Dobrý den,
prosím o kontrolu logu. Zpomalil se mi net, tak jestli v tom nemá prsty nějaká potvora...
Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Helca at 2012-06-22 13:33:33
Microsoft Windows 7 Home Premium
System drive C: has 396 GB (83%) free of 477 GB
Total RAM: 3071 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:33:39, on 22.6.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\PC Strazce\Common\FSM32.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Helca\Downloads\RSIT.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Users\Helca\Downloads\RSIT.exe
C:\Program Files\trend micro\Helca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbhelper.dll
R3 - URLSearchHook: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Strazce\NRS\iescript\baselitmus.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetSoftware\IEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: TBSB07116 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O3 - Toolbar: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\PC Strazce\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\PC Strazce\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\PC Strazce\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O9 - Extra 'Tools' menuitem: MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Ancient%20Secrets%20-%20Mystery%20of%20the%20Vanishing%20Bride/Images/stg_drm.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Ancient%20Secrets%20-%20Mystery%20of%20the%20Vanishing%20Bride/Images/armhelper.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\PC Strazce\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Strazce\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Strazce\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Strazce\ORSP Client\fsorsp.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
--
End of file - 9184 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\6xyq6hq8.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"litmus-ff@f-secure.com"=C:\Program Files\PC Strazce\NRS\litmus-ff@f-secure.com
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\6xyq6hq8.default\extensions\
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03fee850-0101-4e9e-b6d4-6fc74d3db360}]
RealoreStudios Toolbar - C:\Program Files\RealoreStudios\tbReal.dll [2009-11-09 2331672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files\PC Strazce\NRS\iescript\baselitmus.dll [2012-06-05 554560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]
IEHlprObj Class - C:\Program Files\NetSoftware\IEHelper.dll [2011-04-04 111376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
TBSB07116 Class - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll [2012-01-31 2666112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - MyPlayCity Toolbar - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll [2012-01-31 2666112]
{03fee850-0101-4e9e-b6d4-6fc74d3db360} - RealoreStudios Toolbar - C:\Program Files\RealoreStudios\tbReal.dll [2009-11-09 2331672]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\PC Strazce\NRS\iescript\baselitmus.dll [2012-06-05 554560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-03-17 8546848]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2011-03-29 156672]
"F-Secure Manager"=C:\Program Files\PC Strazce\Common\FSM32.EXE [2009-11-18 201128]
"F-Secure TNB"=C:\Program Files\PC Strazce\FSGUI\TNBUtil.exe [2011-08-23 1655464]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files\Atheros\Bluetooth Suite\AthBtTray.exe [2010-05-05 289952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files\Atheros\Bluetooth Suite\BtvStack.exe [2010-05-05 461984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2012-03-06 421736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Helca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-06-22 13:26:04 ----D---- C:\rsit
2012-06-22 13:26:04 ----D---- C:\Program Files\trend micro
2012-06-22 10:51:40 ----D---- C:\Program Files\MusicJet
2012-06-22 10:51:37 ----HDC---- C:\ProgramData\{B69EB34A-91EB-4FF3-B741-664179483319}
2012-06-21 21:56:20 ----D---- C:\HLIDAMSI
2012-06-21 21:02:00 ----D---- C:\Users\Helca\AppData\Roaming\ERGOM
2012-06-21 21:01:12 ----D---- C:\Program Files\Business Objects
2012-06-21 20:59:28 ----D---- C:\Program Files\Ergom
2012-06-21 20:52:27 ----D---- C:\Users\Helca\AppData\Roaming\InMyDiary
2012-06-21 20:52:24 ----D---- C:\Program Files\InMyDiary
2012-06-17 13:25:01 ----D---- C:\Users\Helca\AppData\Roaming\Playrix Entertainment
2012-06-17 12:02:08 ----D---- C:\Windows\pss
2012-06-13 06:15:24 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-13 06:15:23 ----A---- C:\Windows\system32\iertutil.dll
2012-06-13 06:15:22 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-13 06:15:22 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-13 06:15:22 ----A---- C:\Windows\system32\ieui.dll
2012-06-13 06:15:21 ----A---- C:\Windows\system32\wininet.dll
2012-06-13 06:15:21 ----A---- C:\Windows\system32\jscript.dll
2012-06-13 06:15:20 ----A---- C:\Windows\system32\url.dll
2012-06-13 06:15:20 ----A---- C:\Windows\system32\jscript9.dll
2012-06-13 06:15:19 ----A---- C:\Windows\system32\urlmon.dll
2012-06-13 06:15:16 ----A---- C:\Windows\system32\mshtml.dll
2012-06-13 06:15:15 ----A---- C:\Windows\system32\ieframe.dll
2012-06-13 05:27:37 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-13 05:27:31 ----A---- C:\Windows\system32\msi.dll
2012-06-13 05:27:27 ----A---- C:\Windows\system32\win32k.sys
2012-06-13 05:27:22 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-13 05:27:22 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-13 05:27:22 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-13 05:27:19 ----A---- C:\Windows\system32\profsvc.dll
2012-06-13 05:26:40 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-13 05:26:40 ----A---- C:\Windows\system32\crypt32.dll
2012-06-13 05:26:39 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-10 20:58:31 ----D---- C:\Users\Helca\AppData\Roaming\Mozilla
2012-06-10 20:57:51 ----D---- C:\ProgramData\Mozilla
2012-06-10 20:57:49 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-06-09 01:11:07 ----A---- C:\Windows\system32\wups2.dll
2012-06-09 01:11:07 ----A---- C:\Windows\system32\wucltux.dll
2012-06-09 01:11:07 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-09 01:11:06 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-09 01:10:51 ----A---- C:\Windows\system32\wups.dll
2012-06-09 01:10:51 ----A---- C:\Windows\system32\wudriver.dll
2012-06-09 01:10:51 ----A---- C:\Windows\system32\wuapi.dll
2012-06-09 01:10:40 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-09 01:10:40 ----A---- C:\Windows\system32\wuapp.exe
2012-06-08 07:57:02 ----D---- C:\Program Files\Origin Games
2012-06-08 07:56:40 ----D---- C:\ProgramData\Origin
2012-06-08 07:56:37 ----D---- C:\Users\Helca\AppData\Roaming\Origin
2012-06-08 07:54:16 ----D---- C:\Program Files\Origin
2012-06-04 23:06:03 ----D---- C:\Users\Helca\AppData\Roaming\Western Software Technologies
2012-06-03 22:12:28 ----D---- C:\Program Files\Fuckstory 3 - Gimpl
2012-06-03 21:47:16 ----D---- C:\Program Files\CrissCross2
2012-05-29 10:01:48 ----D---- C:\Users\Helca\AppData\Roaming\IWin_Janes_Realty
2012-05-29 10:00:51 ----D---- C:\Program Files\Jane's Realty
2012-05-29 08:57:42 ----D---- C:\Users\Helca\AppData\Roaming\BigFish Janes Realty2
2012-05-29 08:55:29 ----D---- C:\Program Files\Jane's Realty 2
2012-05-25 07:55:21 ----D---- C:\Program Files\Common Files\Java
2012-05-25 07:54:19 ----D---- C:\Program Files\Oracle
2012-05-25 07:53:46 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-05-25 07:53:46 ----A---- C:\Windows\system32\javaws.exe
2012-05-25 07:53:30 ----A---- C:\Windows\system32\javaw.exe
2012-05-25 07:53:30 ----A---- C:\Windows\system32\java.exe
2012-05-24 17:26:11 ----D---- C:\Users\Helca\AppData\Roaming\Boomzap
2012-05-23 15:07:16 ----D---- C:\Program Files\Common Files\Adobe
2012-05-23 11:06:10 ----D---- C:\ProgramData\Cateia Games
======List of files/folders modified in the last 1 month======
2012-06-22 13:33:36 ----D---- C:\Windows\Temp
2012-06-22 13:27:35 ----D---- C:\Windows\System32
2012-06-22 13:27:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-22 13:27:34 ----D---- C:\Windows\inf
2012-06-22 13:26:17 ----D---- C:\Windows\Prefetch
2012-06-22 13:26:04 ----RD---- C:\Program Files
2012-06-22 13:24:14 ----D---- C:\Program Files\NetSoftware
2012-06-22 13:18:11 ----D---- C:\Windows\system32\config
2012-06-22 10:51:42 ----SHD---- C:\Windows\Installer
2012-06-22 10:51:42 ----HD---- C:\Config.Msi
2012-06-22 10:51:37 ----HD---- C:\ProgramData
2012-06-22 10:37:41 ----SHD---- C:\System Volume Information
2012-06-22 10:14:11 ----D---- C:\Windows\rescache
2012-06-22 02:55:51 ----D---- C:\Users\Helca\AppData\Roaming\SoftGrid Client
2012-06-21 21:59:39 ----SD---- C:\Users\Helca\AppData\Roaming\Microsoft
2012-06-21 21:56:33 ----RSD---- C:\Windows\Fonts
2012-06-21 21:01:30 ----D---- C:\Windows\winsxs
2012-06-21 21:01:25 ----RSD---- C:\Windows\assembly
2012-06-20 08:57:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-06-17 16:10:14 ----D---- C:\Program Files\Mozilla Firefox
2012-06-17 13:24:02 ----D---- C:\Program Files\MyPlayCity.com
2012-06-17 12:02:08 ----D---- C:\Windows
2012-06-15 21:48:42 ----D---- C:\Windows\system32\NDF
2012-06-14 18:04:22 ----D---- C:\Windows\Microsoft.NET
2012-06-14 17:47:13 ----D---- C:\Windows\system32\catroot2
2012-06-13 19:01:13 ----D---- C:\Users\Helca\AppData\Roaming\Plan It Green Files
2012-06-13 16:54:41 ----D---- C:\Windows\system32\migration
2012-06-13 16:54:41 ----D---- C:\Windows\system32\drivers
2012-06-13 16:54:40 ----D---- C:\Program Files\Internet Explorer
2012-06-13 16:54:39 ----D---- C:\Windows\system32\cs-CZ
2012-06-13 06:20:14 ----D---- C:\Windows\debug
2012-06-13 06:20:09 ----A---- C:\Windows\system32\MRT.exe
2012-06-13 06:15:39 ----D---- C:\Windows\system32\catroot
2012-06-10 21:19:34 ----D---- C:\ProgramData\Adobe
2012-06-10 20:58:23 ----D---- C:\Windows\system32\Tasks
2012-06-10 20:58:21 ----D---- C:\Windows\Tasks
2012-06-10 19:21:16 ----AD---- C:\ProgramData\TEMP
2012-06-10 15:55:08 ----RD---- C:\Users
2012-06-08 07:55:12 ----D---- C:\ProgramData\Electronic Arts
2012-06-08 07:41:29 ----D---- C:\Program Files\Electronic Arts
2012-06-08 07:41:07 ----HD---- C:\Program Files\InstallShield Installation Information
2012-06-06 10:41:15 ----D---- C:\Program Files\CCleaner
2012-06-04 11:41:56 ----D---- C:\Users\Helca\AppData\Roaming\Adobe
2012-05-29 21:20:08 ----D---- C:\BigFishGamesCache
2012-05-28 23:43:35 ----D---- C:\Users\Helca\AppData\Roaming\HdO Adventure
2012-05-28 20:23:14 ----D---- C:\Users\Helca\AppData\Roaming\Gamelab
2012-05-28 08:27:23 ----D---- C:\ProgramData\Rumbic Studio
2012-05-25 07:55:21 ----D---- C:\Program Files\Common Files
2012-05-25 07:53:10 ----D---- C:\Program Files\Java
2012-05-24 17:23:42 ----D---- C:\Program Files\Google
2012-05-23 17:55:33 ----D---- C:\Users\Helca\AppData\Roaming\SpinTop
2012-05-23 17:07:33 ----D---- C:\Windows\Minidump
2012-05-23 17:07:33 ----D---- C:\Windows\Logs
2012-05-23 15:07:16 ----D---- C:\Program Files\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2012-05-09 44184]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\PC Strazce\HIPS\drivers\fshs.sys [2009-11-18 69928]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-08-22 41552]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-11-18 72904]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\PC Strazce\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2010-05-06 1797632]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-03-30 28200]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\PC Strazce\Anti-Virus\minifilter\fsgk.sys [2012-05-29 149672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 InputFilter_Hid_FlexDef2b;Siliten Hid Device(FlexDef2b) Filter Driver Example; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-05-29 15360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-03-17 3041568]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 60544]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-02-24 141568]
R3 nuviocir;Nuvoton W836x7HG CIR Device Driver; C:\Windows\system32\DRIVERS\nuviocir_win7_x86.sys [2009-06-19 29696]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-03-30 47144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-04-18 256360]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 177704]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-04-13 46952]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-04-18 143080]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-04-21 230760]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6232.sys [2010-04-06 224424]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2009-06-10 55808]
S3 NmPar;MosChip Unusable Parallel Port; C:\Windows\system32\DRIVERS\NmPar.sys []
S3 nmserial;MosChip PCI Serial Port; C:\Windows\system32\DRIVERS\nmserial.sys []
S3 OxPCIeSer;OxPCIeSer; C:\Windows\system32\DRIVERS\OxPCIeSer.sys [2010-01-12 87080]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files\Atheros\Ath_CoexAgent.exe [2010-04-29 151552]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe [2010-05-05 38560]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\PC Strazce\Anti-Virus\fsgk32st.exe [2009-11-18 221608]
R2 FSMA;F-Secure Management Agent; C:\Program Files\PC Strazce\Common\FSMA32.EXE [2009-11-18 188840]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-05-01 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\PC Strazce\FWES\Program\fsdfwd.exe [2009-11-18 524712]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\PC Strazce\ORSP Client\fsorsp.exe [2011-08-22 61088]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 257224]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 821608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-09 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu..pomalejší net
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu..pomalejší net
Zdravím, tohle fixni v HJT :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbhelper.dll
R3 - URLSearchHook: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O2 - BHO: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O2 - BHO: TBSB07116 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O3 - Toolbar: MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O3 - Toolbar: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HJT najdeš zde :
C:\Program Files\trend micro\Helca.exe
Fix znamená že spustíš HJT
jako admin
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbhelper.dll
R3 - URLSearchHook: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O2 - BHO: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O2 - BHO: TBSB07116 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O3 - Toolbar: MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
O3 - Toolbar: RealoreStudios Toolbar - {03fee850-0101-4e9e-b6d4-6fc74d3db360} - C:\Program Files\RealoreStudios\tbReal.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HJT najdeš zde :
C:\Program Files\trend micro\Helca.exe
Fix znamená že spustíš HJT
jako adminv okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!
Re: Prosím o kontrolu logu..pomalejší net
Hjt zafixoval...
CCleaner vyčistil...
a Mbam nic nenašel...
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org
Verze databáze: v2012.06.22.11
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Helca :: HELCA-PC [administrátor]
Ochrana: Povolena
22.6.2012 22:58:26
mbam-log-2012-06-22 (22-58-26).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 219927
Uplynulý čas: 5 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
takže je to v pořádku?
CCleaner vyčistil...
a Mbam nic nenašel...
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org
Verze databáze: v2012.06.22.11
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Helca :: HELCA-PC [administrátor]
Ochrana: Povolena
22.6.2012 22:58:26
mbam-log-2012-06-22 (22-58-26).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 219927
Uplynulý čas: 5 minut, 10 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
takže je to v pořádku?
Re: Prosím o kontrolu logu..pomalejší net
To se ještě uvidímandra píše:Hjt zafixoval...
CCleaner vyčistil...
a Mbam nic nenašel...
takže je to v pořádku?
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Prosím o kontrolu logu..pomalejší net
Tady je....
ComboFix 12-06-21.03 - Helca 22.06.2012 23:43:39.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3071.1855 [GMT 2:00]
Spuštěný z: c:\users\Helca\Desktop\ComboFix.exe
AV: O2 PC Strážce Plus 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: O2 PC Strážce Plus 9.12 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: O2 PC Strážce Plus 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Helca\AppData\Roaming\TMInc
c:\users\Helca\AppData\Roaming\TMInc\game.cfg
c:\users\Helca\AppData\Roaming\TMInc\user1.sav
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-22 do 2012-06-22 )))))))))))))))))))))))))))))))
.
.
2012-06-22 20:56 . 2012-06-22 20:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\programdata\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-22 20:55 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-22 11:26 . 2012-06-22 11:33 -------- d-----w- c:\program files\trend micro
2012-06-22 11:26 . 2012-06-22 11:26 -------- d-----w- C:\rsit
2012-06-22 10:40 . 2012-06-22 10:40 -------- d-----w- c:\users\Guest\AppData\Local\Macromedia
2012-06-22 10:39 . 2012-06-22 10:39 -------- d-----w- c:\users\Guest\AppData\Local\Mozilla
2012-06-22 08:51 . 2012-06-22 08:51 -------- d-----w- c:\program files\MusicJet
2012-06-22 08:51 . 2012-06-22 08:51 -------- dc-h--w- c:\programdata\{B69EB34A-91EB-4FF3-B741-664179483319}
2012-06-22 07:31 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B0B3B65-A504-448F-9589-55412E41224B}\mpengine.dll
2012-06-21 19:56 . 2012-06-22 07:00 -------- d-----w- C:\HLIDAMSI
2012-06-21 19:02 . 2012-06-21 19:02 -------- d-----w- c:\users\Helca\AppData\Roaming\ERGOM
2012-06-21 19:01 . 2012-06-21 19:01 -------- d-----w- c:\program files\Business Objects
2012-06-21 18:59 . 2012-06-21 18:59 -------- d-----w- c:\program files\Ergom
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\users\Helca\AppData\Roaming\InMyDiary
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\program files\InMyDiary
2012-06-20 06:58 . 2012-06-20 06:58 -------- d-----w- c:\users\Helca\AppData\Local\Macromedia
2012-06-17 11:25 . 2012-06-17 11:25 -------- d-----w- c:\users\Helca\AppData\Roaming\Playrix Entertainment
2012-06-13 03:27 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 03:27 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 03:27 . 2012-05-15 01:12 2342400 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 03:27 . 2012-04-26 04:48 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 03:27 . 2012-04-26 04:48 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 03:27 . 2012-04-26 04:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 03:27 . 2012-05-02 04:52 163328 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 139264 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 03:26 . 2012-04-24 04:47 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-10 13:36 . 2012-06-10 13:37 -------- d-----w- c:\users\Guest\AppData\Local\Microsoft Games
2012-06-10 11:27 . 2012-06-10 11:27 -------- d-----w- c:\users\Helca\AppData\Local\SpookyManor
2012-06-10 08:24 . 2012-06-10 08:24 -------- d-----w- c:\users\Helca\AppData\Local\PackageAware
2012-06-08 23:11 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-08 23:11 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-08 23:11 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-08 23:11 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-08 23:10 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-08 23:10 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-08 23:10 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-08 23:10 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-08 23:10 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-08 05:57 . 2012-06-08 05:57 -------- d-----w- c:\program files\Origin Games
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Local\Origin
2012-06-08 05:56 . 2012-06-08 05:57 -------- d-----w- c:\programdata\Origin
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Origin
2012-06-08 05:54 . 2012-06-08 05:55 -------- d-----w- c:\program files\Origin
2012-06-04 21:06 . 2012-06-04 21:06 -------- d-----w- c:\users\Helca\AppData\Roaming\Western Software Technologies
2012-06-03 20:12 . 2012-06-03 20:14 -------- d-----w- c:\program files\Fuckstory 3 - Gimpl
2012-06-03 19:47 . 2012-06-03 19:47 -------- d-----w- c:\program files\CrissCross2
2012-05-29 08:01 . 2012-05-29 08:40 -------- d-----w- c:\users\Helca\AppData\Roaming\IWin_Janes_Realty
2012-05-29 08:00 . 2012-05-29 08:00 -------- d-----w- c:\program files\Jane's Realty
2012-05-29 06:57 . 2012-05-29 06:58 -------- d-----w- c:\users\Helca\AppData\Roaming\BigFish Janes Realty2
2012-05-29 06:55 . 2012-05-29 06:56 -------- d-----w- c:\program files\Jane's Realty 2
2012-05-25 05:55 . 2012-05-25 05:55 -------- d-----w- c:\program files\Common Files\Java
2012-05-25 05:54 . 2012-05-25 05:54 -------- d-----w- c:\program files\Oracle
2012-05-25 05:53 . 2012-04-04 16:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-24 15:26 . 2012-05-24 15:26 -------- d-----w- c:\users\Helca\AppData\Roaming\Boomzap
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-20 06:57 . 2012-04-17 14:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-20 06:57 . 2011-05-16 14:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-09 07:17 . 2011-08-22 18:14 44184 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-04-04 16:47 . 2011-06-01 18:19 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-02 04:46 . 2012-05-11 05:03 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-02 04:46 . 2012-05-11 05:03 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-30 10:29 . 2012-05-11 05:04 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-06-17 14:10 . 2012-06-10 18:57 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03fee850-0101-4e9e-b6d4-6fc74d3db360}]
2009-11-09 16:38 2331672 ----a-w- c:\program files\RealoreStudios\tbReal.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D}"= "c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll" [2012-01-31 2666112]
"{03fee850-0101-4e9e-b6d4-6fc74d3db360}"= "c:\program files\RealoreStudios\tbReal.dll" [2009-11-09 2331672]
.
[HKEY_CLASSES_ROOT\clsid\{5fc86fb3-a8b1-400b-8be7-0eaf0d857f5d}]
[HKEY_CLASSES_ROOT\TBSB07116.TBSB07116.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB07116.TBSB07116]
.
[HKEY_CLASSES_ROOT\clsid\{03fee850-0101-4e9e-b6d4-6fc74d3db360}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-17 8546848]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2011-03-29 156672]
"F-Secure Manager"="c:\program files\PC Strazce\Common\FSM32.EXE" [2009-11-18 201128]
"F-Secure TNB"="c:\program files\PC Strazce\FSGUI\TNBUtil.exe" [2011-08-23 1655464]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Helca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\Helca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 20:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
2010-05-05 09:21 289952 ----a-w- c:\program files\Atheros\Bluetooth Suite\AthBtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
2010-05-05 09:21 461984 ----a-w- c:\program files\Atheros\Bluetooth Suite\BtvStack.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 18:05 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 257224]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2010-03-30 47144]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-04-05 224424]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-06-10 55808]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 NmPar;MosChip Unusable Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\DRIVERS\nmserial.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 OxPCIeSer;OxPCIeSer;c:\windows\system32\DRIVERS\OxPCIeSer.sys [2010-01-12 87080]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-09 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-05-09 44184]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Strazce\HIPS\drivers\fshs.sys [2009-11-18 69928]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-08-22 41552]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\PC Strazce\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Atheros\Ath_CoexAgent.exe [2010-04-29 151552]
S2 AtherosSvc;AtherosSvc;c:\program files\Atheros\Bluetooth Suite\adminservice.exe [2010-05-05 38560]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-04-18 256360]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-03-30 28200]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 177704]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-04-13 46952]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-04-18 143080]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-04-21 230760]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Strazce\Anti-Virus\minifilter\fsgk.sys [2012-05-29 149672]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Strazce\ORSP Client\fsorsp.exe [2011-08-22 61088]
S3 InputFilter_Hid_FlexDef2b;Siliten Hid Device(FlexDef2b) Filter Driver Example;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-05-28 15360]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 60544]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-02-24 141568]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x86.sys [2009-06-19 29696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMPROTECTOR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 06:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.myplaycity.com/
uInternet Settings,ProxyOverride = *.local
IE: {{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
LSP: c:\program files\PC Strazce\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\6xyq6hq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
AddRemove-Farmscapes Collector's Edition Final updated v2.7.1.2 - c:\windows\Farmscapes Collector's Edition Final updated v2.7.1.2
AddRemove-FoxTab Video Converter - c:\users\Helca\FoxTabVideoConverter\Uninstall\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-06-23 00:04:01
ComboFix-quarantined-files.txt 2012-06-22 22:04
.
Před spuštěním: Volných bajtů: 411 514 040 320
Po spuštění: Volných bajtů: 411 718 303 744
.
- - End Of File - - 982D57A3DC48B8A89666B9CC1F2D6AD5
musím ale dodat, že net už zase šlape
ComboFix 12-06-21.03 - Helca 22.06.2012 23:43:39.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3071.1855 [GMT 2:00]
Spuštěný z: c:\users\Helca\Desktop\ComboFix.exe
AV: O2 PC Strážce Plus 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: O2 PC Strážce Plus 9.12 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: O2 PC Strážce Plus 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Helca\AppData\Roaming\TMInc
c:\users\Helca\AppData\Roaming\TMInc\game.cfg
c:\users\Helca\AppData\Roaming\TMInc\user1.sav
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-22 do 2012-06-22 )))))))))))))))))))))))))))))))
.
.
2012-06-22 20:56 . 2012-06-22 20:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\programdata\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-22 20:55 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-22 11:26 . 2012-06-22 11:33 -------- d-----w- c:\program files\trend micro
2012-06-22 11:26 . 2012-06-22 11:26 -------- d-----w- C:\rsit
2012-06-22 10:40 . 2012-06-22 10:40 -------- d-----w- c:\users\Guest\AppData\Local\Macromedia
2012-06-22 10:39 . 2012-06-22 10:39 -------- d-----w- c:\users\Guest\AppData\Local\Mozilla
2012-06-22 08:51 . 2012-06-22 08:51 -------- d-----w- c:\program files\MusicJet
2012-06-22 08:51 . 2012-06-22 08:51 -------- dc-h--w- c:\programdata\{B69EB34A-91EB-4FF3-B741-664179483319}
2012-06-22 07:31 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B0B3B65-A504-448F-9589-55412E41224B}\mpengine.dll
2012-06-21 19:56 . 2012-06-22 07:00 -------- d-----w- C:\HLIDAMSI
2012-06-21 19:02 . 2012-06-21 19:02 -------- d-----w- c:\users\Helca\AppData\Roaming\ERGOM
2012-06-21 19:01 . 2012-06-21 19:01 -------- d-----w- c:\program files\Business Objects
2012-06-21 18:59 . 2012-06-21 18:59 -------- d-----w- c:\program files\Ergom
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\users\Helca\AppData\Roaming\InMyDiary
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\program files\InMyDiary
2012-06-20 06:58 . 2012-06-20 06:58 -------- d-----w- c:\users\Helca\AppData\Local\Macromedia
2012-06-17 11:25 . 2012-06-17 11:25 -------- d-----w- c:\users\Helca\AppData\Roaming\Playrix Entertainment
2012-06-13 03:27 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 03:27 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 03:27 . 2012-05-15 01:12 2342400 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 03:27 . 2012-04-26 04:48 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 03:27 . 2012-04-26 04:48 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 03:27 . 2012-04-26 04:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 03:27 . 2012-05-02 04:52 163328 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 139264 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 03:26 . 2012-04-24 04:47 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-10 13:36 . 2012-06-10 13:37 -------- d-----w- c:\users\Guest\AppData\Local\Microsoft Games
2012-06-10 11:27 . 2012-06-10 11:27 -------- d-----w- c:\users\Helca\AppData\Local\SpookyManor
2012-06-10 08:24 . 2012-06-10 08:24 -------- d-----w- c:\users\Helca\AppData\Local\PackageAware
2012-06-08 23:11 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-08 23:11 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-08 23:11 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-08 23:11 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-08 23:10 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-08 23:10 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-08 23:10 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-08 23:10 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-08 23:10 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-08 05:57 . 2012-06-08 05:57 -------- d-----w- c:\program files\Origin Games
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Local\Origin
2012-06-08 05:56 . 2012-06-08 05:57 -------- d-----w- c:\programdata\Origin
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Origin
2012-06-08 05:54 . 2012-06-08 05:55 -------- d-----w- c:\program files\Origin
2012-06-04 21:06 . 2012-06-04 21:06 -------- d-----w- c:\users\Helca\AppData\Roaming\Western Software Technologies
2012-06-03 20:12 . 2012-06-03 20:14 -------- d-----w- c:\program files\Fuckstory 3 - Gimpl
2012-06-03 19:47 . 2012-06-03 19:47 -------- d-----w- c:\program files\CrissCross2
2012-05-29 08:01 . 2012-05-29 08:40 -------- d-----w- c:\users\Helca\AppData\Roaming\IWin_Janes_Realty
2012-05-29 08:00 . 2012-05-29 08:00 -------- d-----w- c:\program files\Jane's Realty
2012-05-29 06:57 . 2012-05-29 06:58 -------- d-----w- c:\users\Helca\AppData\Roaming\BigFish Janes Realty2
2012-05-29 06:55 . 2012-05-29 06:56 -------- d-----w- c:\program files\Jane's Realty 2
2012-05-25 05:55 . 2012-05-25 05:55 -------- d-----w- c:\program files\Common Files\Java
2012-05-25 05:54 . 2012-05-25 05:54 -------- d-----w- c:\program files\Oracle
2012-05-25 05:53 . 2012-04-04 16:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-24 15:26 . 2012-05-24 15:26 -------- d-----w- c:\users\Helca\AppData\Roaming\Boomzap
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-20 06:57 . 2012-04-17 14:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-20 06:57 . 2011-05-16 14:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-09 07:17 . 2011-08-22 18:14 44184 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-04-04 16:47 . 2011-06-01 18:19 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-02 04:46 . 2012-05-11 05:03 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-02 04:46 . 2012-05-11 05:03 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-30 10:29 . 2012-05-11 05:04 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-06-17 14:10 . 2012-06-10 18:57 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03fee850-0101-4e9e-b6d4-6fc74d3db360}]
2009-11-09 16:38 2331672 ----a-w- c:\program files\RealoreStudios\tbReal.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D}"= "c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll" [2012-01-31 2666112]
"{03fee850-0101-4e9e-b6d4-6fc74d3db360}"= "c:\program files\RealoreStudios\tbReal.dll" [2009-11-09 2331672]
.
[HKEY_CLASSES_ROOT\clsid\{5fc86fb3-a8b1-400b-8be7-0eaf0d857f5d}]
[HKEY_CLASSES_ROOT\TBSB07116.TBSB07116.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB07116.TBSB07116]
.
[HKEY_CLASSES_ROOT\clsid\{03fee850-0101-4e9e-b6d4-6fc74d3db360}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-17 8546848]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2011-03-29 156672]
"F-Secure Manager"="c:\program files\PC Strazce\Common\FSM32.EXE" [2009-11-18 201128]
"F-Secure TNB"="c:\program files\PC Strazce\FSGUI\TNBUtil.exe" [2011-08-23 1655464]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Helca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\Helca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 20:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
2010-05-05 09:21 289952 ----a-w- c:\program files\Atheros\Bluetooth Suite\AthBtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
2010-05-05 09:21 461984 ----a-w- c:\program files\Atheros\Bluetooth Suite\BtvStack.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 18:05 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 257224]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2010-03-30 47144]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-04-05 224424]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-06-10 55808]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 NmPar;MosChip Unusable Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\DRIVERS\nmserial.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 OxPCIeSer;OxPCIeSer;c:\windows\system32\DRIVERS\OxPCIeSer.sys [2010-01-12 87080]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-09 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-05-09 44184]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Strazce\HIPS\drivers\fshs.sys [2009-11-18 69928]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-08-22 41552]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\PC Strazce\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Atheros\Ath_CoexAgent.exe [2010-04-29 151552]
S2 AtherosSvc;AtherosSvc;c:\program files\Atheros\Bluetooth Suite\adminservice.exe [2010-05-05 38560]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-04-18 256360]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-03-30 28200]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 177704]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-04-13 46952]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-04-18 143080]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-04-21 230760]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Strazce\Anti-Virus\minifilter\fsgk.sys [2012-05-29 149672]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Strazce\ORSP Client\fsorsp.exe [2011-08-22 61088]
S3 InputFilter_Hid_FlexDef2b;Siliten Hid Device(FlexDef2b) Filter Driver Example;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-05-28 15360]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 60544]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-02-24 141568]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x86.sys [2009-06-19 29696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMPROTECTOR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 06:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.myplaycity.com/
uInternet Settings,ProxyOverride = *.local
IE: {{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
LSP: c:\program files\PC Strazce\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\6xyq6hq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
AddRemove-Farmscapes Collector's Edition Final updated v2.7.1.2 - c:\windows\Farmscapes Collector's Edition Final updated v2.7.1.2
AddRemove-FoxTab Video Converter - c:\users\Helca\FoxTabVideoConverter\Uninstall\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-06-23 00:04:01
ComboFix-quarantined-files.txt 2012-06-22 22:04
.
Před spuštěním: Volných bajtů: 411 514 040 320
Po spuštění: Volných bajtů: 411 718 303 744
.
- - End Of File - - 982D57A3DC48B8A89666B9CC1F2D6AD5
musím ale dodat, že net už zase šlape
Re: Prosím o kontrolu logu..pomalejší net
Ano, ale ještě doladíme.mandra píše:musím ale dodat, že net už zase šlape
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
Folder::
c:\program files\MyPlayCity Toolbar
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{03fee850-0101-4e9e-b6d4-6fc74d3db360}"=-
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: Prosím o kontrolu logu..pomalejší net
omlovám se za zpoždění...byla jsem v práci. Tady je log:
ComboFix 12-06-23.05 - Helca 23.06.2012 23:43:19.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3071.2128 [GMT 2:00]
Spuštěný z: c:\users\Helca\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Helca\Desktop\CFScript.txt
AV: O2 PC Strážce Plus 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: O2 PC Strážce Plus 9.12 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: O2 PC Strážce Plus 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\MyPlayCity Toolbar
c:\program files\MyPlayCity Toolbar\all_games.png
c:\program files\MyPlayCity Toolbar\arrow_refresh.png
c:\program files\MyPlayCity Toolbar\basis.xml
c:\program files\MyPlayCity Toolbar\cog.png
c:\program files\MyPlayCity Toolbar\computer_delete.png
c:\program files\MyPlayCity Toolbar\fasttabs.add.png
c:\program files\MyPlayCity Toolbar\fasttabs.default.png
c:\program files\MyPlayCity Toolbar\FastTabs.dll
c:\program files\MyPlayCity Toolbar\fasttabs.html
c:\program files\MyPlayCity Toolbar\fasttabs.jquery-ui-1.8.16.custom.css
c:\program files\MyPlayCity Toolbar\fasttabs.loader.gif
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_flat_0_aaaaaa_40x100.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_flat_75_ffffff_40x100.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_55_fbf9ee_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_65_ffffff_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_75_dadada_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_75_e6e6e6_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_95_fef1ec_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_222222_256x240.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_2e83ff_256x240.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_454545_256x240.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_cd0a0a_256x240.png
c:\program files\MyPlayCity Toolbar\favicon.ico
c:\program files\MyPlayCity Toolbar\favicon.png
c:\program files\MyPlayCity Toolbar\hiddenwindow.xul
c:\program files\MyPlayCity Toolbar\icons.bmp
c:\program files\MyPlayCity Toolbar\info.txt
c:\program files\MyPlayCity Toolbar\inst.tmp
c:\program files\MyPlayCity Toolbar\jquery-1.6.2.min.js
c:\program files\MyPlayCity Toolbar\jquery-ui-1.8.16.custom.min.js
c:\program files\MyPlayCity Toolbar\json2.min.js
c:\program files\MyPlayCity Toolbar\logo.png
c:\program files\MyPlayCity Toolbar\new_games.png
c:\program files\MyPlayCity Toolbar\play_now.png
c:\program files\MyPlayCity Toolbar\search.png
c:\program files\MyPlayCity Toolbar\TbCommonUtils.dll
c:\program files\MyPlayCity Toolbar\tbcore3.dll
c:\program files\MyPlayCity Toolbar\tbhelper.dll
c:\program files\MyPlayCity Toolbar\TbHelper2.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\all_games.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\arrow_refresh.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\basis.xml
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\cog.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\computer_delete.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.add.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.default.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\FastTabs.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.html
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.jquery-ui-1.8.16.custom.css
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.loader.gif
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_flat_0_aaaaaa_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_flat_75_ffffff_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_55_fbf9ee_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_65_ffffff_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_75_dadada_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_75_e6e6e6_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_95_fef1ec_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_222222_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_2e83ff_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_454545_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_cd0a0a_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\favicon.ico
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\favicon.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\hiddenwindow.xul
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\icons.bmp
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\info.txt
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\inst.tmp
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\jquery-1.6.2.min.js
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\jquery-ui-1.8.16.custom.min.js
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\json2.min.js
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\logo.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\new_games.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\play_now.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\search.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\TbCommonUtils.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbhelper.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\TbHelper2.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\toolbar.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\top_games.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\uninstall.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\uninstaller.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\update.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\version.txt
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\your_logo.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\all_games.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\arrow_refresh.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\basis.xml
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\cog.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\computer_delete.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.add.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.default.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\FastTabs.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.html
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.jquery-ui-1.8.16.custom.css
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.loader.gif
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_flat_0_aaaaaa_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_flat_75_ffffff_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_55_fbf9ee_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_65_ffffff_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_75_dadada_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_75_e6e6e6_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_95_fef1ec_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_222222_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_2e83ff_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_454545_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_cd0a0a_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\favicon.ico
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\favicon.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\hiddenwindow.xul
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\icons.bmp
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\info.txt
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\inst.tmp
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\jquery-1.6.2.min.js
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\jquery-ui-1.8.16.custom.min.js
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\json2.min.js
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\logo.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\new_games.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\play_now.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\search.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\TbCommonUtils.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\tbcore3.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\tbhelper.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\TbHelper2.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\toolbar.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\top_games.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\uninstall.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\uninstaller.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\update.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\version.txt
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\your_logo.png
c:\program files\MyPlayCity Toolbar\toolbar.dll
c:\program files\MyPlayCity Toolbar\top_games.png
c:\program files\MyPlayCity Toolbar\uninstall.exe
c:\program files\MyPlayCity Toolbar\uninstaller.exe
c:\program files\MyPlayCity Toolbar\update.exe
c:\program files\MyPlayCity Toolbar\version.txt
c:\program files\MyPlayCity Toolbar\your_logo.png
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-23 do 2012-06-23 )))))))))))))))))))))))))))))))
.
.
2012-06-23 22:00 . 2012-06-23 22:01 -------- d-----w- c:\users\Helca\AppData\Local\temp
2012-06-23 22:00 . 2012-06-23 22:00 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-06-23 22:00 . 2012-06-23 22:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-22 20:56 . 2012-06-22 20:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\programdata\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-22 20:55 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-22 11:26 . 2012-06-22 11:33 -------- d-----w- c:\program files\trend micro
2012-06-22 11:26 . 2012-06-22 11:26 -------- d-----w- C:\rsit
2012-06-22 10:40 . 2012-06-22 10:40 -------- d-----w- c:\users\Guest\AppData\Local\Macromedia
2012-06-22 10:39 . 2012-06-22 10:39 -------- d-----w- c:\users\Guest\AppData\Local\Mozilla
2012-06-22 08:51 . 2012-06-22 08:51 -------- d-----w- c:\program files\MusicJet
2012-06-22 08:51 . 2012-06-22 08:51 -------- dc-h--w- c:\programdata\{B69EB34A-91EB-4FF3-B741-664179483319}
2012-06-22 07:31 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B0B3B65-A504-448F-9589-55412E41224B}\mpengine.dll
2012-06-21 19:56 . 2012-06-22 07:00 -------- d-----w- C:\HLIDAMSI
2012-06-21 19:02 . 2012-06-21 19:02 -------- d-----w- c:\users\Helca\AppData\Roaming\ERGOM
2012-06-21 19:01 . 2012-06-21 19:01 -------- d-----w- c:\program files\Business Objects
2012-06-21 18:59 . 2012-06-21 18:59 -------- d-----w- c:\program files\Ergom
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\users\Helca\AppData\Roaming\InMyDiary
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\program files\InMyDiary
2012-06-20 06:58 . 2012-06-20 06:58 -------- d-----w- c:\users\Helca\AppData\Local\Macromedia
2012-06-17 11:25 . 2012-06-17 11:25 -------- d-----w- c:\users\Helca\AppData\Roaming\Playrix Entertainment
2012-06-13 03:27 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 03:27 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 03:27 . 2012-05-15 01:12 2342400 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 03:27 . 2012-04-26 04:48 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 03:27 . 2012-04-26 04:48 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 03:27 . 2012-04-26 04:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 03:27 . 2012-05-02 04:52 163328 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 139264 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 03:26 . 2012-04-24 04:47 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-10 13:36 . 2012-06-10 13:37 -------- d-----w- c:\users\Guest\AppData\Local\Microsoft Games
2012-06-10 11:27 . 2012-06-10 11:27 -------- d-----w- c:\users\Helca\AppData\Local\SpookyManor
2012-06-10 08:24 . 2012-06-10 08:24 -------- d-----w- c:\users\Helca\AppData\Local\PackageAware
2012-06-08 23:11 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-08 23:11 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-08 23:11 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-08 23:11 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-08 23:10 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-08 23:10 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-08 23:10 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-08 23:10 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-08 23:10 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-08 05:57 . 2012-06-08 05:57 -------- d-----w- c:\program files\Origin Games
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Local\Origin
2012-06-08 05:56 . 2012-06-08 05:57 -------- d-----w- c:\programdata\Origin
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Origin
2012-06-08 05:54 . 2012-06-08 05:55 -------- d-----w- c:\program files\Origin
2012-06-04 21:06 . 2012-06-04 21:06 -------- d-----w- c:\users\Helca\AppData\Roaming\Western Software Technologies
2012-06-03 20:12 . 2012-06-03 20:14 -------- d-----w- c:\program files\Fuckstory 3 - Gimpl
2012-06-03 19:47 . 2012-06-03 19:47 -------- d-----w- c:\program files\CrissCross2
2012-05-29 08:01 . 2012-05-29 08:40 -------- d-----w- c:\users\Helca\AppData\Roaming\IWin_Janes_Realty
2012-05-29 08:00 . 2012-05-29 08:00 -------- d-----w- c:\program files\Jane's Realty
2012-05-29 06:57 . 2012-05-29 06:58 -------- d-----w- c:\users\Helca\AppData\Roaming\BigFish Janes Realty2
2012-05-29 06:55 . 2012-05-29 06:56 -------- d-----w- c:\program files\Jane's Realty 2
2012-05-25 05:55 . 2012-05-25 05:55 -------- d-----w- c:\program files\Common Files\Java
2012-05-25 05:54 . 2012-05-25 05:54 -------- d-----w- c:\program files\Oracle
2012-05-25 05:53 . 2012-04-04 16:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 19:33 . 2012-04-17 14:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 19:33 . 2011-05-16 14:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-09 07:17 . 2011-08-22 18:14 44184 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-04-04 16:47 . 2011-06-01 18:19 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-02 04:46 . 2012-05-11 05:03 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-02 04:46 . 2012-05-11 05:03 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-30 10:29 . 2012-05-11 05:04 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-06-17 14:10 . 2012-06-10 18:57 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03fee850-0101-4e9e-b6d4-6fc74d3db360}]
2009-11-09 16:38 2331672 ----a-w- c:\program files\RealoreStudios\tbReal.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-17 8546848]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2011-03-29 156672]
"F-Secure Manager"="c:\program files\PC Strazce\Common\FSM32.EXE" [2009-11-18 201128]
"F-Secure TNB"="c:\program files\PC Strazce\FSGUI\TNBUtil.exe" [2011-08-23 1655464]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Helca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\Helca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 20:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
2010-05-05 09:21 289952 ----a-w- c:\program files\Atheros\Bluetooth Suite\AthBtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
2010-05-05 09:21 461984 ----a-w- c:\program files\Atheros\Bluetooth Suite\BtvStack.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 18:05 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2010-03-30 47144]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-04-05 224424]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-06-10 55808]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 NmPar;MosChip Unusable Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\DRIVERS\nmserial.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 OxPCIeSer;OxPCIeSer;c:\windows\system32\DRIVERS\OxPCIeSer.sys [2010-01-12 87080]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-09 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-05-09 44184]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Strazce\HIPS\drivers\fshs.sys [2009-11-18 69928]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-08-22 41552]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\PC Strazce\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Atheros\Ath_CoexAgent.exe [2010-04-29 151552]
S2 AtherosSvc;AtherosSvc;c:\program files\Atheros\Bluetooth Suite\adminservice.exe [2010-05-05 38560]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-04-18 256360]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-03-30 28200]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 177704]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-04-13 46952]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-04-18 143080]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-04-21 230760]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Strazce\Anti-Virus\minifilter\fsgk.sys [2012-05-29 149672]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Strazce\ORSP Client\fsorsp.exe [2011-08-22 61088]
S3 InputFilter_Hid_FlexDef2b;Siliten Hid Device(FlexDef2b) Filter Driver Example;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-05-28 15360]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 60544]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-02-24 141568]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x86.sys [2009-06-19 29696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 19:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.myplaycity.com/
uInternet Settings,ProxyOverride = *.local
IE: {{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
LSP: c:\program files\PC Strazce\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\6xyq6hq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-MyPlayCity Toolbar - c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\uninstaller.exe
.
.
.
Celkový čas: 2012-06-24 00:04:49
ComboFix-quarantined-files.txt 2012-06-23 22:04
ComboFix2.txt 2012-06-22 22:04
.
Před spuštěním: Volných bajtů: 418 456 322 048
Po spuštění: Volných bajtů: 418 489 688 064
.
- - End Of File - - 5BA730A3426CE2107F1A5239537DE0D0
ComboFix 12-06-23.05 - Helca 23.06.2012 23:43:19.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3071.2128 [GMT 2:00]
Spuštěný z: c:\users\Helca\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Helca\Desktop\CFScript.txt
AV: O2 PC Strážce Plus 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: O2 PC Strážce Plus 9.12 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: O2 PC Strážce Plus 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\MyPlayCity Toolbar
c:\program files\MyPlayCity Toolbar\all_games.png
c:\program files\MyPlayCity Toolbar\arrow_refresh.png
c:\program files\MyPlayCity Toolbar\basis.xml
c:\program files\MyPlayCity Toolbar\cog.png
c:\program files\MyPlayCity Toolbar\computer_delete.png
c:\program files\MyPlayCity Toolbar\fasttabs.add.png
c:\program files\MyPlayCity Toolbar\fasttabs.default.png
c:\program files\MyPlayCity Toolbar\FastTabs.dll
c:\program files\MyPlayCity Toolbar\fasttabs.html
c:\program files\MyPlayCity Toolbar\fasttabs.jquery-ui-1.8.16.custom.css
c:\program files\MyPlayCity Toolbar\fasttabs.loader.gif
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_flat_0_aaaaaa_40x100.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_flat_75_ffffff_40x100.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_55_fbf9ee_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_65_ffffff_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_75_dadada_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_75_e6e6e6_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-bg_glass_95_fef1ec_1x400.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_222222_256x240.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_2e83ff_256x240.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_454545_256x240.png
c:\program files\MyPlayCity Toolbar\fasttabs.ui-icons_cd0a0a_256x240.png
c:\program files\MyPlayCity Toolbar\favicon.ico
c:\program files\MyPlayCity Toolbar\favicon.png
c:\program files\MyPlayCity Toolbar\hiddenwindow.xul
c:\program files\MyPlayCity Toolbar\icons.bmp
c:\program files\MyPlayCity Toolbar\info.txt
c:\program files\MyPlayCity Toolbar\inst.tmp
c:\program files\MyPlayCity Toolbar\jquery-1.6.2.min.js
c:\program files\MyPlayCity Toolbar\jquery-ui-1.8.16.custom.min.js
c:\program files\MyPlayCity Toolbar\json2.min.js
c:\program files\MyPlayCity Toolbar\logo.png
c:\program files\MyPlayCity Toolbar\new_games.png
c:\program files\MyPlayCity Toolbar\play_now.png
c:\program files\MyPlayCity Toolbar\search.png
c:\program files\MyPlayCity Toolbar\TbCommonUtils.dll
c:\program files\MyPlayCity Toolbar\tbcore3.dll
c:\program files\MyPlayCity Toolbar\tbhelper.dll
c:\program files\MyPlayCity Toolbar\TbHelper2.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\all_games.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\arrow_refresh.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\basis.xml
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\cog.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\computer_delete.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.add.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.default.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\FastTabs.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.html
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.jquery-ui-1.8.16.custom.css
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.loader.gif
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_flat_0_aaaaaa_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_flat_75_ffffff_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_55_fbf9ee_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_65_ffffff_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_75_dadada_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_75_e6e6e6_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-bg_glass_95_fef1ec_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_222222_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_2e83ff_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_454545_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\fasttabs.ui-icons_cd0a0a_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\favicon.ico
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\favicon.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\hiddenwindow.xul
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\icons.bmp
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\info.txt
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\inst.tmp
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\jquery-1.6.2.min.js
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\jquery-ui-1.8.16.custom.min.js
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\json2.min.js
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\logo.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\new_games.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\play_now.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\search.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\TbCommonUtils.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbhelper.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\TbHelper2.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\toolbar.dll
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\top_games.png
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\uninstall.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\uninstaller.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\update.exe
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\version.txt
c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\your_logo.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\all_games.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\arrow_refresh.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\basis.xml
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\cog.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\computer_delete.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.add.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.default.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\FastTabs.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.html
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.jquery-ui-1.8.16.custom.css
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.loader.gif
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_flat_0_aaaaaa_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_flat_75_ffffff_40x100.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_55_fbf9ee_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_65_ffffff_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_75_dadada_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_75_e6e6e6_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-bg_glass_95_fef1ec_1x400.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_222222_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_2e83ff_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_454545_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\fasttabs.ui-icons_cd0a0a_256x240.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\favicon.ico
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\favicon.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\hiddenwindow.xul
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\icons.bmp
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\info.txt
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\inst.tmp
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\jquery-1.6.2.min.js
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\jquery-ui-1.8.16.custom.min.js
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\json2.min.js
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\logo.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\new_games.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\play_now.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\search.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\TbCommonUtils.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\tbcore3.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\tbhelper.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\TbHelper2.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\toolbar.dll
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\top_games.png
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\uninstall.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\uninstaller.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\update.exe
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\version.txt
c:\program files\MyPlayCity Toolbar\tbunsmEB9C.tmp\your_logo.png
c:\program files\MyPlayCity Toolbar\toolbar.dll
c:\program files\MyPlayCity Toolbar\top_games.png
c:\program files\MyPlayCity Toolbar\uninstall.exe
c:\program files\MyPlayCity Toolbar\uninstaller.exe
c:\program files\MyPlayCity Toolbar\update.exe
c:\program files\MyPlayCity Toolbar\version.txt
c:\program files\MyPlayCity Toolbar\your_logo.png
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-23 do 2012-06-23 )))))))))))))))))))))))))))))))
.
.
2012-06-23 22:00 . 2012-06-23 22:01 -------- d-----w- c:\users\Helca\AppData\Local\temp
2012-06-23 22:00 . 2012-06-23 22:00 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-06-23 22:00 . 2012-06-23 22:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-22 20:56 . 2012-06-22 20:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\programdata\Malwarebytes
2012-06-22 20:55 . 2012-06-22 20:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-22 20:55 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-22 11:26 . 2012-06-22 11:33 -------- d-----w- c:\program files\trend micro
2012-06-22 11:26 . 2012-06-22 11:26 -------- d-----w- C:\rsit
2012-06-22 10:40 . 2012-06-22 10:40 -------- d-----w- c:\users\Guest\AppData\Local\Macromedia
2012-06-22 10:39 . 2012-06-22 10:39 -------- d-----w- c:\users\Guest\AppData\Local\Mozilla
2012-06-22 08:51 . 2012-06-22 08:51 -------- d-----w- c:\program files\MusicJet
2012-06-22 08:51 . 2012-06-22 08:51 -------- dc-h--w- c:\programdata\{B69EB34A-91EB-4FF3-B741-664179483319}
2012-06-22 07:31 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7B0B3B65-A504-448F-9589-55412E41224B}\mpengine.dll
2012-06-21 19:56 . 2012-06-22 07:00 -------- d-----w- C:\HLIDAMSI
2012-06-21 19:02 . 2012-06-21 19:02 -------- d-----w- c:\users\Helca\AppData\Roaming\ERGOM
2012-06-21 19:01 . 2012-06-21 19:01 -------- d-----w- c:\program files\Business Objects
2012-06-21 18:59 . 2012-06-21 18:59 -------- d-----w- c:\program files\Ergom
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\users\Helca\AppData\Roaming\InMyDiary
2012-06-21 18:52 . 2012-06-21 18:52 -------- d-----w- c:\program files\InMyDiary
2012-06-20 06:58 . 2012-06-20 06:58 -------- d-----w- c:\users\Helca\AppData\Local\Macromedia
2012-06-17 11:25 . 2012-06-17 11:25 -------- d-----w- c:\users\Helca\AppData\Roaming\Playrix Entertainment
2012-06-13 03:27 . 2012-04-28 03:19 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 03:27 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 03:27 . 2012-05-15 01:12 2342400 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 03:27 . 2012-04-26 04:48 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 03:27 . 2012-04-26 04:48 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 03:27 . 2012-04-26 04:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 03:27 . 2012-05-02 04:52 163328 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 139264 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 03:26 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 03:26 . 2012-04-24 04:47 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-10 13:36 . 2012-06-10 13:37 -------- d-----w- c:\users\Guest\AppData\Local\Microsoft Games
2012-06-10 11:27 . 2012-06-10 11:27 -------- d-----w- c:\users\Helca\AppData\Local\SpookyManor
2012-06-10 08:24 . 2012-06-10 08:24 -------- d-----w- c:\users\Helca\AppData\Local\PackageAware
2012-06-08 23:11 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-08 23:11 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-08 23:11 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-08 23:11 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-08 23:10 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-08 23:10 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-08 23:10 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-08 23:10 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-08 23:10 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-08 05:57 . 2012-06-08 05:57 -------- d-----w- c:\program files\Origin Games
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Local\Origin
2012-06-08 05:56 . 2012-06-08 05:57 -------- d-----w- c:\programdata\Origin
2012-06-08 05:56 . 2012-06-08 05:56 -------- d-----w- c:\users\Helca\AppData\Roaming\Origin
2012-06-08 05:54 . 2012-06-08 05:55 -------- d-----w- c:\program files\Origin
2012-06-04 21:06 . 2012-06-04 21:06 -------- d-----w- c:\users\Helca\AppData\Roaming\Western Software Technologies
2012-06-03 20:12 . 2012-06-03 20:14 -------- d-----w- c:\program files\Fuckstory 3 - Gimpl
2012-06-03 19:47 . 2012-06-03 19:47 -------- d-----w- c:\program files\CrissCross2
2012-05-29 08:01 . 2012-05-29 08:40 -------- d-----w- c:\users\Helca\AppData\Roaming\IWin_Janes_Realty
2012-05-29 08:00 . 2012-05-29 08:00 -------- d-----w- c:\program files\Jane's Realty
2012-05-29 06:57 . 2012-05-29 06:58 -------- d-----w- c:\users\Helca\AppData\Roaming\BigFish Janes Realty2
2012-05-29 06:55 . 2012-05-29 06:56 -------- d-----w- c:\program files\Jane's Realty 2
2012-05-25 05:55 . 2012-05-25 05:55 -------- d-----w- c:\program files\Common Files\Java
2012-05-25 05:54 . 2012-05-25 05:54 -------- d-----w- c:\program files\Oracle
2012-05-25 05:53 . 2012-04-04 16:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 19:33 . 2012-04-17 14:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 19:33 . 2011-05-16 14:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-09 07:17 . 2011-08-22 18:14 44184 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-04-04 16:47 . 2011-06-01 18:19 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-02 04:46 . 2012-05-11 05:03 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-02 04:46 . 2012-05-11 05:03 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-30 10:29 . 2012-05-11 05:04 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-06-17 14:10 . 2012-06-10 18:57 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03fee850-0101-4e9e-b6d4-6fc74d3db360}]
2009-11-09 16:38 2331672 ----a-w- c:\program files\RealoreStudios\tbReal.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-17 8546848]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2011-03-29 156672]
"F-Secure Manager"="c:\program files\PC Strazce\Common\FSM32.EXE" [2009-11-18 201128]
"F-Secure TNB"="c:\program files\PC Strazce\FSGUI\TNBUtil.exe" [2011-08-23 1655464]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Helca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\Helca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 20:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
2010-05-05 09:21 289952 ----a-w- c:\program files\Atheros\Bluetooth Suite\AthBtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
2010-05-05 09:21 461984 ----a-w- c:\program files\Atheros\Bluetooth Suite\BtvStack.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 18:05 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2010-03-30 47144]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-04-05 224424]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-06-10 55808]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 NmPar;MosChip Unusable Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [x]
R3 nmserial;MosChip PCI Serial Port;c:\windows\system32\DRIVERS\nmserial.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 OxPCIeSer;OxPCIeSer;c:\windows\system32\DRIVERS\OxPCIeSer.sys [2010-01-12 87080]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-09 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-05-09 44184]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Strazce\HIPS\drivers\fshs.sys [2009-11-18 69928]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-08-22 41552]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\PC Strazce\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Atheros\Ath_CoexAgent.exe [2010-04-29 151552]
S2 AtherosSvc;AtherosSvc;c:\program files\Atheros\Bluetooth Suite\adminservice.exe [2010-05-05 38560]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-03-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-04-18 256360]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-03-30 28200]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 177704]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-04-13 46952]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-04-18 143080]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-04-21 230760]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Strazce\Anti-Virus\minifilter\fsgk.sys [2012-05-29 149672]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Strazce\ORSP Client\fsorsp.exe [2011-08-22 61088]
S3 InputFilter_Hid_FlexDef2b;Siliten Hid Device(FlexDef2b) Filter Driver Example;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-05-28 15360]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 60544]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-02-24 141568]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x86.sys [2009-06-19 29696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 19:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.myplaycity.com/
uInternet Settings,ProxyOverride = *.local
IE: {{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\tbcore3.dll
LSP: c:\program files\PC Strazce\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Helca\AppData\Roaming\Mozilla\Firefox\Profiles\6xyq6hq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-MyPlayCity Toolbar - c:\program files\MyPlayCity Toolbar\tbunsc1612.tmp\uninstaller.exe
.
.
.
Celkový čas: 2012-06-24 00:04:49
ComboFix-quarantined-files.txt 2012-06-23 22:04
ComboFix2.txt 2012-06-22 22:04
.
Před spuštěním: Volných bajtů: 418 456 322 048
Po spuštění: Volných bajtů: 418 489 688 064
.
- - End Of File - - 5BA730A3426CE2107F1A5239537DE0D0
Re: Prosím o kontrolu logu..pomalejší net
Jejda ty jsi princezna a já si s tebou píšu jak s klukemmandra píše:omlovám se za zpoždění...byla jsem v práci
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
Re: Prosím o kontrolu logu..pomalejší net
Roli píše:Jejda ty jsi princezna a já si s tebou píšu jak s klukemmandra píše:omlovám se za zpoždění...byla jsem v práci
nevadí...z nicku se to poznat nedá. Stačí, že umíš z té změti písmen ( logů ) vyčíst, co je mému pc. Už za to zasloužíš obdiv, pač pro mne je to jeden nesmysl za druhým. 
No a kdybys ještě z těch logů vyčetl, kdo ti je posílá, no to bys byl už úplný génius...a to prostě nejde.
Jinak pc šlape jako hodinky
Takže posílám vřelé díky i s sms-kou. DĚKUJI
Re: Prosím o kontrolu logu..pomalejší net
No čistě teoreticky, pokud nepoužíváš PC někoho jiného tak bych mohl znát i tvoje jméno - Helena ?mandra píše:Roli píše:Jejda ty jsi princezna a já si s tebou píšu jak s klukemmandra píše:omlovám se za zpoždění...byla jsem v práci
No a kdybys ještě z těch logů vyčetl, kdo ti je posílá, no to bys byl už úplný génius...a to prostě nejde.
Tak to je dobře.mandra píše:Jinak pc šlape jako hodinky
Není vůbec začmandra píše:Takže posílám vřelé díky i s sms-kou. DĚKUJI
Re: Prosím o kontrolu logu..pomalejší net
Roli píše:No čistě teoreticky, pokud nepoužíváš PC někoho jiného tak bych mohl znát i tvoje jméno - Helena ?mandra píše: No a kdybys ještě z těch logů vyčetl, kdo ti je posílá, no to bys byl už úplný génius...a to prostě nejde.
Kuš! Chlape jeden! Ono to tam fakt někde je?
Mno...já ty logy asi taky začnu študovat, to ale pak budu moc chytrá 
Tak radši ne, radši si nechám zase poradit
Ještě jednou díky a dobrou noc
Re: Prosím o kontrolu logu..pomalejší net
Ano jemandra píše:Roli píše:No čistě teoreticky, pokud nepoužíváš PC někoho jiného tak bych mohl znát i tvoje jméno - Helena ?mandra píše: No a kdybys ještě z těch logů vyčetl, kdo ti je posílá, no to bys byl už úplný génius...a to prostě nejde.
Kuš! Chlape jeden! Ono to tam fakt někde je?
Opravdu není zač a kdyby byl zase problém dej vědět.mandra píše:Ještě jednou díky a dobrou noc
Měj se princezno
Přispějete na provoz fóra?