ASH | 3772178432] C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[21/10/2011 - 18:11:50 | D ] C:\Program Files
[19/11/2011 - 14:07:01 | D ] C:\Program Files (x86)
[19/11/2011 - 14:07:05 | D ] C:\ProgramData
[02/02/2011 - 22:54:40 | D ] C:\PSFONTS
[02/02/2011 - 17:24:52 | D ] C:\Recovery
[02/02/2011 - 17:35:32 | N | 2110] C:\RHDSetup.log
[19/11/2011 - 13:52:08 | D ] C:\rsit
[10/07/2011 - 21:24:59 | D ] C:\rtmpdump
[31/03/2011 - 17:40:41 | D ] C:\Sibelius 6
[20/11/2011 - 03:00:22 | SHD ] C:\System Volume Information
[20/11/2011 - 14:33:50 | D ] C:\UsbFix
[20/11/2011 - 14:28:00 | A | 2516] C:\UsbFix.txt
[25/02/2011 - 17:58:42 | D ] C:\Users
[02/06/2011 - 18:43:19 | D ] C:\VritualRoot
[19/11/2011 - 18:24:00 | D ] C:\Windows
[20/11/2011 - 14:33:49 | D ] E:\$RECYCLE.BIN
[19/10/2011 - 11:27:53 | N | 330537] E:\406_dsc_2877.jpg
[20/07/2011 - 15:59:55 | D ] E:\Aldous Huxley Collection
[29/09/2011 - 18:00:54 | N | 943399266] E:\antonin-dvorak-1990.avi
[04/03/2011 - 02:21:49 | N | 1048576000] E:\ASanchez_MasterSeries_faststrings.com.part1.rar
[04/03/2011 - 20:25:54 | N | 1048576000] E:\ASanchez_MasterSeries_faststrings.com.part2.rar
[07/09/2011 - 21:37:49 | D ] E:\Autorun.inf
[14/11/2011 - 21:11:46 | D ] E:\BACKUP
[12/07/2011 - 08:30:20 | D ] E:\Black Adder
[07/06/2011 - 20:54:14 | D ] E:\Branford Marsalis - Contemporary Jazz
[01/06/2010 - 21:56:50 | N | 1564672] E:\bukowski.ppt
[28/08/2011 - 23:40:02 | D ] E:\Charles Mingus - Live At Montreux (1975)
[21/10/2011 - 17:40:23 | D ] E:\Czech Fakebook
[27/07/2011 - 15:56:00 | N | 1580103025] E:\Destino.Salvador_Dali_&_Walt_Disney.2003.BDRemux.mkv
[11/09/2011 - 13:35:18 | D ] E:\Download
[20/11/2011 - 12:09:21 | D ] E:\Downloads
[20/07/2011 - 19:55:36 | N | 734189568] E:\Elephant Man.avi
[13/08/2011 - 12:26:15 | D ] E:\Eraserhead (1977)
[07/08/2011 - 21:50:28 | D ] E:\Eternal Sunshine of the Spotless Mind
[20/07/2011 - 22:11:30 | D ] E:\Eternal.Sunshine.Of.The.Spotless.Mind.DVDrip.XViD-DVL
[19/03/2011 - 19:56:48 | D ] E:\Fake Books
[12/06/2011 - 14:03:06 | N | 20971520] E:\FPZ1.part1.rar
[12/06/2011 - 14:30:11 | N | 20679017] E:\FPZ1.part2.rar
[12/06/2011 - 14:57:11 | N | 20971520] E:\FPZ2.part1.rar
[12/06/2011 - 15:24:27 | N | 20066706] E:\FPZ2.part2.rar
[12/06/2011 - 13:45:24 | N | 11671513] E:\FPZ_1_2.pdf
[22/04/2011 - 22:52:04 | D ] E:\Funkifying the Clave Afro-Cuban Grooves for Bass and Drums
[20/11/2011 - 13:39:01 | D ] E:\Games
[28/10/2011 - 15:44:17 | D ] E:\Gamest
[31/03/2011 - 20:22:32 | D ] E:\Garritan Personal Orchestra
[14/08/2011 - 14:17:56 | N | 224] E:\INSTALL.LOG
[14/08/2011 - 20:25:37 | D ] E:\IT CROWD
[18/11/2011 - 11:44:19 | D ] E:\jazz fake books
[13/04/2011 - 20:39:14 | N | 4754298] E:\jazzovka.mp3
[26/02/2011 - 13:45:16 | N | 87084582] E:\Jim_Chapin_-_Advanced_Techniquees_for_the_Modern_Drummer.zip
[18/11/2011 - 11:44:01 | D ] E:\Matematika-Funkce
[27/02/2011 - 18:03:30 | D ] E:\Matematika.RoaNe
[27/02/2011 - 15:57:08 | N | 52047181] E:\Matematika.RoaNe.rar
[18/11/2011 - 21:18:52 | D ] E:\mes créations
[28/06/2011 - 21:07:50 | N | 2158536] E:\michwi1.jpg
[28/06/2011 - 21:09:36 | N | 493159] E:\michwi2.jpg
[17/11/2010 - 13:46:28 | N | 111793] E:\MILES_DAVIS.srt
[26/02/2011 - 12:05:13 | D ] E:\MS Office Pro Enterprise 2003 CZ
[01/12/2006 - 22:37:14 | A | 904704] E:\msdia80.dll
[18/09/2011 - 12:02:52 | D ] E:\msdownld.tmp
[07/03/2011 - 20:24:51 | RD ] E:\MSOCache
[27/02/2011 - 17:01:56 | D ] E:\Multimedia
[20/11/2011 - 11:36:31 | D ] E:\Music
[25/10/2011 - 21:12:39 | D ] E:\Noty,noty notičky
[20/09/2011 - 17:36:48 | D ] E:\Nová složka
[20/07/2011 - 16:43:21 | D ] E:\Old Corel Works
[13/08/2011 - 12:22:30 | D ] E:\On U Va - CD
[20/07/2011 - 17:44:29 | N | 682123536] E:\Other Worlds - Ayahuasca Documentary.avi
[29/07/2010 - 15:55:16 | N | 37391] E:\Other.Worlds.-.Ayahuasca.Documentary.txt
[26/06/2011 - 09:00:06 | N | 14352428] E:\R_MIC_110626-095714.wav
[26/03/2011 - 13:23:38 | N | 31744] E:\seminarni prace.doc
[23/10/2011 - 14:42:50 | N | 118441900] E:\Sneak-peek-of-the-forthcoming-documentary, Ninety-Miles.mp4
[02/02/2011 - 18:04:26 | SHD ] E:\System Volume Information
[19/03/2011 - 20:04:26 | D ] E:\The.Holy.Mountain.1973.REMASTERED.DVDRip.XviD-OSTERMANN
[20/07/2011 - 17:00:01 | N | 876841529] E:\The.Spirit.Molecule.2010.x264.m4v
[30/01/2011 - 01:01:16 | N | 90471] E:\The.Spirit.Molecule.2010.x264.pl.txt
[11/10/2011 - 20:49:22 | D ] E:\TopCD
[19/07/2011 - 07:59:53 | D ] E:\Urlop
[15/10/2011 - 22:16:28 | N | 62985554] E:\Utajené-efekty-brány-vnímání[www.savevid.com].flv
[18/11/2011 - 12:55:30 | D ] E:\Video
[15/07/2011 - 10:48:58 | N | 3963287] E:\Yu4RlQ3I3gc.mp3
[26/02/2010 - 21:14:43 | D ] G:\.background
[26/02/2010 - 21:14:43 | D ] G:\.localized
[25/02/2010 - 05:38:18 | R | 652600] G:\Autorun.exe
[25/02/2010 - 03:04:46 | R | 105] G:\Autorun.inf
[19/04/2007 - 06:06:44 | R | 535552] G:\ISSetup.dll
[26/04/2010 - 21:58:58 | D ] G:\Razor1911
[26/02/2010 - 10:19:50 | D ] G:\Setup
[26/02/2010 - 20:58:43 | D ] G:\The Settlers 7 - Paths to a Kingdom Installer.app
[27/04/2007 - 22:06:12 | R | 324552] G:\_setup.dll
[26/02/2010 - 10:20:08 | R | 1886568] G:\autorun.bba
[26/02/2010 - 10:11:39 | R | 1410180] G:\data1.cab
[26/02/2010 - 10:11:42 | R | 40171] G:\data1.hdr
[26/02/2010 - 10:13:04 | R | 1962158080] G:\data2.cab
[26/02/2010 - 10:14:51 | R | 2086666240] G:\data3.cab
[26/02/2010 - 10:16:24 | R | 1121796930] G:\data4.cab
[26/02/2010 - 20:58:50 | D ] G:\installer
[26/02/2010 - 10:16:24 | R | 5696] G:\layout.bin
[26/02/2010 - 11:17:25 | R | 378168] G:\setup.exe
[26/02/2010 - 10:11:26 | R | 585] G:\setup.ini
[26/02/2010 - 10:11:26 | R | 246114] G:\setup.inx
[02/02/2010 - 01:50:24 | R | 3272642] G:\setup.isn
[26/02/2010 - 10:19:52 | D ] G:\support
[13/07/2011 - 13:36:58 | N | 1610] J:\John Scofield - A Moment's Peace.cue
[13/07/2011 - 13:43:26 | N | 363083646] J:\John Scofield - A Moment's Peace.flac
[15/09/2011 - 06:10:16 | D ] J:\FOUND.000
[10/03/2011 - 21:03:16 | D ] J:\Autorun.inf

################## | Vaccin |

(!) This computer is not vaccinated!

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_MICHAL-PC.zip
http://eldesaparecido.com/support.php
Thank you for your contribution.

################## | E.O.F |

[Rudy]

Mělo by být smazáno.