VIRY.CZ

muze nekdo kouknout na muj log je to vygenrovany v programu spyware teminator po kompletne kontrole disku na spyware a viry, muj problem je ten ze se mi od patku kazi ping dost skace z neznamych duvodu, nasel sem po kontrole 4 kriticke chybu z toho jeden trojsky kun to sem smazal.

Logfile of Spyware Terminator v2.6.9.132 (db:4.004.009.000)
Scan Time: 10.4.2010 13:53:09 length: 6584 s
Platform: VISTA (6.0.0.6002)
User: Admin
Boot Mode: Normal
Scan type: Full_Virus__Spyware_Scan
Scanned Objects: 69194 (Critical:4)
Filter: No System items, No Safe items, No Invalid items

Running Processes
atiesrxx.exe [AMD] : C:\windows\system32\atiesrxx.exe
stacsv.exe [IDT, Inc.] : C:\windows\system32\DriverStore\FileRepository\stwrt.inf_2159adbc\stacsv.exe
SLsvc.exe [Microsoft Corporation] : C:\windows\system32\SLsvc.exe
atieclxx.exe [AMD] : C:\windows\system32\atieclxx.exe
AEstSrv.exe [Andrea Electronics Corporation] : C:\windows\system32\DriverStore\FileRepository\stwrt.inf_2159adbc\AEstSrv.exe
agrsmsvc.exe [Agere Systems] : C:\Program Files\LSI SoftModem\agrsmsvc.exe
iviRegMgr.exe [InterVideo] : C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
LSSrvc.exe [Hewlett-Packard Company] : C:\Program Files\Common Files\LightScribe\LSSrvc.exe
pdfsvc.exe [PDF Complete Inc] : C:\Program Files\PDF Complete\pdfsvc.exe
PnkBstrA.exe : C:\windows\system32\PnkBstrA.exe
QLBCtrl.exe [ Hewlett-Packard Development Company, L.P.] : C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
hpwuSchd2.exe [Hewlett-Packard] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
sttray.exe [IDT, Inc.] : C:\Program Files\IDT\WDM\sttray.exe
jusched.exe [Sun Microsystems, Inc.] : C:\Program Files\Common Files\Java\Java Update\jusched.exe
VolCtrl.exe [ Hewlett-Packard Development Company, L.P.] : C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
hpqWmiEx.exe [Hewlett-Packard Development Company, L.P.] : C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
Com4QLBEx.exe [Hewlett-Packard Development Company, L.P.] : C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
HPHC_Service.exe [Hewlett-Packard] : C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
wmpnetwk.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
Ide.exe : C:\skulltag\Ide.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: FG2CatchUrl - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - [FlashGet] : C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
02 - BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - [Ask.com] : C:\Program Files\Ask.com\GenericAskToolbar.dll
02 - BHO: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - [ICQ] : C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

Toolbars
03 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - [ICQ] : C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
03 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - [Ask.com] : C:\Program Files\Ask.com\GenericAskToolbar.dll

StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PDF Complete : [PDF Complete Inc] : C:\Program Files\PDF Complete\pdfsty.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, QlbCtrl.exe : [Hewlett-Packard Development Company, L.P.] : C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update : [Hewlett-Packard] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HPCam_Menu : [CyberLink Corp.] : C:\Program Files\HEWLETT-PACKARD\HP WEBCAM\MUITRANSFER\MUISTARTMENU.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WatchDog : [InterVideo Inc.] : C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SysTrayApp : [IDT, Inc.] : C:\Program Files\IDT\WDM\sttray.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SunJavaUpdateSched : [Sun Microsystems, Inc.] : C:\Program Files\Common Files\Java\Java Update\jusched.exe

Explorer Bars
ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - [ICQ] : C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

Shell Extensions
CLSID_PreviewMime - {92dbad9f-5025-49b0-9078-2d78f935e341} - [Microsoft Corporation] : C:\windows\system32\inetcomm.dll
CLSID_PreviewEmail - {b9815375-5d7f-4ce2-9245-c9d4da436930} - [Microsoft Corporation] : C:\windows\system32\inetcomm.dll
CLSID_PreviewHtml - {f8b8412b-dea3-4130-b36c-5e8be73106ac} - [Microsoft Corporation] : C:\windows\system32\inetcomm.dll
Shell Message Handler - {5FA29220-36A1-40f9-89C6-F4B384B7642E} - [Microsoft Corporation] : C:\windows\system32\inetcomm.dll
Microsoft Agent Character Property Sheet Handler - {143A62C8-C33B-11D1-84FE-00C04FA34A14} - [Microsoft Corporation] : C:\windows\MSAgent\agentpsh.dll
CompressedFolder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - [Microsoft Corporation] : C:\windows\system32\zipfldr.dll
Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - [Microsoft Corporation] : C:\windows\system32\zipfldr.dll
Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - [Microsoft Corporation] : C:\windows\system32\zipfldr.dll
Compressed (zipped) Folder Context Menu - {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} - [Microsoft Corporation] : C:\windows\system32\zipfldr.dll
Compressed (zipped) Folder DropHandler - {ed9d80b9-d157-457b-9192-0e7280313bf0} - [Microsoft Corporation] : C:\windows\system32\zipfldr.dll
Windows Photo Gallery Viewer Video Verbs - {E598560B-28D5-46aa-A14A-8A3BEA34B576} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
&Windows Media Player - {0a4286ea-e355-44fb-8086-af3df7645bd9} - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpband.dll
- {BB6B2374-3D79-41DB-87F4-896C91846510} - [Microsoft Corporation] : C:\windows\system32\emdmgmt.dll
Windows Photo Gallery Viewer Autoplay Handler - {9D687A4C-1404-41ef-A089-883B6FBECDE6} - [Microsoft Corporation] : C:\windows\system32\RUNDLL32.EXE
Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - [Microsoft Corporation] : C:\windows\system32\audiodev.dll
PhotoAcqDropTarget - {00f20eb5-8fd6-4d9d-b75e-36801766c8f1} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoAcq.dll
Windows Photo Gallery Viewer Image Verbs - {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Enhanced Storage Data Source - {9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} - [Microsoft Corporation] : C:\windows\system32\EhStorShell.dll
SimpleShlExt Class - {5E2121EE-0300-11D4-8D3B-444553540000} - [Advanced Micro Devices, Inc.] : C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
DisplayCplExt Class - {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} - [Advanced Micro Devices, Inc.] : C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll
Fast Explorer Shell Extension - {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} - [Copyright 1999-2007 Alex Yakovlev] : C:\Program Files\Archiving\S7Z\External\FE Redist\FEShlExt.dll
PowerISO - {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} - [PowerISO Computing, Inc.] : C:\Program Files\PowerISO\PWRISOSH.DLL
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayer\rpshell.dll

Protocol Handler
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - [Microsoft Corporation] : C:\windows\system32\inetcomm.dll

Services
23 - [Adaptec, Inc.] : C:\windows\system32\drivers\adp94xx.sys
23 - [Adaptec, Inc.] : C:\windows\system32\drivers\adpahci.sys
23 - [Adaptec, Inc.] : C:\windows\system32\drivers\adpu160m.sys
23 - [Adaptec, Inc.] : C:\windows\system32\drivers\adpu320.sys
23 - [Andrea Electronics Corporation] : C:\windows\system32\DriverStore\FileRepository\stwrt.inf_2159adbc\AEstSrv.exe
23 - [Agere Systems] : C:\Program Files\LSI SoftModem\agrsmsvc.exe
23 - [Agere Systems] : C:\windows\system32\DRIVERS\AGRSM.sys
23 - [Adaptec, Inc.] : C:\windows\system32\drivers\djsvs.sys
23 - [Acer Laboratories Inc.] : C:\windows\system32\drivers\aliide.sys
23 - [AMD] : C:\windows\system32\atiesrxx.exe
23 - [A4Tech Co.,Ltd.] : C:\windows\system32\DRIVERS\Amfilter.sys
23 - [A4Tech Co.,Ltd.] : C:\windows\system32\DRIVERS\Amusbprt.sys
23 - [Adaptec, Inc.] : C:\windows\system32\drivers\arc.sys
23 - [Adaptec, Inc.] : C:\windows\system32\drivers\arcsas.sys
23 - [ATI Technologies Inc.] : C:\windows\system32\DRIVERS\atikmdag.sys
23 - [ATI Technologies Inc.] : C:\windows\system32\DRIVERS\AtiPcie.sys
23 - [Broadcom Corporation] : C:\windows\system32\DRIVERS\bcmwl6.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\bowser.sys
23 - [Hewlett-Packard Development Company, L.P.] : C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
23 - [Microsoft Corporation] : C:\windows\system32\Drivers\dfsc.sys
23 - [Emulex] : C:\windows\system32\drivers\elxstor.sys
23 - [Společnost Microsoft] : C:\windows\system32\drivers\fltmgr.sys
23 - [Hewlett-Packard] : C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
23 - [Hewlett-Packard Company] : C:\windows\system32\drivers\hpcisss.sys
23 - [Hewlett-Packard Development Company, L.P.] : C:\windows\system32\DRIVERS\HpqKbFiltr.sys
23 - [Hewlett-Packard Development Company, L.P.] : C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
23 - [Intel Corporation] : C:\windows\system32\drivers\iastorv.sys
23 - [Intel Corp./ICP vortex GmbH] : C:\windows\system32\drivers\iirsp.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\msiscsi.sys
23 - [Integrated Technology Express, Inc.] : C:\windows\system32\drivers\iteatapi.sys
23 - [Integrated Technology Express, Inc.] : C:\windows\system32\drivers\iteraid.sys
23 - [InterVideo] : C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
23 - [Hewlett-Packard Company] : C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23 - [LSI Logic] : C:\windows\system32\drivers\lsi_fc.sys
23 - [LSI Logic] : C:\windows\system32\drivers\lsi_sas.sys
23 - [LSI Logic] : C:\windows\system32\drivers\lsi_scsi.sys
23 - [LSI Corporation] : C:\windows\system32\drivers\megasas.sys
23 - [LSI Corporation, Inc.] : C:\windows\system32\drivers\megasr.sys
23 - [McAfee, Inc.] : C:\windows\system32\drivers\mfetdik.sys
23 - [LSI Logic Corporation] : C:\windows\system32\drivers\mraid35x.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\mrxsmb10.sys
23 - [Microsoft Corporation] : C:\windows\system32\DRIVERS\mssmbios.sys
23 - [IBM Corporation] : C:\windows\system32\drivers\nfrd960.sys
23 - : C:\windows\system32\PnkBstrA.exe
23 - [QLogic Corporation] : C:\windows\system32\drivers\ql2300.sys
23 - [QLogic Corporation] : C:\windows\system32\drivers\ql40xx.sys
23 - [Microsoft Corporation] : C:\windows\system32\drivers\rdpencdd.sys
23 - [InterVideo] : C:\windows\system32\drivers\regi.sys
23 - [Microsoft Corporation] : C:\windows\system32\drivers\sisraid2.sys
23 - [Silicon Integrated Systems] : C:\windows\system32\drivers\sisraid4.sys
23 - [Microsoft Corporation] : C:\windows\system32\SLsvc.exe
23 - : C:\windows\system32\DRIVERS\snp2uvc.sys
23 - : C:\windows\system32\Drivers\sptd.sys
23 - [IDT, Inc.] : C:\windows\system32\DriverStore\FileRepository\stwrt.inf_2159adbc\stacsv.exe
23 - [IDT, Inc.] : C:\windows\system32\DRIVERS\stwrt.sys
23 - [LSI Logic] : C:\windows\system32\drivers\symc8xx.sys
23 - [LSI Logic] : C:\windows\system32\drivers\sym_hi.sys
23 - [LSI Logic] : C:\windows\system32\drivers\sym_u3.sys
23 - [ULi Electronics Inc.] : C:\windows\system32\drivers\uliahci.sys
23 - [Promise Technology, Inc.] : C:\windows\system32\drivers\ulsata.sys
23 - [Promise Technology, Inc.] : C:\windows\system32\drivers\ulsata2.sys
23 - [Advanced Micro Devices] : C:\windows\system32\DRIVERS\usbfilter.sys
23 - [VIA Technologies, Inc.] : C:\windows\system32\drivers\viaide.sys
23 - [VIA Technologies Inc.,Ltd] : C:\windows\system32\drivers\vsmraid.sys
23 - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
23 - [Marvell] : C:\windows\system32\DRIVERS\yk60x86.sys
23 - [Crawler.com] : C:\windows\system32\drivers\sp_rsdrv2.sys

IE URL Search Hooks
ICQToolBar - {{855F3B16-6D32-4fe6-8A56-BBB695989046}} - [ICQ] : C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

Threat Files
<Adware.Burn4Free.A.2> : C:\windows\system32\b4fm.dll
<Casino-17> : C:\Downloads\Everest Poker.exe
<Adware.Casino-17> : C:\Downloads\Everest Poker.exe
<FraudTool.Agent.aa> : C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe
<Trojan.Vundo.Gen> : C:\windows\Temp\_avast5_\unp56993652.tmp

Advanced Files Report
%SYSDIR%\atiesrxx.exe [AMD] [AMD External Events] MD5=09EDD12A8768304C0B797862A218114D SIZE=172032
%SYSDIR%\napinsp.dll [Společnost Microsoft] [Operační systém Microsoft® Windows®] MD5=FC62A635063B762E1C3C60EA77279378 SIZE=50176
%SYSDIR%\DriverStore\FileRepository\stwrt.inf_2159adbc\stacsv.exe [IDT, Inc.] [IDT PC Audio] MD5=7C43EE429B6F503EB6ADAFFF3C20A305 SIZE=254042
%SYSDIR%\stapi32.dll [IDT, Inc.] [IDT PC Audio] MD5=3030623278112A88B6E5B9CEC3906AD5 SIZE=432128
%SYSDIR%\SLsvc.exe [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=862BB4CBC05D80C5B45BE430E5EF872F SIZE=3408896
%SYSDIR%\atieclxx.exe [AMD] [AMD External Events] MD5=C36C7C3978C7275245C7123E65892689 SIZE=356352
%SYSDIR%\atiadlxx.dll [Advanced Micro Devices, Inc.] [ADL Component] MD5=8C8BFAF6231F366E129CF4C4AC30CFB4 SIZE=200704
%SYSDIR%\atiumdag.dll [ATI Technologies Inc.] [ATI Technologies Inc. Radeon DirectX Universal Driver] MD5=6CE474E6F8948A4A24AF976C86182CCC SIZE=3578368
%SYSDIR%\Amhooker.dll [A4Tech Co.,Ltd.] [A4Tech X7 Mouse Driver] MD5=4A2ACD9FC4CC432A006EDC1097EA5AB6 SIZE=36864
%PROGRAMFILES%\PowerISO\PWRISOSH.DLL [PowerISO Computing, Inc.] [PowerISO Shell Dynamic Link Library] MD5=9C4CE308B189E1128A065DC080623007 SIZE=159744
%PROGRAMFILES%\Archiving\S7Z\External\FE Redist\FEShlExt.dll [Copyright 1999-2007 Alex Yakovlev] [Fast Explorer] MD5=F5D2CA0F23CE5657BFB10AF122A8E5FF SIZE=167424
%SYSDIR%\pdfc_port.dll [PDF Complete, Inc.] [PDF Complete] MD5=812A52FCFA070F860A4B6A4C025393AB SIZE=15368
%SYSDIR%\atitmmxx.dll [AMD] [TMM Com Clone Control Module] MD5=A96AFE47BD28D529168594B3026F60F5 SIZE=159744
%SYSDIR%\DriverStore\FileRepository\stwrt.inf_2159adbc\AEstSrv.exe [Andrea Electronics Corporation] [APO Access Service (32-bit)] MD5=827DBC22C96EECF6D36A13162FABAFD3 SIZE=81920
%PROGRAMFILES%\LSI SoftModem\agrsmsvc.exe [Agere Systems] [Agere Soft Modem Call Progress Service] MD5=9C9D3B7A05445B1AB2DF4D0C4D6B77E8 SIZE=14336
%COMMONFILES%\InterVideo\RegMgr\iviRegMgr.exe [InterVideo] [IviRegMgr Module] MD5=213822072085B5BBAD9AF30AB577D817 SIZE=112152
%COMMONFILES%\LightScribe\LSSrvc.exe [Hewlett-Packard Company] [LightScribe] MD5=1615458FB71003B4ED7AD1F26C3A4047 SIZE=79136
%COMMONFILES%\LightScribe\LSSProxy.dll [Hewlett-Packard Company] [LightScribe] MD5=D07B1A1F8FB8D1001607E2F262236D53 SIZE=116000
%COMMONFILES%\LightScribe\LSLog.dll [Hewlett-Packard Company] [LightScribe] MD5=1240A329E51CADA63D4C137ECEDD4AEE SIZE=39200
%PROGRAMFILES%\PDF Complete\pdfsvc.exe [PDF Complete Inc] [PDF Complete] MD5=3E3AC2BE7467EB3AFE1131154A886C6C SIZE=777240
%SYSDIR%\PnkBstrA.exe MD5=A1DD33D16F277CE34124EE52AB2C0F14 SIZE=75064
%PROGRAMFILES%\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.DLL [Hewlett-Packard Development Company, L.P.] [QLB] MD5=F27256356AD8EAAF63EFD8143E5AF14C SIZE=358456
%PROGRAMFILES%\IDT\WDM\STLang.dll [IDT, Inc.] [IDT PC Audio] MD5=DD4A0E33FA60C5FAE6853ED3CE4A5E9F SIZE=3514368
%PROGRAMFILES%\A4Tech\Mouse\Amoures.dll [A4Tech Co.,Ltd.] [A4Tech X-7 Works Mouse Driver] MD5=8777C81C318855A83C382B43F23853FA SIZE=98304
%PROGRAMFILES%\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [Hewlett-Packard Development Company, L.P.] [HP Quick Launch Buttons] MD5=B7D920688464700A12C9E14FC8F3F3B4 SIZE=91440
%PROGRAMFILES%\Hewlett-Packard\Shared\hpqWmiEx.exe [Hewlett-Packard Development Company, L.P.] [hpqwmiex Module] MD5=188FF0ADF66768D53AD94F43972E1E9A SIZE=223232
%PROGRAMFILES%\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [Hewlett-Packard Development Company, L.P.] [HP Quick Launch Buttons] MD5=F2B6E950ED768CC8D980F6D27273B741 SIZE=209464
%SYSDIR%\Macromed\Flash\NPSWF32.dll [Adobe Systems, Inc.] [Shockwave Flash] MD5=F8EFDCFC440A420D6C1ECD245AB20207 SIZE=3884312
%PROGRAMFILES%\Hewlett-Packard\HP Health Check\HPHC_Service.exe [Hewlett-Packard] [HP Health Check Service] MD5=A19B0BB5A7EB6DF2DD4A0711D36955EE SIZE=94208
%WINDIR%\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll [Hewlett-Packard] [HP Active Support Library] MD5=CCD8A1842B7B61EAB6D27BBD1E73872D SIZE=98304
%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=3978704576A121A9204F8CC49A301A9B SIZE=896512
%SYSDIR%\bcmihvsrv.dll [Broadcom Corporation] [Broadcom Native 802.11 WLAN IHV Service] MD5=823BE5C2581CA515681B2B3C068FE675 SIZE=3858432
%SystemDiskRoot%\skulltag\Ide.exe MD5=85244175BB10A8C2F02CDD24B4EACB47 SIZE=823808
%SystemDiskRoot%\skulltag\zrc.dll MD5=5C509C78A246B5CDDC29C7398E91AF47 SIZE=520192
%SystemDiskRoot%\skulltag\getwad.dll MD5=3FA5B69C9CF7907D627952CFFE6BF75E SIZE=126976
%SystemDiskRoot%\skulltag\ip2c.dll MD5=99E61E9D7F43096EB30C5924667F293D SIZE=670720
%PROGRAMFILES%\Internet Explorer\iexplore.exe [Microsoft Corporation] [Windows® Internet Explorer] MD5=2C5168C856455CC43C4B4E1CC1920001 SIZE=636080
%PROGRAMFILES%\ICQ6Toolbar\ICQToolBar.dll [ICQ] [ICQToolBar] MD5=04F14BC6E91CCFB655519BFC6471EA3F SIZE=962808
%SYSDIR%\Macromed\Flash\Flash10b.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=8AFC17155ED5AB60B7C52D7F553D579C SIZE=3866528
%SYSDIR%\atiumdva.dll [ATI Technologies Inc.] [ATI Technologies Inc. Radeon Video Acceleration Universal Driver] MD5=9A380EB43DDF2442BEADAF9D066D204B SIZE=2829824
%SYSDIR%\inetcomm.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=AC9415A1AF0F49570F7515A7131AE2E1 SIZE=738816
%WINDIR%\MSAgent\agentpsh.dll [Microsoft Corporation] [Microsoft Agent Property Sheet Handler] MD5=F0B6186AEB591642784D6FFDC2D625BC SIZE=30720
%SYSDIR%\zipfldr.dll [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=7D80F287AEEDD39C03E118E0EBD3311E SIZE=342528
%PROGRAMFILES%\Windows Photo Gallery\PhotoViewer.dll [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=EDEB29C82E4B4671F99D68C9E0ECBD29 SIZE=2323968
%PROGRAMFILES%\Windows Media Player\wmpband.dll [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=2AC2716E2083A949437CEDB2B6A2E89A SIZE=99328
%SYSDIR%\emdmgmt.dll [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=4E6B23DFC917EA39306B529B773950F4 SIZE=564224
%SYSDIR%\RUNDLL32.EXE [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=4B555106290BD117334E9A08761C035A SIZE=44544
%SYSDIR%\audiodev.dll [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=67C30FAFA58BD7E02A9DA8BE28512934 SIZE=244224
%PROGRAMFILES%\Windows Photo Gallery\PhotoAcq.dll [Microsoft Corporation] [Operační systém Microsoft® Windows®] MD5=DE42924E95D459EDE6F82136951B4590 SIZE=1030144
%SYSDIR%\EhStorShell.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=14E4470BF8ACA69A85D741BA99F75F96 SIZE=114176
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [Advanced Micro Devices, Inc.] [AMD Desktop Component] MD5=2DD5EB3BFF187B054642B504F1E9CADC SIZE=704512
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll [Advanced Micro Devices, Inc.] [AMD Desktop Component] MD5=5C5C909699BD47BA202D8DFC58E9CC52 SIZE=237568
%PROGRAMFILES%\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=DFAA89540C80F6C949E7F01F9A291B52 SIZE=63016
%SYSDIR%\drivers\adp94xx.sys [Adaptec, Inc.] [Adaptec Windows LH SAS/SATA Family Storport Driver] MD5=04F0FCAC69C7C71A3AC4EB97FAFC8303 SIZE=422968
%SYSDIR%\drivers\adpahci.sys [Adaptec, Inc.] [Adaptec Windows Server 2003 SATA Family Storport Driver] MD5=60505E0041F7751BDBB80F88BF45C2CE SIZE=300600
%SYSDIR%\drivers\adpu160m.sys [Adaptec, Inc.] [Adaptec LH x86 Ultra160 Family Driver] MD5=8A42779B02AEC986EAB64ECFC98F8BD7 SIZE=101432
%SYSDIR%\drivers\adpu320.sys [Adaptec, Inc.] [Adaptec Windows Ultra320 Family Driver] MD5=241C9E37F8CE45EF51C3DE27515CA4E5 SIZE=149560
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\DRIVERS\AGRSM.sys [Agere Systems] [Agere SoftModem Driver] MD5=35C391E40471A0B479328FC7B1B5F40F SIZE=1204128
%SYSDIR%\drivers\djsvs.sys [Adaptec, Inc.] MD5=AE1FDF7BF7BB6C6A70F67699D880592A SIZE=71272
%SYSDIR%\drivers\aliide.sys [Acer Laboratories Inc.] [ALi mini IDE Driver] MD5=9EAEF5FC9B8E351AFA7E78A6FAE91F91 SIZE=17464
%SYSDIR%\DRIVERS\Amfilter.sys [A4Tech Co.,Ltd.] [A4Tech Mouse Driver] MD5=868AE6FA93C29C8A105539F3E6D5A77F SIZE=8704
%SYSDIR%\DRIVERS\Amusbprt.sys [A4Tech Co.,Ltd.] [A4Tech Mouse Driver] MD5=37646D4559AD45C96225521B44C45D01 SIZE=13824
%SYSDIR%\drivers\arc.sys [Adaptec, Inc.] [Adaptec RAID Controller] MD5=5D2888182FB46632511ACEE92FDAD522 SIZE=79416
%SYSDIR%\drivers\arcsas.sys [Adaptec, Inc.] [Adaptec RAID Controller] MD5=5E2A321BD7C8B3624E41FDEC3E244945 SIZE=79928
%SYSDIR%\DRIVERS\atikmdag.sys [ATI Technologies Inc.] [ATI Radeon Family] MD5=65E22AA757601FB497EF495B202FB1A9 SIZE=5172224
%SYSDIR%\DRIVERS\AtiPcie.sys [ATI Technologies Inc.] [ATI PCIE Driver] MD5=5A1465AD2E7C1BC39CDA12A355329096 SIZE=14352
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\DRIVERS\bcmwl6.sys [Broadcom Corporation] [Broadcom 802.11 Network Adapter wireless driver] MD5=EC447C520CC2F50DC8C5AC91BC4B8049 SIZE=1665016
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\DRIVERS\bowser.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=74B442B2BE1260B7588C136177CEAC66 SIZE=69632
%SYSDIR%\svchost.exe -k bthsvcs
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\Drivers\dfsc.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=218D8AE46C88E82014F5D73D0236D9B2 SIZE=75264
%SYSDIR%\drivers\elxstor.sys [Emulex] [Emulex LightPulse Storport Miniport Driver] MD5=23B62471681A124889978F6295B3F4C6 SIZE=342584
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\drivers\fltmgr.sys [Společnost Microsoft] [Operacni system Microsoft® Windows®] MD5=01334F9EA68E6877C4EF05D3EA8ABB05 SIZE=190424
%SYSDIR%\drivers\hpcisss.sys [Hewlett-Packard Company] [Smart Array Storport Driver] MD5=16EE7B23A009E00D835CDB79574A91A6 SIZE=40504
%SYSDIR%\DRIVERS\HpqKbFiltr.sys [Hewlett-Packard Development Company, L.P.] [HP Quick Launch Buttons] MD5=35956140E686D53BF676CF0C778880FC SIZE=16768
%SYSDIR%\drivers\iastorv.sys [Intel Corporation] [Intel Matrix Storage Manager driver (base)] MD5=54155EA1B0DF185878E0FC9EC3AC3A14 SIZE=235064
%SYSDIR%\drivers\iirsp.sys [Intel Corp./ICP vortex GmbH] [Intel/ICP Raid Storport Driver] MD5=2D077BF86E843F901D8DB709C95B49A5 SIZE=41576
%SYSDIR%\DRIVERS\msiscsi.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=232FA340531D940AAC623B121A595034 SIZE=180712
%SYSDIR%\drivers\iteatapi.sys [Integrated Technology Express, Inc.] [Microsoft® Windows® Operating System] MD5=BCED60D16156E428F8DF8CF27B0DF150 SIZE=35944
%SYSDIR%\drivers\iteraid.sys [Integrated Technology Express, Inc.] [Microsoft® Windows® Operating System] MD5=06FA654504A498C30ADCA8BEC4E87E7E SIZE=35944
%SYSDIR%\drivers\lsi_fc.sys [LSI Logic] [Microsoft® Windows® Operating System] MD5=C7E15E82879BF3235B559563D4185365 SIZE=96312
%SYSDIR%\drivers\lsi_sas.sys [LSI Logic] [Microsoft® Windows® Operating System] MD5=EE01EBAE8C9BF0FA072E0FF68718920A SIZE=89656
%SYSDIR%\drivers\lsi_scsi.sys [LSI Logic] [Microsoft® Windows® Operating System] MD5=912A04696E9CA30146A62AFA1463DD5C SIZE=96312
%SYSDIR%\drivers\megasas.sys [LSI Corporation] [MEGASAS Storport Driver for Windows Vista/Longhorn for x86] MD5=0001CE609D66632FA17B84705F658879 SIZE=31288
%SYSDIR%\drivers\megasr.sys [LSI Corporation, Inc.] [MegaRAID Software RAID] MD5=C252F32CD9A49DBFC25ECF26EBD51A99 SIZE=386616
%SYSDIR%\drivers\mfetdik.sys [McAfee, Inc.] [SYSCORE.14.0.0.338.x86] MD5=7B807332B86749C8FE4E0E37A66E6050 SIZE=55176
%SYSDIR%\drivers\mraid35x.sys [LSI Logic Corporation] [MegaRAID Miniport Driver for Windows Vista/Longhorn for x86] MD5=4FBBB70D30FD20EC51F80061703B001E SIZE=33384
%SYSDIR%\DRIVERS\mrxsmb10.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=346611D7523B520FAA86B76753CC9874 SIZE=212992
%SYSDIR%\DRIVERS\mssmbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=E384487CB84BE41D09711C30CA79646C SIZE=31288
%SYSDIR%\drivers\nfrd960.sys [IBM Corporation] [IBM ServeRAID Controller] MD5=2E7FB731D4790A1BC6270ACCEFACB36E SIZE=45160
%PROGRAMFILES%\PDF Complete\pdfsvc.exe \startedbyscm:66B66708-40E2BE4D-pdfcService
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted
%SYSDIR%\drivers\ql2300.sys [QLogic Corporation] [QLogic Fibre Channel Stor Miniport Driver] MD5=0A6DB55AFB7820C99AA1F3A1D270F4F6 SIZE=1122360
%SYSDIR%\drivers\ql40xx.sys [QLogic Corporation] [QLA40XX iSCSI Host Bus Adapter] MD5=81A7E5C076E59995D54BC1ED3A16E60B SIZE=106088
%SYSDIR%\drivers\rdpencdd.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=9D91FE5286F748862ECFFA05F8A0710C SIZE=6144
%SYSDIR%\drivers\regi.sys [InterVideo] [InterVideo regi.sys] MD5=001B4278407F4303EFC902A2B16F2453 SIZE=11032
%SYSDIR%\svchost.exe -k rpcss
%SYSDIR%\drivers\sisraid2.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=43CB7AA756C7DB280D01DA9B676CFDE2 SIZE=41016
%SYSDIR%\drivers\sisraid4.sys [Silicon Integrated Systems] [Microsoft® Windows® Operating System] MD5=A99C6C8B0BAA970D8AA59DDC50B57F94 SIZE=74808
%SYSDIR%\DRIVERS\snp2uvc.sys [HP Webcam] MD5=806210BF25BBA573E9331FEAE7EBC905 SIZE=1765168
%SYSDIR%\Drivers\sptd.sys SIZE=691696
%SYSDIR%\DRIVERS\stwrt.sys [IDT, Inc.] [IDT PC Audio] MD5=F6B2BA0A6936BBD5AB78162C4A05DCF1 SIZE=398848
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\drivers\symc8xx.sys [LSI Logic] [Microsoft® Windows® Operating System] MD5=192AA3AC01DF071B541094F251DEED10 SIZE=35944
%SYSDIR%\drivers\sym_hi.sys [LSI Logic] [Microsoft® Windows® Operating System] MD5=8C8EB8C76736EBAF3B13B633B2E64125 SIZE=31848
%SYSDIR%\drivers\sym_u3.sys [LSI Logic] [Microsoft® Windows® Operating System] MD5=8072AF52B5FD103BBBA387A1E49F62CB SIZE=34920
%SYSDIR%\drivers\uliahci.sys [ULi Electronics Inc.] [ULi SATA Controller Driver] MD5=9224BB254F591DE4CA8D572A5F0D635C SIZE=238648
%SYSDIR%\drivers\ulsata.sys [Promise Technology, Inc.] [Promise UlSata Series Driver] MD5=8514D0E5CD0534467C5FC61BE94A569F SIZE=98408
%SYSDIR%\drivers\ulsata2.sys [Promise Technology, Inc.] [Promise SATAII150 Series Driver] MD5=38C3C6E62B157A6BC46594FADA45C62B SIZE=115816
%SYSDIR%\DRIVERS\usbfilter.sys [Advanced Micro Devices] [AMD USB Filter Driver] MD5=5294E3C91E723ECDBAD9614EF02FD941 SIZE=22328
%SYSDIR%\drivers\viaide.sys [VIA Technologies, Inc.] [VIA PCI IDE MINI Driver] MD5=AADF5587A4063F52C2C3FED7887426FC SIZE=20024
%SYSDIR%\drivers\vsmraid.sys [VIA Technologies Inc.,Ltd] [VIA RAID driver] MD5=587253E09325E6BF226B299774B728A9 SIZE=130616
%SYSDIR%\svchost.exe -k WerSvcGroup
%SYSDIR%\svchost.exe -k secsvcs
%SYSDIR%\SearchIndexer.exe \Embedding
%SYSDIR%\DRIVERS\yk60x86.sys [Marvell] [Marvell Yukon Ethernet Controller.] MD5=D51FEBB9F6869512EA2B636E2B30DF7B SIZE=311808
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=363C34FB89B8ED269659270FB06BEC9F SIZE=278848

End of Report


Průběh odstraňování:

Příprava struktur
Vytváření bodu pro obnovu systému
Odstranit Trojan.Vundo.Gen
Smazaný soubor: c:\Windows\Temp\_avast5_\unp56993652.tmp
Odstranit Adware.Burn4Free.A.2
Smazaný soubor: C:\windows\system32\b4fm.dll
Odstranit Casino-17
Smazaný soubor: c:\Downloads\Everest Poker.exe
Odstranit FraudTool.Agent.aa
Smazaný soubor: c:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe
Zavírání bodu pro obnovu systému
Hotovo

Máte v PC minimálně AskToolbar. Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

ComboFix 10-04-09.06 - jara 10.04.2010 19:42:48.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1788.919 [GMT 2:00]
Spuštěný z: c:\users\jara\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2554231803-643740312-1082547134-500
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\btcore.dll
c:\program files\FlashGet Network\FlashGet universal\btwrap.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.exe
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\FGVer.dll
c:\program files\FlashGet Network\FlashGet universal\flashget.exe
c:\program files\FlashGet Network\FlashGet universal\gt.exe
c:\program files\FlashGet Network\FlashGet universal\hashgen.dll
c:\program files\FlashGet Network\FlashGet universal\Help\license.txt
c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
c:\program files\FlashGet Network\FlashGet universal\libupnp.dll
c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\storage.dll
c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\program files\FlashGet Network\FlashGet universal\uninst.exe
c:\program files\FlashGet Network\FlashGet universal\zlib.dll
c:\users\jara\AppData\Roaming\BITS
c:\users\jara\AppData\Roaming\BITS\BITS.ini
c:\users\jara\AppData\Roaming\BITS\DHTTable.dat
c:\users\jara\AppData\Roaming\BITS\ProxyList.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-10 do 2010-04-10 )))))))))))))))))))))))))))))))
.

2010-04-10 16:09 . 2010-04-10 16:09 -------- d-----w- c:\program files\CCleaner
2010-04-10 14:45 . 2010-04-10 14:55 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-04-10 14:45 . 2010-04-10 14:55 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2010-04-10 14:45 . 2010-04-10 14:45 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-04-10 14:45 . 2010-04-10 14:45 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-04-10 14:41 . 2010-04-10 15:01 -------- d-----w- C:\spy
2010-04-10 14:40 . 2010-04-10 16:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-10 14:40 . 2010-04-10 15:26 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-10 11:41 . 2010-04-10 14:22 -------- d-----w- c:\program files\Crawler
2010-04-08 14:56 . 2010-04-08 14:56 -------- d-----w- c:\users\jara\AppData\Local\AskToolbar
2010-04-08 14:49 . 2010-04-08 14:49 -------- d-----w- c:\users\jara\AppData\Local\Bump Technologies, Inc
2010-04-08 14:48 . 2010-04-08 14:48 -------- d-----w- c:\users\jara\AppData\Roaming\Bump Technologies, Inc
2010-04-08 14:48 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-04-08 14:48 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-04-08 14:48 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-04-08 14:48 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-04-08 14:48 . 2010-04-08 14:48 -------- d--h--w- c:\windows\msdownld.tmp
2010-04-08 14:47 . 2010-04-08 17:26 -------- d-----w- c:\program files\BumpTop
2010-04-08 09:08 . 2010-04-08 09:08 -------- d-----w- c:\windows\system32\AGEIA
2010-04-08 09:08 . 2010-04-08 09:09 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-08 09:07 . 2010-04-08 09:07 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-08 08:52 . 2010-04-08 08:52 -------- d-----w- c:\program files\Reality Pump
2010-04-07 18:55 . 2010-04-07 18:55 -------- d-----w- c:\program files\Veetle
2010-04-07 17:18 . 2010-04-07 17:18 -------- d-----w- c:\program files\Common Files\Java
2010-04-07 17:09 . 2010-04-07 17:18 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-07 17:08 . 2010-04-07 17:08 -------- d-----w- c:\program files\Java
2010-04-05 07:53 . 2010-04-05 07:53 -------- d-----w- c:\users\jara\AppData\Local\World in Conflict
2010-04-05 07:29 . 2010-04-05 07:29 -------- d-----w- c:\program files\Sierra Entertainment
2010-04-04 13:53 . 2010-04-04 13:53 -------- d-----w- c:\users\jara\AppData\Local\TVU Networks
2010-04-04 13:53 . 2010-04-04 13:53 -------- d-----w- c:\programdata\TVU Networks
2010-04-04 13:53 . 2010-04-04 13:53 -------- d-----w- c:\program files\TVUPlayer
2010-04-04 13:49 . 2010-04-04 13:49 -------- d-----w- c:\program files\TVAnts
2010-04-03 14:24 . 2010-04-03 14:38 -------- d-----w- c:\users\jara\AppData\Roaming\InfraRecorder
2010-04-03 14:24 . 2010-04-03 14:24 162920 ----a-w- c:\windows\Burning Mill Express Uninstaller.exe
2010-04-03 14:24 . 2010-04-03 14:24 -------- d-----w- c:\program files\Burning Mill Express
2010-04-03 14:17 . 2010-04-03 14:17 -------- d-----w- c:\program files\Alcohol Soft
2010-04-03 14:00 . 2010-04-03 14:00 -------- d-----w- c:\users\jara\AppData\Roaming\Nero
2010-04-03 13:57 . 2010-04-03 14:34 -------- d-----w- c:\programdata\Nero
2010-04-03 13:57 . 2010-04-03 14:34 -------- d-----w- c:\program files\Common Files\Nero
2010-04-03 13:56 . 2010-04-03 13:56 -------- d-----w- c:\program files\Ask.com
2010-04-02 23:08 . 2010-04-02 23:12 20841968 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\rp\RealPlayerSPGold.exe
2010-04-02 23:08 . 2010-04-02 23:08 79368 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\vista.exe
2010-04-02 23:08 . 2010-04-02 23:08 64000 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\gcapi_dll.dll
2010-04-02 23:08 . 2010-04-02 23:08 52288 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\gtapi.dll
2010-04-02 23:08 . 2010-04-02 23:08 50688 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\fftbapi.dll
2010-04-02 23:08 . 2010-04-02 23:08 49152 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\CarboniteCompatibility.dll
2010-04-02 23:08 . 2010-04-02 23:08 118784 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\compat.dll
2010-04-02 15:08 . 2010-04-02 15:08 439816 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\setup.exe
2010-04-01 00:01 . 2010-04-01 00:01 -------- d-----w- c:\users\jara\AppData\Local\Opera
2010-04-01 00:00 . 2010-04-01 00:00 -------- d-----w- c:\program files\Opera
2010-03-31 19:02 . 2010-03-31 19:02 -------- d-----w- c:\program files\SopCast
2010-03-31 10:22 . 2010-03-09 15:42 834048 ----a-w- c:\windows\system32\wininet.dll
2010-03-31 10:22 . 2010-03-09 16:25 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-29 20:09 . 2010-03-29 20:09 -------- d-----w- C:\demos
2010-03-29 14:08 . 2010-04-09 13:57 -------- d-----w- C:\skulltag
2010-03-28 10:18 . 2010-03-28 10:37 -------- d-----w- C:\Unreal Anthology
2010-03-28 09:58 . 2010-03-28 09:58 -------- d-----w- c:\users\jara\AppData\Roaming\Sony
2010-03-28 09:58 . 2010-03-28 09:58 -------- d-----w- c:\programdata\Sony
2010-03-28 09:57 . 2010-03-28 09:57 -------- d-----w- c:\users\jara\AppData\Local\Sony
2010-03-28 09:56 . 2010-03-28 09:56 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-03-28 09:56 . 2010-03-28 09:56 -------- d-----w- c:\program files\Sony
2010-03-28 09:56 . 2010-03-28 09:56 -------- d-----w- c:\program files\Sony Ericsson
2010-03-28 09:52 . 2010-03-28 09:53 -------- d-----w- c:\program files\QuickTime
2010-03-28 09:52 . 2010-03-28 09:52 -------- d-----w- c:\programdata\Apple Computer
2010-03-28 09:51 . 2010-03-28 09:51 -------- d-----w- c:\users\jara\AppData\Local\Apple
2010-03-28 09:51 . 2010-03-28 09:51 -------- d-----w- c:\program files\Apple Software Update
2010-03-28 09:51 . 2010-03-28 09:51 -------- d-----w- c:\programdata\Apple
2010-03-27 19:18 . 2010-03-27 19:18 -------- d-----w- c:\users\jara\AppData\Local\cache
2010-03-23 21:21 . 2010-03-23 21:21 -------- d-----w- C:\Poker
2010-03-23 13:37 . 2010-03-28 20:27 -------- d-----w- c:\users\jara\AppData\Local\FullTiltPoker
2010-03-23 13:36 . 2010-03-28 20:27 -------- d-----w- c:\program files\Full Tilt Poker
2010-03-18 22:01 . 2010-03-18 22:01 -------- d-----w- c:\program files\MSECache
2010-03-18 21:31 . 2010-03-18 21:31 -------- d-----w- c:\users\jara\AppData\Roaming\GeoVid
2010-03-18 21:30 . 2010-03-18 21:30 -------- d-----w- c:\programdata\GeoVid
2010-03-18 21:30 . 2006-02-26 15:08 585728 ----a-w- c:\windows\system32\xvidvfw.dll
2010-03-18 21:30 . 2005-12-21 19:15 544768 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-18 21:30 . 2004-08-04 15:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-03-18 21:30 . 2010-03-18 21:30 -------- d-----w- c:\program files\GeoVid
2010-03-17 22:03 . 2010-03-17 22:10 -------- d-----w- c:\users\jara\AppData\Local\gctmp
2010-03-17 22:03 . 2010-03-17 22:03 -------- d-----w- c:\users\jara\AppData\Local\Xenocode
2010-03-17 22:02 . 2010-03-17 22:12 -------- d-----w- c:\program files\Game Cam V2
2010-03-17 21:35 . 2010-03-18 10:13 -------- d-----w- C:\Fraps
2010-03-13 20:46 . 2010-03-13 20:48 -------- d-----w- c:\program files\PokerGalaxy

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-10 17:43 . 2009-05-25 09:43 635994 ----a-w- c:\windows\system32\perfh005.dat
2010-04-10 17:43 . 2009-05-25 09:43 134788 ----a-w- c:\windows\system32\perfc005.dat
2010-04-10 17:36 . 2009-10-02 11:40 12 ----a-w- c:\windows\bthservsdp.dat
2010-04-10 15:58 . 2009-10-07 05:59 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-10 15:58 . 2009-10-07 05:58 214816 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-04-10 15:57 . 2009-10-07 05:19 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory
2010-04-10 11:29 . 2010-02-16 12:07 -------- d-----w- c:\program files\Alwil Software
2010-04-07 23:59 . 2009-05-25 10:04 -------- d-----w- c:\programdata\PDFC
2010-04-05 07:29 . 2009-05-25 10:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-03 14:13 . 2009-10-05 05:18 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-30 20:40 . 2010-02-09 13:48 -------- d-----w- c:\program files\GamePark
2010-03-28 10:00 . 2010-03-28 10:00 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-03-27 21:51 . 2010-02-10 17:24 -------- d-----w- c:\users\jara\AppData\Roaming\BSplayer
2010-03-18 11:06 . 2010-03-07 12:36 -------- d-----w- c:\program files\ParadisePoker
2010-03-11 10:17 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-07 12:36 . 2010-03-02 15:50 -------- d-----w- c:\programdata\Boss Media
2010-03-06 17:24 . 2010-03-06 17:24 -------- d-----w- c:\program files\Bytescout XLS Viewer
2010-02-28 11:55 . 2009-05-25 09:47 -------- d-----w- c:\program files\Hewlett-Packard
2010-02-28 11:55 . 2010-02-28 11:55 -------- d-----w- c:\users\jara\AppData\Roaming\hpqLog
2010-02-28 11:52 . 2009-10-02 13:18 -------- d-----w- c:\program files\Common Files\Logishrd
2010-02-28 11:51 . 2009-10-02 13:17 -------- d-----w- c:\programdata\LogiShrd
2010-02-27 18:53 . 2009-10-03 16:21 2672 --sha-w- c:\programdata\KGyGaAvL.sys
2010-02-27 18:53 . 2009-10-03 16:21 2672 --sha-w- c:\programdata\KGyGaAvL.sys
2010-02-27 10:06 . 2009-10-02 11:54 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-26 16:13 . 2010-03-21 16:50 17160 ----a-w- c:\windows\Help\OEM\scripts\HPHCDisableObject.exe
2010-02-26 06:06 . 2010-02-26 06:06 2626360 ----a-w- c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2010-02-24 16:50 . 2009-10-02 12:20 114704 ----a-w- c:\users\jara\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 09:16 . 2009-10-04 14:40 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 08:33 . 2010-02-24 08:33 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2010-02-24 08:33 . 2010-02-24 08:33 17212 ----a-w- c:\windows\system32\SIntf32.dll
2010-02-24 08:33 . 2010-02-24 08:33 12067 ----a-w- c:\windows\system32\SIntf16.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-02-22 21:35 . 2010-02-22 21:35 329312 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-02-22 21:35 . 2010-02-22 21:35 300616 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-02-22 21:35 . 2010-02-22 21:34 -------- d-----w- c:\program files\Common Files\Real
2010-02-22 21:35 . 2010-02-22 21:34 -------- d-----w- c:\program files\Real
2010-02-22 21:35 . 2010-02-22 21:35 -------- d-----w- c:\program files\Common Files\xing shared
2010-02-22 12:28 . 2010-03-21 16:50 1282824 ----a-w- c:\windows\Help\OEM\scripts\SamsungHDDFW1HC.exe
2010-02-20 12:07 . 2010-02-20 12:07 -------- d-----w- c:\program files\Computer Artworks
2010-02-20 11:55 . 2010-02-20 11:55 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-02-16 12:07 . 2010-02-16 12:07 -------- d-----w- c:\programdata\Alwil Software
2010-02-16 00:04 . 2010-02-15 18:13 -------- d-----w- c:\program files\Empire Total War
2010-02-15 19:53 . 2010-02-15 19:53 -------- d-----w- c:\users\jara\AppData\Roaming\The Creative Assembly
2010-02-15 18:19 . 2010-02-15 18:19 -------- d-----w- c:\program files\PowerISO
2010-02-15 18:15 . 2010-02-15 18:14 -------- d-----w- c:\users\jara\AppData\Roaming\Roxio
2010-02-12 22:30 . 2010-02-12 22:30 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-12 10:32 . 2010-03-08 00:16 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-10 19:19 . 2010-02-10 19:19 552 ----a-w- c:\users\jara\AppData\Local\d3d8caps.dat
2010-02-10 17:24 . 2010-02-10 17:24 -------- d-----w- c:\users\jara\AppData\Roaming\BSplayer Pro
2010-02-10 17:24 . 2010-02-10 17:24 -------- d-----w- c:\program files\Webteh
2010-02-10 15:28 . 2010-02-10 15:28 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2010-02-10 15:28 . 2010-02-10 15:28 -------- d-----w- c:\programdata\id Software
2010-02-07 16:41 . 2010-02-07 16:41 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-02-04 19:04 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-02-04 15:51 . 2010-03-21 16:50 49152 ----a-w- c:\windows\Help\OEM\scripts\Interop.TaskScheduler.dll
2010-01-25 12:00 . 2010-02-24 08:32 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 08:31 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 08:31 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 08:32 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 08:31 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 08:31 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 08:31 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 08:31 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:21 . 2010-02-24 08:31 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-23 09:26 . 2010-02-24 08:32 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-25 09:45 . 2009-05-25 09:45 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\spy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-08-08 319000]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-03 287288]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"HPCam_Menu"="c:\program files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"WatchDog"="c:\program files\InterVideo\DVD8SESD\DVDCheck.exe" [2009-04-03 200848]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-30 483428]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 200704]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-22 202256]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMToolPack]
2010-04-02 10:22 1103872 ----a-w- c:\progra~1\Crawler\IMTOOL~1\IMToolP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-03-15 10:15 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-08-13 19:24 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):3f,80,9c,7d,95,45,ca,01

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-04-03 691696]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-02-03 209464]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2159adbc\aestsrv.exe [2009-03-02 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-14 172032]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-08-08 777240]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-02-09 22328]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-09 23:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=92&bd=all&pf=cmnb
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FF - ProfilePath - c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.enabled - false
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\programdata\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-Uninstall_CToolbar - c:\users\jara\AppData\Local\Temp\CUninst.exe
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-FlashGet 2.0 - c:\program files\FlashGet Network\FlashGet universal\uninst.exe
AddRemove-{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF} - c:\program files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-10 19:51
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\users\jara\AppData\Local\Temp\catchme.dll 53248 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Celkový čas: 2010-04-10 19:53:47
ComboFix-quarantined-files.txt 2010-04-10 17:53

Před spuštěním: Volných bajtů: 16 597 352 448
Po spuštění: Volných bajtů: 16 536 240 128

- - End Of File - - 232E719C9F402E3CDD9F928941058A7E

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

ComboFix 10-04-10.01 - jara 10.04.2010 20:33:25.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1788.735 [GMT 2:00]
Spuštěný z: c:\users\jara\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\jara\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-10 do 2010-04-10 )))))))))))))))))))))))))))))))
.

2010-04-10 18:39 . 2010-04-10 18:39 -------- d-----w- c:\users\jara\AppData\Local\temp
2010-04-10 18:39 . 2010-04-10 18:39 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-10 18:39 . 2010-04-10 18:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-10 16:09 . 2010-04-10 16:09 -------- d-----w- c:\program files\CCleaner
2010-04-10 14:45 . 2010-04-10 14:55 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-04-10 14:45 . 2010-04-10 14:55 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2010-04-10 14:45 . 2010-04-10 14:45 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-04-10 14:45 . 2010-04-10 14:45 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-04-10 14:41 . 2010-04-10 15:01 -------- d-----w- C:\spy
2010-04-10 14:40 . 2010-04-10 17:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-10 14:40 . 2010-04-10 15:26 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-10 11:41 . 2010-04-10 14:22 -------- d-----w- c:\program files\Crawler
2010-04-08 14:56 . 2010-04-08 14:56 -------- d-----w- c:\users\jara\AppData\Local\AskToolbar
2010-04-08 14:49 . 2010-04-08 14:49 -------- d-----w- c:\users\jara\AppData\Local\Bump Technologies, Inc
2010-04-08 14:48 . 2010-04-08 14:48 -------- d-----w- c:\users\jara\AppData\Roaming\Bump Technologies, Inc
2010-04-08 14:48 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-04-08 14:48 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-04-08 14:48 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-04-08 14:48 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-04-08 14:48 . 2010-04-08 14:48 -------- d--h--w- c:\windows\msdownld.tmp
2010-04-08 14:47 . 2010-04-08 17:26 -------- d-----w- c:\program files\BumpTop
2010-04-08 09:08 . 2010-04-08 09:08 -------- d-----w- c:\windows\system32\AGEIA
2010-04-08 09:08 . 2010-04-08 09:09 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-08 09:07 . 2010-04-08 09:07 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-08 08:52 . 2010-04-08 08:52 -------- d-----w- c:\program files\Reality Pump
2010-04-07 18:55 . 2010-04-07 18:55 -------- d-----w- c:\program files\Veetle
2010-04-07 17:18 . 2010-04-07 17:18 -------- d-----w- c:\program files\Common Files\Java
2010-04-07 17:09 . 2010-04-07 17:18 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-07 17:08 . 2010-04-07 17:08 -------- d-----w- c:\program files\Java
2010-04-05 07:53 . 2010-04-05 07:53 -------- d-----w- c:\users\jara\AppData\Local\World in Conflict
2010-04-05 07:29 . 2010-04-05 07:29 -------- d-----w- c:\program files\Sierra Entertainment
2010-04-04 13:53 . 2010-04-04 13:53 -------- d-----w- c:\users\jara\AppData\Local\TVU Networks
2010-04-04 13:53 . 2010-04-04 13:53 -------- d-----w- c:\programdata\TVU Networks
2010-04-04 13:53 . 2010-04-04 13:53 -------- d-----w- c:\program files\TVUPlayer
2010-04-04 13:49 . 2010-04-04 13:49 -------- d-----w- c:\program files\TVAnts
2010-04-03 14:24 . 2010-04-03 14:38 -------- d-----w- c:\users\jara\AppData\Roaming\InfraRecorder
2010-04-03 14:24 . 2010-04-03 14:24 162920 ----a-w- c:\windows\Burning Mill Express Uninstaller.exe
2010-04-03 14:24 . 2010-04-03 14:24 -------- d-----w- c:\program files\Burning Mill Express
2010-04-03 14:17 . 2010-04-03 14:17 -------- d-----w- c:\program files\Alcohol Soft
2010-04-03 14:00 . 2010-04-03 14:00 -------- d-----w- c:\users\jara\AppData\Roaming\Nero
2010-04-03 13:57 . 2010-04-03 14:34 -------- d-----w- c:\programdata\Nero
2010-04-03 13:57 . 2010-04-03 14:34 -------- d-----w- c:\program files\Common Files\Nero
2010-04-02 23:08 . 2010-04-02 23:12 20841968 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\rp\RealPlayerSPGold.exe
2010-04-02 23:08 . 2010-04-02 23:08 79368 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\vista.exe
2010-04-02 23:08 . 2010-04-02 23:08 64000 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\gcapi_dll.dll
2010-04-02 23:08 . 2010-04-02 23:08 52288 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\gtapi.dll
2010-04-02 23:08 . 2010-04-02 23:08 50688 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\fftbapi.dll
2010-04-02 23:08 . 2010-04-02 23:08 49152 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\CarboniteCompatibility.dll
2010-04-02 23:08 . 2010-04-02 23:08 118784 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\RUP\inst_config\compat.dll
2010-04-02 15:08 . 2010-04-02 15:08 439816 ----a-w- c:\users\jara\AppData\Roaming\Real\Update\setup3.11\setup.exe
2010-04-01 00:01 . 2010-04-01 00:01 -------- d-----w- c:\users\jara\AppData\Local\Opera
2010-04-01 00:00 . 2010-04-01 00:00 -------- d-----w- c:\program files\Opera
2010-03-31 19:02 . 2010-03-31 19:02 -------- d-----w- c:\program files\SopCast
2010-03-31 10:22 . 2010-03-09 15:42 834048 ----a-w- c:\windows\system32\wininet.dll
2010-03-31 10:22 . 2010-03-09 16:25 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-29 20:09 . 2010-03-29 20:09 -------- d-----w- C:\demos
2010-03-29 14:08 . 2010-04-09 13:57 -------- d-----w- C:\skulltag
2010-03-28 10:18 . 2010-03-28 10:37 -------- d-----w- C:\Unreal Anthology
2010-03-28 09:58 . 2010-03-28 09:58 -------- d-----w- c:\users\jara\AppData\Roaming\Sony
2010-03-28 09:58 . 2010-03-28 09:58 -------- d-----w- c:\programdata\Sony
2010-03-28 09:57 . 2010-03-28 09:57 -------- d-----w- c:\users\jara\AppData\Local\Sony
2010-03-28 09:56 . 2010-03-28 09:56 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-03-28 09:56 . 2010-03-28 09:56 -------- d-----w- c:\program files\Sony
2010-03-28 09:56 . 2010-03-28 09:56 -------- d-----w- c:\program files\Sony Ericsson
2010-03-28 09:52 . 2010-03-28 09:53 -------- d-----w- c:\program files\QuickTime
2010-03-28 09:52 . 2010-03-28 09:52 -------- d-----w- c:\programdata\Apple Computer
2010-03-28 09:51 . 2010-03-28 09:51 -------- d-----w- c:\users\jara\AppData\Local\Apple
2010-03-28 09:51 . 2010-03-28 09:51 -------- d-----w- c:\program files\Apple Software Update
2010-03-28 09:51 . 2010-03-28 09:51 -------- d-----w- c:\programdata\Apple
2010-03-27 19:18 . 2010-03-27 19:18 -------- d-----w- c:\users\jara\AppData\Local\cache
2010-03-23 21:21 . 2010-03-23 21:21 -------- d-----w- C:\Poker
2010-03-23 13:37 . 2010-03-28 20:27 -------- d-----w- c:\users\jara\AppData\Local\FullTiltPoker
2010-03-23 13:36 . 2010-03-28 20:27 -------- d-----w- c:\program files\Full Tilt Poker
2010-03-18 22:01 . 2010-03-18 22:01 -------- d-----w- c:\program files\MSECache
2010-03-18 21:31 . 2010-03-18 21:31 -------- d-----w- c:\users\jara\AppData\Roaming\GeoVid
2010-03-18 21:30 . 2010-03-18 21:30 -------- d-----w- c:\programdata\GeoVid
2010-03-18 21:30 . 2006-02-26 15:08 585728 ----a-w- c:\windows\system32\xvidvfw.dll
2010-03-18 21:30 . 2005-12-21 19:15 544768 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-18 21:30 . 2004-08-04 15:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-03-18 21:30 . 2010-03-18 21:30 -------- d-----w- c:\program files\GeoVid
2010-03-17 22:03 . 2010-03-17 22:10 -------- d-----w- c:\users\jara\AppData\Local\gctmp
2010-03-17 22:03 . 2010-03-17 22:03 -------- d-----w- c:\users\jara\AppData\Local\Xenocode
2010-03-17 22:02 . 2010-03-17 22:12 -------- d-----w- c:\program files\Game Cam V2
2010-03-17 21:35 . 2010-03-18 10:13 -------- d-----w- C:\Fraps
2010-03-13 20:46 . 2010-03-13 20:48 -------- d-----w- c:\program files\PokerGalaxy

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-10 17:43 . 2009-05-25 09:43 635994 ----a-w- c:\windows\system32\perfh005.dat
2010-04-10 17:43 . 2009-05-25 09:43 134788 ----a-w- c:\windows\system32\perfc005.dat
2010-04-10 17:36 . 2009-10-02 11:40 12 ----a-w- c:\windows\bthservsdp.dat
2010-04-10 15:58 . 2009-10-07 05:59 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-10 15:58 . 2009-10-07 05:58 214816 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-04-10 15:57 . 2009-10-07 05:19 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory
2010-04-10 11:29 . 2010-02-16 12:07 -------- d-----w- c:\program files\Alwil Software
2010-04-07 23:59 . 2009-05-25 10:04 -------- d-----w- c:\programdata\PDFC
2010-04-05 07:29 . 2009-05-25 10:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-03 14:13 . 2009-10-05 05:18 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-30 20:40 . 2010-02-09 13:48 -------- d-----w- c:\program files\GamePark
2010-03-28 10:00 . 2010-03-28 10:00 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-03-27 21:51 . 2010-02-10 17:24 -------- d-----w- c:\users\jara\AppData\Roaming\BSplayer
2010-03-18 11:06 . 2010-03-07 12:36 -------- d-----w- c:\program files\ParadisePoker
2010-03-11 10:17 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-07 12:36 . 2010-03-02 15:50 -------- d-----w- c:\programdata\Boss Media
2010-03-06 17:24 . 2010-03-06 17:24 -------- d-----w- c:\program files\Bytescout XLS Viewer
2010-02-28 11:55 . 2009-05-25 09:47 -------- d-----w- c:\program files\Hewlett-Packard
2010-02-28 11:55 . 2010-02-28 11:55 -------- d-----w- c:\users\jara\AppData\Roaming\hpqLog
2010-02-28 11:52 . 2009-10-02 13:18 -------- d-----w- c:\program files\Common Files\Logishrd
2010-02-28 11:51 . 2009-10-02 13:17 -------- d-----w- c:\programdata\LogiShrd
2010-02-27 18:53 . 2009-10-03 16:21 2672 --sha-w- c:\programdata\KGyGaAvL.sys
2010-02-27 18:53 . 2009-10-03 16:21 2672 --sha-w- c:\programdata\KGyGaAvL.sys
2010-02-27 10:06 . 2009-10-02 11:54 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-26 16:13 . 2010-03-21 16:50 17160 ----a-w- c:\windows\Help\OEM\scripts\HPHCDisableObject.exe
2010-02-26 06:06 . 2010-02-26 06:06 2626360 ----a-w- c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2010-02-24 16:50 . 2009-10-02 12:20 114704 ----a-w- c:\users\jara\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 09:16 . 2009-10-04 14:40 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 08:33 . 2010-02-24 08:33 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2010-02-24 08:33 . 2010-02-24 08:33 17212 ----a-w- c:\windows\system32\SIntf32.dll
2010-02-24 08:33 . 2010-02-24 08:33 12067 ----a-w- c:\windows\system32\SIntf16.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-02-22 21:35 . 2010-02-22 21:35 329312 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-02-22 21:35 . 2010-02-22 21:35 300616 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-02-22 21:35 . 2010-02-22 21:35 118784 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-02-22 21:35 . 2010-02-22 21:34 -------- d-----w- c:\program files\Common Files\Real
2010-02-22 21:35 . 2010-02-22 21:34 -------- d-----w- c:\program files\Real
2010-02-22 21:35 . 2010-02-22 21:35 -------- d-----w- c:\program files\Common Files\xing shared
2010-02-22 12:28 . 2010-03-21 16:50 1282824 ----a-w- c:\windows\Help\OEM\scripts\SamsungHDDFW1HC.exe
2010-02-20 12:07 . 2010-02-20 12:07 -------- d-----w- c:\program files\Computer Artworks
2010-02-20 11:55 . 2010-02-20 11:55 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-02-16 12:07 . 2010-02-16 12:07 -------- d-----w- c:\programdata\Alwil Software
2010-02-16 00:04 . 2010-02-15 18:13 -------- d-----w- c:\program files\Empire Total War
2010-02-15 19:53 . 2010-02-15 19:53 -------- d-----w- c:\users\jara\AppData\Roaming\The Creative Assembly
2010-02-15 18:19 . 2010-02-15 18:19 -------- d-----w- c:\program files\PowerISO
2010-02-15 18:15 . 2010-02-15 18:14 -------- d-----w- c:\users\jara\AppData\Roaming\Roxio
2010-02-12 22:30 . 2010-02-12 22:30 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-12 10:32 . 2010-03-08 00:16 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-10 19:19 . 2010-02-10 19:19 552 ----a-w- c:\users\jara\AppData\Local\d3d8caps.dat
2010-02-10 17:24 . 2010-02-10 17:24 -------- d-----w- c:\users\jara\AppData\Roaming\BSplayer Pro
2010-02-10 17:24 . 2010-02-10 17:24 -------- d-----w- c:\program files\Webteh
2010-02-10 15:28 . 2010-02-10 15:28 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2010-02-10 15:28 . 2010-02-10 15:28 -------- d-----w- c:\programdata\id Software
2010-02-07 16:41 . 2010-02-07 16:41 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-02-04 19:04 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-02-04 15:51 . 2010-03-21 16:50 49152 ----a-w- c:\windows\Help\OEM\scripts\Interop.TaskScheduler.dll
2010-01-25 12:00 . 2010-02-24 08:32 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 08:31 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 08:31 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 08:32 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 08:31 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 08:31 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 08:31 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 08:31 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:21 . 2010-02-24 08:31 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-23 09:26 . 2010-02-24 08:32 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-25 09:45 . 2009-05-25 09:45 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-08-08 319000]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-03 287288]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"HPCam_Menu"="c:\program files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"WatchDog"="c:\program files\InterVideo\DVD8SESD\DVDCheck.exe" [2009-04-03 200848]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-30 483428]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 200704]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-22 202256]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMToolPack]
2010-04-02 10:22 1103872 ----a-w- c:\progra~1\Crawler\IMTOOL~1\IMToolP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-03-15 10:15 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 13:31 2144088 --sha-r- c:\spy\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-08-13 19:24 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):3f,80,9c,7d,95,45,ca,01

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-04-03 691696]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-02-03 209464]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2159adbc\aestsrv.exe [2009-03-02 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-14 172032]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-08-08 777240]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-02-09 22328]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-09 23:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=92&bd=all&pf=cmnb
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FF - ProfilePath - c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.enabled - false
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\programdata\id Software\QuakeLive\npquakezero.dll
FF - plugin: c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\jara\AppData\Roaming\Mozilla\Firefox\Profiles\rf9yznjb.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-10 20:39
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\users\jara\AppData\Local\Temp\catchme.dll 53248 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Celkový čas: 2010-04-10 20:41:34
ComboFix-quarantined-files.txt 2010-04-10 18:41
ComboFix2.txt 2010-04-10 17:53

Před spuštěním: Volných bajtů: 16 546 004 992
Po spuštění: Volných bajtů: 16 516 341 760

Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,10
- - End Of File - - 02F18C6890B7DE4AC382AB954DA20683

Log již vypadá čistý.

to je super ale ping mi porad skace uz nevim kde muze byt problem jedine poskytovatel asi , diky

Pokud vám kolísá ping, bývá to opravu většinou problém připojení.