VIRY.CZ

Velke zpomaleni pocitace vposledni dobe+vyskakovaci okno ktere nelze vypnout a pozaduje zaplaceni urcite pokuty.

Logfile of random's system information tool 1.09 (written by random/random)
Run by ja at 2012-12-14 08:12:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 751 MB (3%) free of 30 GB
Total RAM: 1977 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:13:10, on 14.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\AVG Secure Search\vprot.exe
D:\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Clownfish\Clownfish.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
D:\Nová složka\Cam\cls.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\DOCUME~1\ja\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ja\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\ja.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={687E6C82- ... 2012-03-21 20:58:56&v=12.2.5.32&sap=hp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - *{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - *{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - *{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.60.32\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Office12\GrooveShellExtensions.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn0.dll (file missing)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Documents and Settings\ja\Local Settings\Data aplikací\GamePlayLabs Plugin\BHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn0.dll (file missing)
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [Windows Services] service.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\ja\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files\Clownfish\Clownfish.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: runctf.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Startup: Ubisoft register.lnk = C:\Program Files\Ubisoft\Register\schedule.exe
O4 - Global Startup: CLS 2010.10.lnk = ?
O4 - Global Startup: CLS12.50.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\ja\Plocha\PartyPoker.lnk (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\ja\Plocha\PartyPoker.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8264707899
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

--
End of file - 11567 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1715567821-1060284298-839522115-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1715567821-1060284298-839522115-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\ja\Data aplikací\Mozilla\Firefox\Profiles\tj1c9ckj.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://isearch.avg.com?cid=%7Be5823224 ... A56&sap=hp"
prefs.js - "extensions.enabledItems" - "ffxtlbr@Facemoods.com:1.0.3, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {76063e7f-3558-4b68-8287-54eb6512adc0}:2.8.0, plugin2@gameplaylabs.com:2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "https://isearch.avg.com/search?cid=%7Be ... &sap=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\13.2.0.5

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
ffxtlbr@Facemoods.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
npvsharetvplg.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\ja\Data aplikací\Mozilla\Firefox\Profiles\tj1c9ckj.default\extensions\
plugin2@gameplaylabs.com
{20a82645-c095-46ed-80e3-08825760534b}
{76063e7f-3558-4b68-8287-54eb6512adc0}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\ja\Data aplikací\Mozilla\Firefox\Profiles\tj1c9ckj.default\searchplugins\
firmycz.xml
mapycz.xml
startsear.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-14 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.3.60.32\facemoods.dll [2010-01-21 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - C:\Program Files\vShare.tv plugin\BarLcher.dll [2011-09-22 177712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files\Zynga\tbZyn0.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-09 1796552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Documents and Settings\ja\Local Settings\Data aplikací\GamePlayLabs Plugin\BHO.dll [2011-03-08 432640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files\Zynga\tbZyn0.dll []
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - VShareToolBar - C:\Program Files\vShare.tv plugin\BarLcher.dll [2011-09-22 177712]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-09 1796552]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-07-18 53248]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-06-17 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-06-17 170520]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-06-17 141848]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"Windows Services"=service.exe []
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-06-09 870920]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-07-09 2048352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-22 2331936]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-11-09 997320]
"ROC_ROC_JULY_P1"=C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe [2012-08-27 1022048]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"GrooveMonitor"=D:\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"Facebook Update"=C:\Documents and Settings\ja\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2012-07-11 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168]
"Clownfish"=C:\Program Files\Clownfish\Clownfish.exe [2012-06-21 1097464]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
CLS 2010.10.lnk -
CLS12.50.lnk - D:\Nová složka\Cam\cls.exe

C:\Documents and Settings\ja\Nabídka Start\Programy\Po spuštění
runctf.lnk - C:\WINDOWS\system32\rundll32.exe
Ubisoft register.lnk - C:\Program Files\Ubisoft\Register\schedule.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-24 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-06-11 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"D:\Hry\Call of Duty\iw3mp.exe"="D:\Hry\Call of Duty\iw3mp.exe:*:Enabled:iw3mp"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Hry\Heroes5\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe"="D:\Hry\Heroes5\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"D:\Hry\SteamApps\danik4\counter-strike\hl.exe"="D:\Hry\SteamApps\danik4\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX0\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"F:\Warcraft III\Warcraft III.exe"="F:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\EA Sports\NHL 09\nhl2009.exe"="C:\Program Files\EA Sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"C:\Documents and Settings\ja\Plocha\Nová složka\Heroes3.exe"="C:\Documents and Settings\ja\Plocha\Nová složka\Heroes3.exe:*:Enabled:Heroes of Might and Magic® III"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\PartyGaming\PartyGaming.exe"="C:\Program Files\PartyGaming\PartyGaming.exe:*:Enabled:PartyGaming"
"G:\Call of Duty 4 - Modern Warfare\iw3mp.exe"="G:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe"="C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\hmi\siemens\sinumerik\hmi\base\slsmsystemmanager.exe:*:Enabled:HMI - SolutionLine"
"C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe"="C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\hmi\siemens\sinumerik\hmi\base\slsmhmihost.exe:*:Enabled:HMI - SolutionLine"
"C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\hmi\siemens\sinumerik\ncu01\sncksl.exe"="C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\hmi\siemens\sinumerik\ncu01\sncksl.exe:*:Enabled:sncksl"
"C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\sinutrain.exe"="C:\Program Files\SIEMENS\SinutrainOperate\02.06.01.00\sinutrain.exe:*:Enabled:SinuTrain SINUMERIK Operate"
"C:\Documents and Settings\ja\Local Settings\Temp\install_flashplayer11x32_mssa_aih.exe"="C:\Documents and Settings\ja\Local Settings\Temp\install_flashplayer11x32_mssa_aih.exe:*:Enabled:Adobe Flash Player Installer"
"C:\Documents and Settings\ja\Dokumenty\Stažené soubory\install_flashplayer11x32_mssa_aih(1).exe"="C:\Documents and Settings\ja\Dokumenty\Stažené soubory\install_flashplayer11x32_mssa_aih(1).exe:*:Enabled:Adobe Flash Player Installer"
"C:\Documents and Settings\ja\Local Settings\Temp\install_flashplayer11x32_mssa_aih(1).exe"="C:\Documents and Settings\ja\Local Settings\Temp\install_flashplayer11x32_mssa_aih(1).exe:*:Enabled:Adobe Flash Player Installer"
"E:\Jak sem poznal...5\DP620_729665-01\Example\R\win32\bin\dnc.exe"="E:\Jak sem poznal...5\DP620_729665-01\Example\R\win32\bin\dnc.exe:*:Enabled:dnc"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\HEIDENHAIN\DP620_634132-03\Example\R\win32\bin\dnc.exe"="C:\Program Files\HEIDENHAIN\DP620_634132-03\Example\R\win32\bin\dnc.exe:*:Enabled:dnc"
"D:\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX1\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX1\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX2\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX2\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX3\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX3\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX4\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX4\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX5\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX5\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX6\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX7\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX7\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Counter-Strike 1.6\csko.exe"="C:\Counter-Strike 1.6\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX8\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX8\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX9\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX9\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX10\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX10\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX11\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX11\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Temp\RarSFX12\hl.exe"="C:\Documents and Settings\ja\Local Settings\Temp\RarSFX12\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Plocha\Counter-Strike 1.6\hltv.exe"="C:\Documents and Settings\ja\Plocha\Counter-Strike 1.6\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Documents and Settings\ja\Plocha\Counter-Strike 1.6\hl.exe"="C:\Documents and Settings\ja\Plocha\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Plocha\CS 1.6\cstrike.exe"="C:\Documents and Settings\ja\Plocha\CS 1.6\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\Programme\iTNC530\340494\xwin\bin\XWin.exe"="C:\Programme\iTNC530\340494\xwin\bin\XWin.exe:*:Enabled:XWin"
"C:\Programme\iTNC530\340494\sys\bin\geo.EXE"="C:\Programme\iTNC530\340494\sys\bin\geo.EXE:*:Enabled:geo"
"C:\Programme\iTNC530\340494\sys\bin\regel.EXE"="C:\Programme\iTNC530\340494\sys\bin\regel.EXE:*:Enabled:regel"
"C:\Programme\iTNC530\340494\sys\bin\ext.EXE"="C:\Programme\iTNC530\340494\sys\bin\ext.EXE:*:Enabled:ext"
"C:\Programme\iTNC530\340494\sys\bin\plc.EXE"="C:\Programme\iTNC530\340494\sys\bin\plc.EXE:*:Enabled:plc"
"C:\Counter-Strike 1.6\hl.exe"="C:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"E:\Counter-Strike 1.6\hl.exe"="E:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"G:\Nová složka (2)\empires2.exe"="G:\Nová složka (2)\empires2.exe:*:Enabled:Age of Empires II"
"D:\Casino\bwin Casino\casino.exe"="D:\Casino\bwin Casino\casino.exe:*:Enabled:casino"
"C:\Documents and Settings\ja\Plocha\KompoZer 0.7.10\kompozer.exe"="C:\Documents and Settings\ja\Plocha\KompoZer 0.7.10\kompozer.exe:*:Enabled:Composer"
"G:\Counter-Strike 1.6\csko.exe"="G:\Counter-Strike 1.6\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\ja\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\ja\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Office12\OUTLOOK.EXE"="D:\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Office12\GROOVE.EXE"="D:\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Office12\ONENOTE.EXE"="D:\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=IR41_32.AX
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"SENTINEL"=snti386.dll
"vidc.tscc"=tsccvid.dll

======List of files/folders created in the last 1 month======

2031-01-13 11:07:05 ----A---- C:\WINDOWS\system32\ptpusb.dll
2031-01-13 11:07:04 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2031-01-13 11:07:02 ----A---- C:\WINDOWS\system32\ptpusd.dll
2030-12-15 20:41:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\MGS
2030-12-11 20:55:09 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2030-12-11 20:55:04 ----D---- C:\Program Files\Classic Menu for Office
2030-12-05 07:27:22 ----D---- C:\WINDOWS\system32\Temp
2030-11-08 10:48:58 ----D---- C:\Program Files\vShare.tv plugin
2030-10-14 07:57:37 ----D---- C:\Program Files\The KMPlayer
2030-10-12 08:31:53 ----D---- C:\Program Files\Microsoft SQL Server
2030-10-12 08:30:41 ----A---- C:\WINDOWS\system32\tsccvid.dll
2030-10-12 08:30:29 ----D---- C:\WINDOWS\system32\RNBOSENT
2030-10-12 08:30:29 ----A---- C:\WINDOWS\system32\SNTI386.DLL
2030-10-12 08:30:29 ----A---- C:\WINDOWS\system32\RNBOVDD.DLL
2030-10-12 08:30:29 ----A---- C:\WINDOWS\system32\drivers\SENTINEL.SYS
2030-10-12 08:30:24 ----A---- C:\WINDOWS\system32\drivers\hardlock.sys
2030-10-12 08:29:59 ----A---- C:\WINDOWS\system32\drivers\aksusb.sys
2030-10-12 08:29:59 ----A---- C:\WINDOWS\system32\drivers\akshasp.sys
2030-10-12 08:29:59 ----A---- C:\WINDOWS\system32\drivers\aksclass.sys
2030-10-12 08:29:59 ----A---- C:\WINDOWS\system32\akscoinst.dll
2030-10-12 08:29:55 ----A---- C:\WINDOWS\system32\haspvdd.dll
2030-10-12 08:29:55 ----A---- C:\WINDOWS\system32\haspdos.sys
2030-10-12 08:29:55 ----A---- C:\WINDOWS\system32\drivers\Haspnt.sys
2030-10-12 08:29:04 ----A---- C:\WINDOWS\system32\VBAR332.DLL
2030-10-12 08:29:04 ----A---- C:\WINDOWS\system32\msxbse35.dll
2030-10-12 08:29:04 ----A---- C:\WINDOWS\system32\mstext35.dll
2030-10-12 08:29:04 ----A---- C:\WINDOWS\system32\msrpfs35.dll
2030-10-12 08:29:04 ----A---- C:\WINDOWS\system32\msrepl35.dll
2030-10-12 08:29:04 ----A---- C:\WINDOWS\system32\msexch35.dll
2030-10-12 08:29:04 ----A---- C:\WINDOWS\system32\JETCOMP.exe
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\msrd2x35.dll
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\mspdox35.dll
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\msltus35.dll
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\msjter35.dll
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\msjt4jlt.dll
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\msjint35.dll
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\msjet35.dll
2030-10-12 08:29:03 ----A---- C:\WINDOWS\system32\msexcl35.dll
2030-10-12 08:28:59 ----N---- C:\WINDOWS\system32\msxml4a.dll
2030-10-12 08:26:45 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2030-10-12 08:10:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\SafeNet Sentinel
2030-10-12 08:10:21 ----D---- C:\Program Files\Common Files\Planit
2030-10-12 08:10:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Planit
2030-10-11 07:32:56 ----D---- C:\Documents and Settings\ja\Data aplikací\Unigraphics Solutions
2030-10-10 09:48:23 ----D---- C:\Documents and Settings\ja\Data aplikací\GetRightToGo
2030-10-10 06:53:56 ----SHD---- C:\AX NF ZZ
2030-10-10 06:53:56 ----D---- C:\WINDOWS\system32\6PRPrtrtnsttis
2030-10-10 06:44:44 ----A---- C:\WINDOWS\LLAITF_LOG.TXT
2030-10-10 06:44:32 ----A---- C:\WINDOWS\ACC_LOG.TXT
2030-10-10 06:43:32 ----D---- C:\WINDOWS\Setup
2030-10-10 06:42:32 ----A---- C:\WINDOWS\ALM_LOG.TXT
2030-10-10 06:42:06 ----A---- C:\WINDOWS\ISScript_aux_log.txt
2030-10-10 06:42:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Siemens
2030-10-10 06:40:02 ----D---- C:\Program Files\Common Files\Siemens
2030-08-29 14:22:31 ----N---- C:\WINDOWS\system32\iyvu9_32.dll
2030-08-29 14:22:31 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-12-14 08:12:53 ----D---- C:\rsit
2012-12-14 08:12:53 ----D---- C:\Program Files\trend micro
2012-12-13 10:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2012-12-13 10:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$
2012-12-13 10:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$
2012-12-13 10:10:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$
2012-12-13 10:09:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2012-12-13 10:09:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2761465$
2012-12-13 10:07:14 ----A---- C:\WINDOWS\system32\MRT.INI
2012-12-09 19:22:23 ----D---- C:\Program Files\Clownfish
2012-12-02 12:03:58 ----RHD---- C:\MSOCache
2012-12-02 11:17:01 ----D---- C:\Program Files\Microsoft Works
2012-12-02 11:16:10 ----D---- C:\Program Files\Microsoft Visual Studio
2012-12-02 11:16:10 ----D---- C:\Program Files\Common Files\DESIGNER
2012-12-02 11:12:15 ----D---- C:\Program Files\Microsoft Visual Studio 8
2012-12-02 11:10:56 ----D---- C:\WINDOWS\SHELLNEW
2012-11-24 14:58:59 ----RD---- C:\Program Files\Skype
2012-11-24 14:58:59 ----D---- C:\Program Files\Common Files\Skype
2012-11-16 08:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2012-11-16 08:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$

======List of files/folders modified in the last 1 month======

2031-01-28 18:51:31 ----HD---- C:\$AVG8.VAULT$
2031-01-20 12:32:29 ----SD---- C:\Documents and Settings\ja\Data aplikací\Microsoft
2030-12-07 08:58:21 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2030-12-07 08:04:37 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2030-10-23 15:33:31 ----D---- C:\WINDOWS\system32\cs-cz
2030-10-23 15:33:31 ----D---- C:\Program Files\Internet Explorer
2030-10-23 15:10:59 ----D---- C:\WINDOWS\ie8updates
2030-10-23 15:10:15 ----D---- C:\WINDOWS\WBEM
2030-10-23 15:07:03 ----D---- C:\Program Files\Common Files\Teleca Shared
2030-10-23 14:39:14 ----A---- C:\WINDOWS\NeroDigital.ini
2030-10-12 08:29:55 ----D---- C:\WINDOWS\system32\Setup
2012-12-14 08:13:08 ----D---- C:\WINDOWS\Prefetch
2012-12-14 08:12:53 ----RD---- C:\Program Files
2012-12-14 08:09:36 ----D---- C:\WINDOWS\system32
2012-12-14 08:09:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-12-14 08:05:50 ----D---- C:\WINDOWS\system32\CatRoot2
2012-12-14 08:05:47 ----D---- C:\WINDOWS\Temp
2012-12-13 12:00:55 ----D---- C:\Documents and Settings\ja\Data aplikací\Skype
2012-12-13 10:40:01 ----D---- C:\WINDOWS
2012-12-13 10:38:40 ----HD---- C:\WINDOWS\inf
2012-12-13 10:37:50 ----D---- C:\WINDOWS\system32\drivers
2012-12-13 10:37:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-12-13 10:10:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-12-13 10:10:30 ----A---- C:\WINDOWS\imsins.BAK
2012-12-13 10:10:12 ----SHD---- C:\WINDOWS\Installer
2012-12-13 10:10:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-12-13 10:04:17 ----A---- C:\WINDOWS\system32\MRT.exe
2012-12-12 21:45:37 ----HD---- C:\WINDOWS\$hf_mig$
2012-12-11 21:40:32 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-11 21:40:25 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2012-12-04 08:13:00 ----D---- C:\Program Files\Common Files\System
2012-12-04 08:13:00 ----A---- C:\WINDOWS\win.ini
2012-12-04 08:12:52 ----RSD---- C:\WINDOWS\assembly
2012-12-03 07:58:15 ----RSD---- C:\WINDOWS\Fonts
2012-12-03 07:57:18 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-12-02 11:16:37 ----D---- C:\Program Files\MSBuild
2012-12-02 11:16:10 ----D---- C:\Program Files\Common Files
2012-12-02 11:15:06 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-12-02 11:15:06 ----D---- C:\Program Files\Microsoft.NET
2012-11-27 11:17:14 ----D---- C:\Program Files\Launch Manager
2012-11-24 14:59:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-11-20 12:01:14 ----A---- C:\WINDOWS\IE4 Error Log.txt
2012-11-16 09:01:22 ----D---- C:\WINDOWS\Microsoft.NET
2012-11-16 08:06:38 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-03-11 20640]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-11-26 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R0 xmasbus;xmasbus; C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 140800]
R0 xmasscsi;xmasscsi; C:\WINDOWS\System32\Drivers\xmasscsi.sys [2003-12-23 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-24 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-24 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-07-24 108552]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-11-16 50704]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-04-08 1309504]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2006-01-20 17408]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-06-11 6021184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-21 4800000]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2008-04-30 108032]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2009-10-05 76288]
S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2004-04-28 328448]
S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2004-05-11 99968]
S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-10-24 97120]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
S3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2008-12-25 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2008-12-25 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2008-12-25 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2008-12-25 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\k510obex.sys [2008-12-25 83344]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-04-02 21632]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 O2MDRDR;O2MDRDR; C:\WINDOWS\system32\DRIVERS\o2media.sys []
S3 O2SDRDR;O2SDRDR; C:\WINDOWS\system32\DRIVERS\o2sd.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-22 47360]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-24 297752]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2030-12-07 75136]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-09 711112]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 250808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

mas malo volneho miesta na disku, takze zacneme - citat:
TFC http://oldtimer.geekstogo.com/TFC.exe
• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

+ po restarte:
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Services"=-

File::
C:\Documents and Settings\ja\Nabídka Start\Programy\Po spuštění\runctf.lnk

Folder::
C:\Program Files\facemoods.com

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

Tady zasilam ten log z ComboFix?:

ComboFix 12-12-14.01 - ja 14.12.2012 15:52:38.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1977.1181 [GMT 1:00]
Spuštěný z: c:\documents and settings\ja\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\ja\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
FILE ::
"c:\documents and settings\ja\Nabídka Start\Programy\Po spuštění\runctf.lnk"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-14 do 2012-12-14 )))))))))))))))))))))))))))))))
.
.
2031-02-01 09:58 . 2031-02-01 09:58 -------- d-----w- c:\documents and settings\ja\Local Settings\Data aplikací\UGS
2031-01-13 10:07 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2031-01-13 10:07 . 2008-04-13 19:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2031-01-13 10:07 . 2008-04-13 19:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2031-01-13 10:07 . 2008-04-14 04:21 159232 ----a-w- c:\windows\system32\ptpusd.dll
2030-12-15 19:41 . 2030-12-15 20:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MGS
2030-12-11 19:55 . 2012-12-03 07:13 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2030-12-11 19:55 . 2030-12-11 19:55 -------- d-----w- c:\program files\Classic Menu for Office
2030-12-07 07:04 . 2030-12-07 07:58 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2030-12-07 07:04 . 2030-12-07 07:04 -------- d-----w- c:\documents and settings\ja\Local Settings\Data aplikací\PunkBuster
2030-11-30 13:54 . 2030-11-30 13:54 -------- d-----w- c:\documents and settings\ja\Local Settings\Data aplikací\Skyrim
2030-11-08 09:48 . 2030-11-08 09:48 -------- d-----w- c:\program files\vShare.tv plugin
2030-10-23 18:26 . 2012-12-11 20:40 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2030-10-14 06:57 . 2030-12-10 18:29 -------- d-----w- c:\program files\The KMPlayer
2030-10-12 07:31 . 2012-03-06 01:11 -------- d-----w- c:\program files\Microsoft SQL Server
2030-10-12 07:30 . 2005-06-15 01:00 102400 ----a-w- c:\windows\system32\tsccvid.dll
2030-10-12 07:30 . 2030-10-12 07:30 -------- d-----w- c:\windows\system32\RNBOSENT
2030-10-12 07:30 . 2009-10-05 15:09 76288 ----a-w- c:\windows\system32\drivers\SENTINEL.SYS
2030-10-12 07:30 . 2009-10-05 15:09 50176 ----a-w- c:\windows\system32\SNTI386.DLL
2030-10-12 07:30 . 2009-10-05 15:09 18432 ----a-w- c:\windows\system32\RNBOVDD.DLL
2030-10-12 07:30 . 2004-07-14 10:54 676864 ----a-w- c:\windows\system32\drivers\hardlock.sys
2030-10-12 07:28 . 2009-10-05 14:49 44544 ------w- c:\windows\system32\msxml4a.dll
2030-10-12 07:26 . 2012-09-26 06:55 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2030-10-12 07:10 . 2030-10-12 07:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SafeNet Sentinel
2030-10-12 07:10 . 2030-10-12 07:10 -------- d-----w- c:\program files\Common Files\Planit
2030-10-12 07:10 . 2030-10-12 07:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Planit
2030-10-11 06:32 . 2030-10-11 06:32 -------- d-----w- c:\documents and settings\ja\Data aplikací\Unigraphics Solutions
2030-10-11 06:27 . 2030-10-11 06:27 -------- d-----w- c:\documents and settings\ja\Local Settings\Data aplikací\FEMAP
2030-10-11 05:51 . 2030-10-24 09:00 -------- d-----w- c:\documents and settings\ja\Local Settings\Data aplikací\Solid State Networks
2030-10-10 08:48 . 2030-10-10 10:00 -------- d-----w- c:\documents and settings\ja\Data aplikací\GetRightToGo
2030-10-10 05:53 . 2030-10-10 05:53 -------- d-----w- c:\windows\system32\6PRPrtrtnsttis
2030-10-10 05:53 . 2030-10-10 05:53 -------- d-----w- C:\AX NF ZZ
2030-10-10 05:43 . 2030-12-19 08:03 -------- d-----w- c:\windows\Setup
2030-10-10 05:42 . 2030-10-10 05:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Siemens
2030-10-10 05:40 . 2012-09-26 06:40 -------- d-----w- c:\program files\Common Files\Siemens
2012-12-14 07:12 . 2012-12-14 07:13 -------- d-----w- C:\rsit
2012-12-14 07:12 . 2012-12-14 07:13 -------- d-----w- c:\program files\trend micro
2012-12-02 11:03 . 2012-12-02 11:03 -------- d-----r- C:\MSOCache
2012-12-02 10:17 . 2012-12-03 06:57 -------- d-----w- c:\program files\Microsoft Works
2012-12-02 10:12 . 2012-12-02 10:12 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2012-12-02 10:10 . 2012-12-02 10:16 -------- d-----w- c:\windows\SHELLNEW
2012-11-24 13:58 . 2012-11-24 13:58 -------- d-----w- c:\program files\Common Files\Skype
2012-11-24 13:58 . 2012-11-24 13:58 -------- d-----r- c:\program files\Skype
2012-11-16 22:18 . 2012-11-16 22:18 -------- d-----w- c:\documents and settings\ja\Local Settings\Data aplikací\NVIDIA Corporation
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2030-12-07 07:58 . 2009-02-12 19:38 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2030-12-07 07:58 . 2009-02-12 19:38 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2030-12-07 07:55 . 2009-02-12 19:38 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2030-12-07 07:04 . 2009-02-12 19:38 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-12-11 20:40 . 2012-09-14 18:46 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-11 20:40 . 2012-09-14 19:41 16363960 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-11-13 11:55 . 2004-08-17 13:44 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-09 20:21 . 2012-08-27 08:12 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-11-06 00:41 . 2004-08-17 13:48 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 02:03 . 2004-08-17 13:49 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-10-31 11:32 . 2010-02-18 12:02 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-10-31 11:32 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2012-10-31 11:32 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-10-31 11:29 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2012-10-02 18:04 . 2004-08-17 13:49 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-26 06:42 . 2012-09-26 06:42 1409 ----a-w- c:\windows\QTFont.for
2011-10-01 10:23 . 2011-05-07 18:18 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-09 20:21 1796552 ----a-w- c:\program files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-09 1796552]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\documents and settings\ja\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-18 53248]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 141848]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-06-09 870920]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-07-09 2048352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NokiaMusic FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-22 2331936]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-11-09 997320]
"ROC_ROC_JULY_P1"="c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-08-27 1022048]
"GrooveMonitor"="d:\office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\ja\Nabídka Start\Programy\Po spuštění\
runctf.lnk - c:\windows\system32\rundll32.exe [2004-8-17 33280]
Ubisoft register.lnk - c:\program files\Ubisoft\Register\schedule.exe [N/A]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
CLS 2010.10.lnk - [N/A]
CLS12.50.lnk - d:\nová složka\Cam\cls.exe [2012-9-26 569344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-24 14:06 11952 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"e:\\Jak sem poznal...5\\DP620_729665-01\\Example\\R\\win32\\bin\\dnc.exe"=
"e:\\Counter-Strike 1.6\\hl.exe"=
"g:\\Counter-Strike 1.6\\csko.exe"=
"c:\\Documents and Settings\\ja\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Office12\\OUTLOOK.EXE"=
"d:\\Office12\\GROOVE.EXE"=
"d:\\Office12\\ONENOTE.EXE"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.11.2008 0:12 717296]
R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [25.10.2010 20:16 140800]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [25.10.2010 20:16 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [24.7.2009 18:03 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [24.7.2009 18:03 108552]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [27.8.2012 9:12 26984]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [24.7.2009 18:03 297752]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10.12.2010 18:29 29293408]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [9.11.2012 21:22 711112]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [25.11.2008 2:34 108032]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [3.3.2010 20:07 27632]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9.11.2012 11:21 160944]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [11.1.2009 10:05 14848]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [11.1.2009 10:05 9984]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [25.12.2008 14:53 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [25.12.2008 14:53 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [25.12.2008 14:53 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\k510mgmt.sys [25.12.2008 14:53 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\drivers\k510obex.sys [25.12.2008 14:53 83344]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys --> c:\windows\system32\DRIVERS\o2media.sys [?]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys --> c:\windows\system32\DRIVERS\o2sd.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [22.7.2009 14:08 47360]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [3.3.2010 20:03 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [3.3.2010 20:03 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [3.3.2010 20:03 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [3.3.2010 20:03 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [3.3.2010 20:03 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [3.3.2010 20:03 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [3.3.2010 20:03 115752]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 20:40]
.
.
------- Doplňkový sken -------
.
uStart Page = https://isearch.avg.com/?cid={687E6C82- ... 2012-03-21 20:58&v=12.2.5.32&sap=hp
mStart Page = hxxp://startsear.ch/?aff=1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.16.0.5 172.16.10.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\ja\Data aplikací\Mozilla\Firefox\Profiles\tj1c9ckj.default\
FF - prefs.js: browser.startup.homepage - hxxps://isearch.avg.com?cid=%7Be5823224-451a-4be2-a917-b0f830f2140a%7D&mid=&ds=gm011&v=12.2.5.32&lang=cs&pr=sa&d=2012-03-21%2020%3A58%3A56&sap=hp
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7Be5823224-451a-4be2-a917-b0f830f2140a%7D&mid=&ds=gm011&v=12.2.5.32&lang=cs&pr=sa&d=2012-03-21%2020%3A58%3A56&sap=ku&q=
FF - ExtSQL: 2031-01-02 10:46; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\ja\Data aplikacĂÂ\Mozilla\Firefox\Profiles\tj1c9ckj.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: !HIDDEN! 2010-12-20 20:36; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-14 15:57
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1060284298-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:61,37,02,19,47,20,55,e2,6b,b2,57,61,35,9d,d5,ee,20,9a,2f,aa,8b,
a0,61,cf,1d,c6,8e,a8,16,05,b4,49,46,80,30,b2,79,8b,4a,31,88,40,6d,62,e0,90,\
"rkeysecu"=hex:94,82,87,39,53,23,46,53,40,f2,5e,c0,1a,3c,36,59
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3680)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-12-14 16:00:50
ComboFix-quarantined-files.txt 2012-12-14 15:00
ComboFix2.txt 2012-12-14 14:46
.
Před spuštěním: Volných bajtů: 14 218 743 808
Po spuštění: Volných bajtů: 14 202 392 576
.
- - End Of File - - EF350839320922D002BBB8F473E07231

vycisti PC s MBAM

VIRY.CZ

Prosim o kontrolu

Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu

Re: Prosim o kontrolu