Facebook VIR

Zpráva

Maross.s · #1 Příspěvek od **Maross.s** » 24 srp 2011 09:16

Ahoj:-)., bohužel sejms e nakazil tímto virem a nedje mi odstranit. Jedu v nouzovém režimu.
Doufám, že už sjem ve správném foru

.

Maross.s · #2 Příspěvek od **Maross.s** » 24 srp 2011 09:16

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-08-24 10:10:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (25%) free of 50 GB
Total RAM: 3326 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:10:46, on 24.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Firefox\firefox.exe
D:\Program Files\Firefox\plugin-container.exe
C:\Documents and Settings\Administrator.MAREK-D279A91B6\Dokumenty\Stažené soubory\RSIT(2).exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] C:\WINDOWS\system32\MSTMON_Q.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [PDFPrint] D:\Program Files\pdf24\pdf24.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CNET TechTracker.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = D:\Program Files\cd8\Programs\MFIndexer.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\finereader\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1c9b3bd98da55aa) (gupdate1c9b3bd98da55aa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 10988 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1085031214-839522115-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1085031214-839522115-500.job
C:\WINDOWS\tasks\Reimage Reminder.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Mozilla\Firefox\Profiles\4qair42l.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\PROGRA~1\Crawler\firefox\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0]
"Description"=Virtual Earth 3D
"Path"=C:\Program Files\Virtual Earth 3D\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609]
"Description"=12.0.1.609
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

D:\Program Files\Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

D:\Program Files\Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-23 1241552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-19 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-18 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-04-26 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
FreeOnlineRadioPlayerRecorder Toolbar - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-23 1241552]
{f999a48b-1950-4d81-9971-79018f807b4b} - FreeOnlineRadioPlayerRecorder Toolbar - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll [2011-01-17 175912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-18 305328]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-08-26 16851456]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]
"NBKeyScan"=C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2007-09-17 1377576]
"KONICA MINOLTA PagePro 1350WStatusDisplay"=C:\WINDOWS\system32\MSTMON_Q.EXE [2004-11-26 167936]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2003-08-13 147456]
"QuickTime Task"=D:\Program Files\qttask.exe [2008-09-06 413696]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"Adobe Reader Speed Launcher"=D:\Program Files\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-09 2176512]
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2009-02-15 1214856]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2010-11-19 274608]
"PDFPrint"=D:\Program Files\pdf24\pdf24.exe [2011-02-01 220552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-07-06 1047656]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Corel MEDIA FOLDERS INDEXER 8.LNK - D:\Program Files\cd8\Programs\MFIndexer.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
VPN Client.lnk - C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico
WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Administrator.MAREK-D279A91B6\Nabídka Start\Programy\Po spuštění
CNET TechTracker.lnk - C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive\CNET TechTracker\TechTracker.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-05-25 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\uTorrent\utorrent.exe"="D:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Program Files\Graphisoft\ArchiCAD 14\ArchiCAD.exe"="D:\Program Files\Graphisoft\ArchiCAD 14\ArchiCAD.exe:*:Disabled:ArchiCAD 14.0"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2011-08-23 21:20:55 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-08-23 19:27:46 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Malwarebytes
2011-08-23 19:27:42 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-08-23 19:27:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-23 19:27:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-23 19:27:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-08-23 19:21:49 ----D---- C:\Program Files\Zrychleni Pocitace
2011-08-23 19:21:42 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\OpenCandy
2011-08-23 19:21:42 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive
2011-08-23 18:11:30 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Ahead
2011-08-23 17:38:23 ----D---- C:\rsit
2011-08-23 17:38:23 ----D---- C:\Program Files\trend micro
2011-08-23 17:27:24 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Macromedia
2011-08-23 17:27:24 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Adobe
2011-08-23 17:26:33 ----D---- C:\WINDOWS\temp
2011-08-23 17:26:32 ----A---- C:\ComboFix.txt
2011-08-23 17:26:29 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Mozilla
2011-08-23 17:22:44 ----SD---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Microsoft
2011-08-23 17:22:44 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\ATI
2011-08-23 17:22:44 ----ASH---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\desktop.ini
2011-08-23 16:40:11 ----A---- C:\Boot.bak
2011-08-23 16:40:08 ----RASHD---- C:\cmdcons
2011-08-23 16:37:16 ----A---- C:\WINDOWS\zip.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\SWSC.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\SWREG.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\sed.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\PEV.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\NIRCMD.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\MBR.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\grep.exe
2011-08-23 16:37:11 ----D---- C:\WINDOWS\ERDNT
2011-08-23 16:37:08 ----D---- C:\Qoobox
2011-08-22 21:53:51 ----D---- C:\Program Files\ESET
2011-08-22 21:17:35 ----A---- C:\WINDOWS\ntbtlog.txt
2011-08-22 21:10:51 ----D---- C:\Config.Msi
2011-08-22 20:40:10 ----D---- C:\WINDOWS\pss
2011-08-22 20:02:16 ----D---- C:\Program Files\AVAST Software
2011-08-22 20:02:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-22 19:57:13 ----D---- C:\WINDOWS\LastGood.Tmp
2011-08-22 15:23:11 ----D---- C:\Program Files\Common Files\Java
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atioglxx.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-08-19 10:05:11 ----D---- C:\Program Files\ATI
2011-08-19 09:54:23 ----D---- C:\ATI
2011-08-19 09:49:38 ----D---- C:\WINDOWS\ufa
2011-08-19 09:46:17 ----A---- C:\WINDOWS\unrar.exe
2011-08-19 09:43:04 ----D---- C:\WINDOWS\av_ico
2011-08-19 09:41:07 ----HD---- C:\WINDOWS\update.tray-9-0-lnk
2011-08-19 09:41:07 ----HD---- C:\WINDOWS\update.tray-9-0
2011-08-19 09:41:06 ----HD---- C:\WINDOWS\update.tray-3-0-lnk
2011-08-19 09:41:06 ----HD---- C:\WINDOWS\update.tray-3-0
2011-08-10 22:15:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-10 22:15:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-10 22:15:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-10 22:12:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-10 22:12:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-03 09:50:33 ----D---- C:\Program Files\ConduitEngine
2011-08-03 09:50:33 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-08-02 23:45:24 ----D---- C:\Program Files\Conduit
2011-08-02 23:45:21 ----D---- C:\Program Files\FreeOnlineRadioPlayerRecorder
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll

======List of files/folders modified in the last 1 month======

2011-08-24 09:20:59 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-24 09:20:46 ----SD---- C:\WINDOWS\Tasks
2011-08-24 09:20:29 ----D---- C:\Documents and Settings
2011-08-23 23:25:51 ----D---- C:\WINDOWS\system32
2011-08-23 20:16:36 ----D---- C:\WINDOWS\system32\drivers
2011-08-23 19:27:38 ----RD---- C:\Program Files
2011-08-23 17:26:33 ----D---- C:\WINDOWS
2011-08-23 17:23:09 ----A---- C:\WINDOWS\system.ini
2011-08-23 17:23:04 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-23 16:44:25 ----D---- C:\WINDOWS\system32\config
2011-08-23 16:42:45 ----D---- C:\WINDOWS\AppPatch
2011-08-23 16:42:43 ----D---- C:\Program Files\Common Files
2011-08-23 16:40:11 ----RASH---- C:\boot.ini
2011-08-22 21:45:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-08-22 21:41:31 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-22 21:38:04 ----D---- C:\Program Files\Spyware Terminator
2011-08-22 21:38:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-08-22 21:12:57 ----D---- C:\WINDOWS\system32\wbem
2011-08-22 21:12:35 ----D---- C:\WINDOWS\Registration
2011-08-22 21:10:51 ----SHD---- C:\WINDOWS\Installer
2011-08-22 20:41:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-22 20:41:27 ----A---- C:\WINDOWS\win.ini
2011-08-22 20:41:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-08-22 20:40:19 ----D---- C:\WINDOWS\Prefetch
2011-08-22 20:02:28 ----D---- C:\WINDOWS\WinSxS
2011-08-22 19:57:49 ----D---- C:\Program Files\Clownfish
2011-08-22 19:16:01 ----A---- C:\WINDOWS\NeroDigital.ini
2011-08-22 15:23:00 ----D---- C:\Program Files\Java
2011-08-21 21:03:40 ----HD---- C:\WINDOWS\inf
2011-08-19 10:05:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-19 10:05:15 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-08-19 10:05:13 ----D---- C:\Program Files\ATI Technologies
2011-08-19 09:50:30 ----SHD---- C:\System Volume Information
2011-08-19 09:50:30 ----D---- C:\WINDOWS\system32\Restore
2011-08-19 09:50:07 ----D---- C:\WINDOWS\Minidump
2011-08-19 09:50:07 ----D---- C:\WINDOWS\Debug
2011-08-17 11:10:35 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-08-11 15:46:03 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-11 15:46:01 ----RSD---- C:\WINDOWS\assembly
2011-08-10 22:16:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-10 22:15:07 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-10 22:13:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-10 22:12:52 ----D---- C:\Program Files\Internet Explorer
2011-08-02 22:45:18 ----D---- C:\Program Files\ICQ7.5
2011-07-25 17:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-05-25 64512]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-07-01 54280]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-11-16 131984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 owniopu;owniopu; C:\WINDOWS\System32\drivers\yscjqwde.sys []
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-11 691696]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
S1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys []
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys []
S2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys []
S2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2002-06-24 81356]
S2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
S2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
S2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-07-01 71688]
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\WINDOWS\system32\MLPTDR_Q.SYS []
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2002-06-24 39182]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2002-06-24 9804]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-05-25 6554624]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-27 4754432]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-08-26 3684352]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; D:\Program Files\finereader\NetworkLicenseServer.exe [2007-09-24 566560]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-05-25 643072]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
S2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
S2 gupdate1c9b3bd98da55aa;Služba Google Update (gupdate1c9b3bd98da55aa); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-02 133104]
S2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
S2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-07-20 206336]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-22 75136]
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-09 488960]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-04-03 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-21 867080]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-02 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-03 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe []
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 24 srp 2011 10:31

Zdravim a pekny den preji

Jedna se o domaci nebo nejake pracovni\firemni PC

Vy umite pracovat s ComboFixem, nebo Vam jej aplikoval nekdo kdo s nim umi - aplikace, rozlusteni logu a nasledne docisteni

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Dejte sem RSIT i CF log - je umisten v c:\combofix.txt

Maross.s · #4 Příspěvek od **Maross.s** » 25 srp 2011 17:18

ComboFix 11-08-23.03 - Administrator 23.08.2011 16:41:37.1.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2803 [GMT 2:00]
Spuštěný z: c:\documents and settings\TEMP.MAREK-D279A91B6\Dokumenty\Sta×enÚ soubory\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\update.exe
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\proc_list1.log
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\update.7.1
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_SRVSYSDRIVER32
-------\Legacy_WXPDRIVERS
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-23 do 2011-08-23 )))))))))))))))))))))))))))))))
.
.
2011-08-23 15:22 . 2011-08-23 15:22 -------- d-----w- c:\documents and settings\Administrator.MAREK-D279A91B6
2011-08-22 19:53 . 2011-08-22 19:53 -------- d-----w- c:\program files\ESET
2011-08-22 19:18 . 2011-08-22 19:19 -------- d-----w- c:\documents and settings\TEMP
2011-08-22 19:12 . 2011-08-22 19:12 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-22 18:02 . 2011-08-22 18:02 -------- d-----w- c:\program files\AVAST Software
2011-08-22 18:02 . 2011-08-22 18:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-08-22 17:57 . 2011-08-22 17:57 -------- d-----w- c:\windows\LastGood.Tmp
2011-08-22 13:23 . 2011-08-22 13:23 -------- d-----w- c:\program files\Common Files\Java
2011-08-21 19:32 . 2011-08-21 19:32 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2011-08-21 19:29 . 2011-08-21 19:29 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2011-08-19 08:05 . 2011-05-25 03:53 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-08-19 08:05 . 2011-05-25 03:53 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-08-19 08:05 . 2011-05-25 03:47 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-08-19 08:05 . 2011-05-25 03:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-08-19 08:05 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-19 08:05 . 2011-05-25 02:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-08-19 08:05 . 2011-05-25 02:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-19 08:05 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\program files\ATI
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\ATI
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\documents and settings\Default User\Data aplikací\ATI
2011-08-19 07:54 . 2011-08-19 07:54 -------- d-----w- C:\ATI
2011-08-19 07:49 . 2011-08-19 07:49 -------- d-----w- c:\windows\ufa
2011-08-19 07:46 . 2011-08-19 07:49 246272 ----a-w- c:\windows\unrar.exe
2011-08-19 07:43 . 2011-08-19 07:43 -------- d-----w- c:\windows\av_ico
2011-08-19 07:41 . 2011-08-22 13:50 -------- d--h--w- c:\windows\update.tray-9-0
2011-08-19 07:41 . 2011-08-22 13:50 -------- d--h--w- c:\windows\update.tray-9-0-lnk
2011-08-19 07:41 . 2011-08-22 13:50 -------- d--h--w- c:\windows\update.tray-3-0
2011-08-19 07:41 . 2011-08-22 13:50 -------- d--h--w- c:\windows\update.tray-3-0-lnk
2011-08-19 07:26 . 2011-08-19 07:26 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-08-10 13:03 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 13:02 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-03 07:50 . 2011-08-03 07:50 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-17 09:10 . 2009-05-23 18:44 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-17 09:10 . 2009-06-27 15:10 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-08-17 09:10 . 2009-05-23 18:44 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-10 15:21 . 2009-05-23 18:44 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-15 13:29 . 2004-08-03 21:15 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-10-25 14:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-29 18:25 . 2009-11-08 17:20 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-29 13:19 . 2011-06-29 13:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-24 14:10 . 2009-04-02 11:02 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 18:31 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 12:05 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-17 13:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-15 18:24 . 2011-06-15 21:52 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-06-06 11:35 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2010-08-20 11:13 . 2009-04-05 16:17 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
2011-01-17 14:54 175912 ----a-w- c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{f999a48b-1950-4d81-9971-79018f807b4b}"= "c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{f999a48b-1950-4d81-9971-79018f807b4b}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-02-27 570664]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2008-02-18 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2008-02-18 1057064]
"NBKeyScan"="c:\program files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" [2007-09-17 1377576]
"KONICA MINOLTA PagePro 1350WStatusDisplay"="c:\windows\system32\MSTMON_Q.EXE" [2004-11-26 167936]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2003-08-13 147456]
"QuickTime Task"="d:\program files\qttask.exe" [2008-09-06 413696]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-20 30192]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"Adobe Reader Speed Launcher"="d:\program files\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-09 2176512]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-02-15 1214856]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-11-19 274608]
"PDFPrint"="d:\program files\pdf24\pdf24.exe" [2011-02-01 220552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Corel MEDIA FOLDERS INDEXER 8.LNK - d:\program files\cd8\Programs\MFIndexer.exe [2009-4-2 83456]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico [2010-9-20 6144]
WinZip Quick Pick.lnk - d:\program files\WinZip\WZQKPICK.EXE [2008-9-10 525664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0aswBoot.exe /A:* /L:1029 /KBD:3 /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"d:\\Program Files\\Graphisoft\\ArchiCAD 14\\ArchiCAD.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [24.5.2009 13:23 64512]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [25.5.2011 2:00 2151640]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [9.12.2009 14:47 12032]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.5.2009 20:05 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.4.2010 18:46 142592]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;d:\program files\finereader\NetworkLicenseServer.exe [24.9.2007 19:11 566560]
S2 aswFsBlk;aswFsBlk; [x]
S2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [2.4.2009 14:02 81356]
S2 gupdate1c9b3bd98da55aa;Služba Google Update (gupdate1c9b3bd98da55aa);c:\program files\Google\Update\GoogleUpdate.exe [2.4.2009 20:05 133104]
S2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [22.7.2003 9:44 18848]
S2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe --> c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [?]
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [2.4.2009 14:02 39182]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [2.4.2009 14:02 9804]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [5.4.2009 18:17 30192]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2.4.2009 20:05 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [2.4.2009 14:06 6085]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-05-25 11:19]
.
2011-05-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 18:05]
.
2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 18:05]
.
2011-08-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1085031214-839522115-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1085031214-839522115-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-22 c:\windows\Tasks\Reimage Reminder.job
- c:\program files\Reimage\Reimage Repair\ReimageReminder.exe [2010-04-19 07:15]
.
.
------- Doplňkový sken -------
.
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\Mozilla\Firefox\Profiles\1t9gp4sa.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\AVAST Software\Avast\ashShell.dll
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico2 - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
HKLM-Run-1498014.exe - c:\docume~1\ADMINI~1\LOCALS~1\Temp\1498014.exe
HKLM-Run-32254.exe - c:\docume~1\ADMINI~1\LOCALS~1\Temp\32254.exe
AddRemove-ACDLabs in D__Program_Files_ - d:\program files\setup\setup.exe
AddRemove-avast - c:\program files\AVAST Software\Avast\aswRunDll.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-QUIZ_is1 - d:\škola\TZB\Quiz\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-23 17:23
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(860)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1348)
c:\windows\system32\msi.dll
c:\program files\Microsoft Silverlight\xapauthenticodesip.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
d:\program files\Firefox\firefox.exe
.
**************************************************************************
.
Celkový čas: 2011-08-23 17:26:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-23 15:26
.
Před spuštěním: Volných bajtů: 13 416 034 304
Po spuštění: Volných bajtů: 13 543 821 312
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=AlwaysOff /fastdetect /usepmtimer
.
- - End Of File - - 5E5D7A4B67AE3EF5086D21CFB6CF7599

Maross.s · #5 Příspěvek od **Maross.s** » 25 srp 2011 17:19

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-08-25 18:19:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (25%) free of 50 GB
Total RAM: 3326 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:04, on 25.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\Program Files\Firefox\firefox.exe
D:\Program Files\Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator.MAREK-D279A91B6\Dokumenty\Stažené soubory\RSIT(3).exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FreeOnlineRadioPlayerRecorder - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: FreeOnlineRadioPlayerRecorder Toolbar - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] C:\WINDOWS\system32\MSTMON_Q.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [PDFPrint] D:\Program Files\pdf24\pdf24.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CNET TechTracker.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = D:\Program Files\cd8\Programs\MFIndexer.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\finereader\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1c9b3bd98da55aa) (gupdate1c9b3bd98da55aa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 11021 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1085031214-839522115-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1085031214-839522115-500.job
C:\WINDOWS\tasks\Reimage Reminder.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Mozilla\Firefox\Profiles\4qair42l.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\PROGRA~1\Crawler\firefox\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0]
"Description"=Virtual Earth 3D
"Path"=C:\Program Files\Virtual Earth 3D\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609]
"Description"=12.0.1.609
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

D:\Program Files\Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

D:\Program Files\Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-23 1241552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-19 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-18 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-04-26 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
FreeOnlineRadioPlayerRecorder Toolbar - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-23 1241552]
{f999a48b-1950-4d81-9971-79018f807b4b} - FreeOnlineRadioPlayerRecorder Toolbar - C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll [2011-01-17 175912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-18 305328]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-08-26 16851456]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]
"NBKeyScan"=C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2007-09-17 1377576]
"KONICA MINOLTA PagePro 1350WStatusDisplay"=C:\WINDOWS\system32\MSTMON_Q.EXE [2004-11-26 167936]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2003-08-13 147456]
"QuickTime Task"=D:\Program Files\qttask.exe [2008-09-06 413696]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"Adobe Reader Speed Launcher"=D:\Program Files\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-09 2176512]
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2009-02-15 1214856]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2010-11-19 274608]
"PDFPrint"=D:\Program Files\pdf24\pdf24.exe [2011-02-01 220552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-07-06 1047656]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Corel MEDIA FOLDERS INDEXER 8.LNK - D:\Program Files\cd8\Programs\MFIndexer.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
VPN Client.lnk - C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico
WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Administrator.MAREK-D279A91B6\Nabídka Start\Programy\Po spuštění
CNET TechTracker.lnk - C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive\CNET TechTracker\TechTracker.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-05-25 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\uTorrent\utorrent.exe"="D:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Program Files\Graphisoft\ArchiCAD 14\ArchiCAD.exe"="D:\Program Files\Graphisoft\ArchiCAD 14\ArchiCAD.exe:*:Disabled:ArchiCAD 14.0"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2011-08-23 21:20:55 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-08-23 19:27:46 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Malwarebytes
2011-08-23 19:27:42 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-08-23 19:27:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-23 19:27:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-23 19:27:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-08-23 19:21:49 ----D---- C:\Program Files\Zrychleni Pocitace
2011-08-23 19:21:42 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\OpenCandy
2011-08-23 19:21:42 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive
2011-08-23 18:11:30 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Ahead
2011-08-23 17:38:23 ----D---- C:\rsit
2011-08-23 17:38:23 ----D---- C:\Program Files\trend micro
2011-08-23 17:27:24 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Macromedia
2011-08-23 17:27:24 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Adobe
2011-08-23 17:26:33 ----D---- C:\WINDOWS\temp
2011-08-23 17:26:32 ----A---- C:\ComboFix.txt
2011-08-23 17:26:29 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Mozilla
2011-08-23 17:22:44 ----SD---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Microsoft
2011-08-23 17:22:44 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\ATI
2011-08-23 17:22:44 ----ASH---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\desktop.ini
2011-08-23 16:40:11 ----A---- C:\Boot.bak
2011-08-23 16:40:08 ----RASHD---- C:\cmdcons
2011-08-23 16:37:16 ----A---- C:\WINDOWS\zip.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\SWSC.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\SWREG.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\sed.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\PEV.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\NIRCMD.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\MBR.exe
2011-08-23 16:37:16 ----A---- C:\WINDOWS\grep.exe
2011-08-23 16:37:11 ----D---- C:\WINDOWS\ERDNT
2011-08-23 16:37:08 ----D---- C:\Qoobox
2011-08-22 21:53:51 ----D---- C:\Program Files\ESET
2011-08-22 21:17:35 ----A---- C:\WINDOWS\ntbtlog.txt
2011-08-22 21:10:51 ----D---- C:\Config.Msi
2011-08-22 20:40:10 ----D---- C:\WINDOWS\pss
2011-08-22 20:02:16 ----D---- C:\Program Files\AVAST Software
2011-08-22 20:02:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-22 19:57:13 ----D---- C:\WINDOWS\LastGood.Tmp
2011-08-22 15:23:11 ----D---- C:\Program Files\Common Files\Java
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atioglxx.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-08-19 10:05:11 ----D---- C:\Program Files\ATI
2011-08-19 09:54:23 ----D---- C:\ATI
2011-08-19 09:49:38 ----D---- C:\WINDOWS\ufa
2011-08-19 09:46:17 ----A---- C:\WINDOWS\unrar.exe
2011-08-19 09:43:04 ----D---- C:\WINDOWS\av_ico
2011-08-19 09:41:07 ----HD---- C:\WINDOWS\update.tray-9-0-lnk
2011-08-19 09:41:07 ----HD---- C:\WINDOWS\update.tray-9-0
2011-08-19 09:41:06 ----HD---- C:\WINDOWS\update.tray-3-0-lnk
2011-08-19 09:41:06 ----HD---- C:\WINDOWS\update.tray-3-0
2011-08-10 22:15:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-10 22:15:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-10 22:15:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-10 22:12:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-10 22:12:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-03 09:50:33 ----D---- C:\Program Files\ConduitEngine
2011-08-03 09:50:33 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-08-02 23:45:24 ----D---- C:\Program Files\Conduit
2011-08-02 23:45:21 ----D---- C:\Program Files\FreeOnlineRadioPlayerRecorder
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll

======List of files/folders modified in the last 1 month======

2011-08-25 17:22:08 ----D---- C:\WINDOWS\system32
2011-08-25 16:18:21 ----SD---- C:\WINDOWS\Tasks
2011-08-25 16:17:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-25 16:16:01 ----D---- C:\Documents and Settings
2011-08-23 20:16:36 ----D---- C:\WINDOWS\system32\drivers
2011-08-23 19:27:38 ----RD---- C:\Program Files
2011-08-23 17:26:33 ----D---- C:\WINDOWS
2011-08-23 17:23:09 ----A---- C:\WINDOWS\system.ini
2011-08-23 17:23:04 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-23 16:44:25 ----D---- C:\WINDOWS\system32\config
2011-08-23 16:42:45 ----D---- C:\WINDOWS\AppPatch
2011-08-23 16:42:43 ----D---- C:\Program Files\Common Files
2011-08-23 16:40:11 ----RASH---- C:\boot.ini
2011-08-22 21:45:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-08-22 21:41:31 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-22 21:38:04 ----D---- C:\Program Files\Spyware Terminator
2011-08-22 21:38:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-08-22 21:12:57 ----D---- C:\WINDOWS\system32\wbem
2011-08-22 21:12:35 ----D---- C:\WINDOWS\Registration
2011-08-22 21:10:51 ----SHD---- C:\WINDOWS\Installer
2011-08-22 20:41:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-22 20:41:27 ----A---- C:\WINDOWS\win.ini
2011-08-22 20:41:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-08-22 20:40:19 ----D---- C:\WINDOWS\Prefetch
2011-08-22 20:02:28 ----D---- C:\WINDOWS\WinSxS
2011-08-22 19:57:49 ----D---- C:\Program Files\Clownfish
2011-08-22 19:16:01 ----A---- C:\WINDOWS\NeroDigital.ini
2011-08-22 15:23:00 ----D---- C:\Program Files\Java
2011-08-21 21:03:40 ----HD---- C:\WINDOWS\inf
2011-08-19 10:05:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-19 10:05:15 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-08-19 10:05:13 ----D---- C:\Program Files\ATI Technologies
2011-08-19 09:50:30 ----SHD---- C:\System Volume Information
2011-08-19 09:50:30 ----D---- C:\WINDOWS\system32\Restore
2011-08-19 09:50:07 ----D---- C:\WINDOWS\Minidump
2011-08-19 09:50:07 ----D---- C:\WINDOWS\Debug
2011-08-17 11:10:35 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-08-11 15:46:03 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-11 15:46:01 ----RSD---- C:\WINDOWS\assembly
2011-08-10 22:16:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-10 22:15:07 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-10 22:13:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-10 22:12:52 ----D---- C:\Program Files\Internet Explorer
2011-08-02 22:45:18 ----D---- C:\Program Files\ICQ7.5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-05-25 64512]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-07-01 54280]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-11-16 131984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 owniopu;owniopu; C:\WINDOWS\System32\drivers\yscjqwde.sys []
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-11 691696]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
S1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys []
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys []
S2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys []
S2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2002-06-24 81356]
S2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
S2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
S2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-07-01 71688]
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\WINDOWS\system32\MLPTDR_Q.SYS []
S2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2002-06-24 39182]
S2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2002-06-24 9804]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-05-25 6554624]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-27 4754432]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-08-26 3684352]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; D:\Program Files\finereader\NetworkLicenseServer.exe [2007-09-24 566560]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-05-25 643072]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
S2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
S2 gupdate1c9b3bd98da55aa;Služba Google Update (gupdate1c9b3bd98da55aa); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-02 133104]
S2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
S2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-07-20 206336]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-22 75136]
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-09 488960]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-04-03 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-21 867080]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-02 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-03 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe []
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#6 Příspěvek od **vyosek** » 25 srp 2011 17:23

vyosek píše: Jedna se o domaci nebo nejake pracovni\firemni PC

Vy umite pracovat s ComboFixem, nebo Vam jej aplikoval nekdo kdo s nim umi - aplikace, rozlusteni logu a nasledne docisteni

Maross.s · #7 Příspěvek od **Maross.s** » 25 srp 2011 17:28

Zdravím a taky přeju pěkný den

.
Jedná se o domácí počítač. S ComboFixem pracovat neumím. Pouze jsem našle někde na netu, že bych s jeho pomocí mohl vir odstranit. Samotnému se mi to ale nepodařilo.
Pokud by nešl vit odstranit, nebo by to bylo příliš pracné, jsem z reinstalem smířený. Možná je to pro mě nejrychlejší a nejschůdnější cesta. Přesto, pokud by jste o někám vhodném řešení věděl, byl bych moc vděčný.
Díky, snad jsem poslal vše, co jsem měl.

#8 Příspěvek od **vyosek** » 25 srp 2011 18:00

ComboFix, jak jsem pasal, neni urcen pro bezne pouzivani, jelikoz neumi odstranit vse a je potreba napsat nacistovaci skript. Taktez ma CF obcas bug a maze co nema (nejake legitimni soubory treba)

Reinstal nebude treba, s nejvetsi pravdepodobnosti tedy...

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\CentrumczToolbar
C:\PROGRA~1\Crawler\Toolbar
c:\windows\ufa
c:\windows\av_ico
c:\windows\update.tray-9-0
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-3-0
c:\windows\update.tray-3-0-lnk
C:\Program Files\Zrychleni Pocitace
C:\Program Files\Trojan Remover

File::
C:\Program Files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
c:\windows\unrar.exe
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
C:\WINDOWS\system32\ConduitEngine.tmp

Collect::
C:\WINDOWS\System32\drivers\yscjqwde.sys

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f999a48b-1950-4d81-9971-79018f807b4b}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{D5D47440-0750-463D-BAEF-A47D02414806}"=-
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-
"{f999a48b-1950-4d81-9971-79018f807b4b}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"SecurDisc"=-
"InCD"=-
"NBKeyScan"=-
"QuickTime Task"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"TrojanScanner"=-
"TkBellExe"=-
"SunJavaUpdateSched"=-
"Malwarebytes' Anti-Malware (reboot)"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=-

Driver::
gupdate1c9b3bd98da55aa
gupdatem
McComponentHostService
gusvc
PC Speed Up Service
NBService
PCSUService
owniopu

DDS::
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll

AtJob::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Maross.s · #9 Příspěvek od **Maross.s** » 25 srp 2011 20:19

ComboFix 11-08-22.03 - Administrator 25.08.2011 19:46:35.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2870 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator.MAREK-D279A91B6\Plocha\CFScript.txt
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk"
"c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll"
"c:\windows\system32\ConduitEngine.tmp"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\64dlls.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\intel64.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\Kernel32.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\localsys64.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\ntos.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\oembios.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\sdra64.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\sdra73.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\swin32.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\twex.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\twext.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\wsnpoema.exe
c:\progra~1\Crawler\Toolbar
c:\progra~1\Crawler\Toolbar\adrkeys.dat
c:\progra~1\Crawler\Toolbar\common_ff.dat
c:\progra~1\Crawler\Toolbar\confirm.dat
c:\progra~1\Crawler\Toolbar\ctbcomm.dll
c:\progra~1\Crawler\Toolbar\ctbr.dll
c:\progra~1\Crawler\Toolbar\CTConf.dat
c:\progra~1\Crawler\Toolbar\CTipsDef.dll
c:\progra~1\Crawler\Toolbar\CToolbar.exe
c:\progra~1\Crawler\Toolbar\CUpdate.exe
c:\progra~1\Crawler\Toolbar\firefox\components\xcomm.bak
c:\progra~1\Crawler\Toolbar\firefox\components\xcomm.dll
c:\progra~1\Crawler\Toolbar\firefox\components\xplugin.bak
c:\progra~1\Crawler\Toolbar\firefox\components\xplugin.xpt
c:\progra~1\Crawler\Toolbar\firefox\components\xshared.bak
c:\progra~1\Crawler\Toolbar\firefox\components\xshared.dll
c:\progra~1\Crawler\Toolbar\firefox\components\xshared.xpt
c:\progra~1\Crawler\Toolbar\firefox\components\xsupport.bak
c:\progra~1\Crawler\Toolbar\firefox\components\xsupport.dll
c:\progra~1\Crawler\Toolbar\firefox\components\xsupport.xpt
c:\progra~1\Crawler\Toolbar\firefox\components\xwsg.dll
c:\progra~1\Crawler\Toolbar\firefox\chrome.bak
c:\progra~1\Crawler\Toolbar\firefox\chrome.manifest
c:\progra~1\Crawler\Toolbar\firefox\chrome\common.bak
c:\progra~1\Crawler\Toolbar\firefox\chrome\common.jar
c:\progra~1\Crawler\Toolbar\firefox\chrome\stwsg.jar
c:\progra~1\Crawler\Toolbar\firefox\install.bak
c:\progra~1\Crawler\Toolbar\firefox\install.ini
c:\progra~1\Crawler\Toolbar\firefox\install.rdf
c:\progra~1\Crawler\Toolbar\firefox\stwsg_ff.ini
c:\progra~1\Crawler\Toolbar\Languages\STWSG_CS.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_DE.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_EN.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_ES.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_FF.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_FF.cab.old
c:\progra~1\Crawler\Toolbar\Languages\STWSG_FR.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_IT.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_NL.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_PT-BR.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_PT.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_RU.cab
c:\progra~1\Crawler\Toolbar\Languages\STWSG_RU.cab.old
c:\progra~1\Crawler\Toolbar\Languages\STWSG_SR.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_CS.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_DA.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_DE.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_EN.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_ES.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_FR.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_IT.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_IT.cab.old
c:\progra~1\Crawler\Toolbar\Languages\TBR5_NL.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_PL.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_PT-BR.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_PT.cab
c:\progra~1\Crawler\Toolbar\Languages\TBR5_RU.cab
c:\progra~1\Crawler\Toolbar\lookfor.dat
c:\progra~1\Crawler\Toolbar\rootmenu.dat
c:\progra~1\Crawler\Toolbar\services.dat
c:\progra~1\Crawler\Toolbar\stwsg_ff.dat
c:\progra~1\Crawler\Toolbar\STWSGLanguageAct\info.ini
c:\progra~1\Crawler\Toolbar\STWSGLanguageAct\language.ini
c:\progra~1\Crawler\Toolbar\TBR5LanguageAct\info.ini
c:\progra~1\Crawler\Toolbar\TBR5LanguageAct\language.ini
c:\progra~1\Crawler\Toolbar\Update\domains.cab
c:\progra~1\Crawler\Toolbar\WebSecurityGuard.dll
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_000.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_000_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_001.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_001_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_002.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_002_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_003.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_003_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_004.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_004_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_005.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_005_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_006.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_006_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_007.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_007_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_008.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_008_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_009.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_009_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_010.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_010_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_011.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_011_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_012.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_012_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_013.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_013_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_014.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_014_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_015.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_015_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_016.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_016_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_017.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_017_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_018.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_018_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_019.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_019_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_020.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_020_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_021.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_021_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_022.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_022_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_023.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_023_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_024.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_024_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_025.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_025_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_026.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_026_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_027.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_027_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_028.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_028_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_029.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_029_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_030.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_030_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_031.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_031_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_032.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_032_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_033.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_033_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_034.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_034_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_035.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_035_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_036.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_036_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_037.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_037_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_038.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_038_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_039.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_039_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_040.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\domains_040_diff.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\index.dat
c:\progra~1\Crawler\Toolbar\WSGData\domains\TopList.dat
c:\progra~1\Crawler\Toolbar\WSGData\ud_S-1-5-21-1123561945-1085031214-839522115-500.dat
c:\progra~1\Crawler\Toolbar\WSGData\uv_S-1-5-21-1123561945-1085031214-839522115-500.dat
c:\progra~1\Crawler\Toolbar\WSGData\wfilter.dat
c:\program files\CentrumczToolbar
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\autocomplete.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils.xpt
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils2.dll
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils3.dll
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils35.dll
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\notifications.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\sp.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome.manifest
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\after_install.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\After_uninstall.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\autocomplete-popup.xml
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\config.xml
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\contexthtml.xul
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\custom.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\ex\marquee.xml
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\about.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_AB.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_ABSearch.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_arrow.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_bottom_shadow.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_confirm.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_confirmTbr.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_logo.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_search.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_searchSearchBox.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_style.css
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\bubble_top_shadow.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\deletehistory_processing.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_config.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifier.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierBackground.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierBullet.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierClose.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierDown.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierDownActive.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierDownDisabled.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierIco.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierNext.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierNextActive.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierNextDisabled.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierPrevious.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierPreviousActive.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierPreviousDisabled.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierScrollbar.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierSettings.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierUp.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierUpActive.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\emailchecker_notifierUpDisabled.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBAccess.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBCalc.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBExcel.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBExplorer.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBMediaPlayer.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBNotepad.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBOutlook.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBOutlookExpress.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBPaint.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBPowerPoint.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\icoUBWord.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!backgroundFial.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!backgroundGrey.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!backgroundRed.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!bullet.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!close.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!icoiDNES.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!icoRead.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!icoRSS.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!icoSimple.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!icoUnread.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!logo.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!logoZena.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!settings.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_!tabHilighted.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_advanced.css
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_advanced.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_advancedZena.css
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_config.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\rssreader_simple.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_askdialog.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_background.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_closedialog.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_checkboxdialog.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_icohelp.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_loading.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_logo.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_main.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_menu1.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_menu2.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_menu3.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_menu4.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\settings_style.css
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tabswelcome.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tabswelcome_button.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tabswelcome_button_hilight.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tabswelcome_ie7footer.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tabswelcome_ie7header.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tabswelcome_ie8footer.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tabswelcome_ie8header.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\tbapi.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\ticker_config.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\toolbarprotector_window.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\updater_error.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\updater_ok.gif
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html\updater_processing.htm
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\htmlwindow.xul
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\imageButton.xml
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\Languages\cs.ini
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\Languages\en.ini
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\Languages\languages.cfg
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\bubbles.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\cache.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\cookie.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\directory.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\dns.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\dom.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\dragdrop.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\file.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\chevron.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\include.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\include_lite.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\loader.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\log.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\mutex.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\newtab.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\pass.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\prefs.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\privacy.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\refreshControl.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\registry.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\resources.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\searches.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\searchplugin.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\searchProvs.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\settings.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\splitter.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\stats.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\tabs.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\translation.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\update.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\updatecontrol.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\updateext.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\updater.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\updates.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\usefulbuttons.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\utils.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\visibility.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\wrapper.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\xml.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\xmlconfig.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\xmlitems.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex\mail.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex\mime.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex\pop3.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex\rss.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex\ticker.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex\xmlitemsex.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\overlay.js
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\overlay.xul
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\searchProviders.xml
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\icons\default\IGeared_cetrumczp_htmlwindow.ico
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\contexthtml.css
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\dragdrop.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\emailchecker_icoEmail.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\emailchecker_icoEmailNew.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\gripper.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\chevron.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoAbout.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoAktualne.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoFotoalba.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoGoButtonBG.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoHomepage.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoHoroskopy.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoIcq.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoMagaziny.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoOptions.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoPocasi.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoSport.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoStahuj.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoTelevize.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoTrash.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBAccess.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBCalc.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBExcel.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBExplorer.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBMediaPlayer.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBNotepad.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBOutlook.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBOutlookExpress.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBPaint.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBPowerPoint.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUBWord.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoUpdate.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\icoZena.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\logo.ico
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\logo.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\overlay.css
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\rssreader_!icoRead.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\rssreader_!icoUnread.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\Search_provider_drop.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\searchProvider.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\settings_icon.ico
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\slider.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\spFirma.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\spImages.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\spMapy.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\spSearch.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\spSlovnik.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\spZbozi.png
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin\toolbarprotector_icon.ico
c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\install.rdf
c:\program files\CentrumczToolbar\Firefox\sp.xml
c:\program files\CentrumczToolbar\IE8Lib.dll
c:\program files\CentrumczToolbar\IEToolbar.dll
c:\program files\CentrumczToolbar\ToolbarBroker.exe
c:\program files\CentrumczToolbar\unins000.dat
c:\program files\CentrumczToolbar\unins000.exe
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.bmp
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\cond000.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond001.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond003.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond004.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond005.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond006.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond007.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond008.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond009.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond010.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond011.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond019.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond020.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond021.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond022.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond023.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond024.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond025.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond026.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond037.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond038.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond039.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond040.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond041.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond046.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond048.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond050.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond051.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond052.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond053.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond054.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond055.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond056.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond057.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond058.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond059.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond060.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond061.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond062.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond063.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond064.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond065.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond066.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond067.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond068.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond069.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond075.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond076.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond077.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond078.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond079.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond080.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond084.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond085.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond086.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond087.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond088.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond089.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond090.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond091.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond092.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond093.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond094.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond095.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond108.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond109.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond110.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond111.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond112.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond113.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond120.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond121.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond122.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond126.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond127.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond128.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond129.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond130.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond131.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond132.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond133.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond134.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond135.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond136.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond137.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond138.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond140.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond141.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond142.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond143.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond148.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond149.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond152.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond154.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond155.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond156.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond157.gif
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\download.ico
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\home.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\noW.gif
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\time.ico
c:\program files\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
c:\program files\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
c:\program files\FreeOnlineRadioPlayerRecorder\prxtbFre0.dll
c:\program files\Trojan Remover
c:\program files\Trojan Remover\epack.dta
c:\program files\Trojan Remover\reflist.dta
c:\program files\Trojan Remover\rmt.dta
c:\program files\Trojan Remover\Rmvtrjan.exe
c:\program files\Trojan Remover\Sschk.exe
c:\program files\Trojan Remover\tr.bmp
c:\program files\Trojan Remover\trj_list.dta
c:\program files\Trojan Remover\trjhelp.chm
c:\program files\Trojan Remover\trjlist10.dta
c:\program files\Trojan Remover\trjlist11.dta
c:\program files\Trojan Remover\trjlist12.dta
c:\program files\Trojan Remover\trjlist13.dta
c:\program files\Trojan Remover\trjlist14.dta
c:\program files\Trojan Remover\trjlist15.dta
c:\program files\Trojan Remover\trjlist16.dta
c:\program files\Trojan Remover\trjlist17.dta
c:\program files\Trojan Remover\trjlist18.dta
c:\program files\Trojan Remover\trjlist19.dta
c:\program files\Trojan Remover\trjlist2.dta
c:\program files\Trojan Remover\trjlist20.dta
c:\program files\Trojan Remover\trjlist21.dta
c:\program files\Trojan Remover\trjlist22.dta
c:\program files\Trojan Remover\trjlist3.dta
c:\program files\Trojan Remover\trjlist4.dta
c:\program files\Trojan Remover\trjlist5.dta
c:\program files\Trojan Remover\trjlist6.dta
c:\program files\Trojan Remover\trjlist7.dta
c:\program files\Trojan Remover\trjlist8.dta
c:\program files\Trojan Remover\trjlist9.dta
c:\program files\Trojan Remover\Trjscan.exe
c:\program files\Trojan Remover\Trjscan.LOG
c:\program files\Trojan Remover\Trshlex.dll
c:\program files\Trojan Remover\trunins.exe
c:\program files\Trojan Remover\trupd.exe
c:\program files\Trojan Remover\trweb1.dta
c:\program files\Trojan Remover\unins000.dat
c:\program files\Trojan Remover\unins000.exe
c:\program files\Trojan Remover\unins000.msg
c:\program files\Zrychleni Pocitace
c:\program files\Zrychleni Pocitace\App.config
c:\program files\Zrychleni Pocitace\Icon.ico
c:\program files\Zrychleni Pocitace\PCSpeedUp.lnk
c:\program files\Zrychleni Pocitace\PCSpeedUp.xap
c:\program files\Zrychleni Pocitace\PCSUHelper.dll
c:\program files\Zrychleni Pocitace\PCSUService.conf
c:\program files\Zrychleni Pocitace\PCSUService.exe
c:\program files\Zrychleni Pocitace\PCSUService.log
c:\program files\Zrychleni Pocitace\unins000.dat
c:\program files\Zrychleni Pocitace\unins000.exe
c:\windows\av_ico
c:\windows\av_ico\ico_mcafee_start.ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\ehome\medctrro.exe
c:\windows\system32\ConduitEngine.tmp
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-3-0-lnk
c:\windows\update.tray-3-0
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-9-0
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE1C9B3BD98DA55AA
-------\Legacy_GUPDATEM
-------\Legacy_GUSVC
-------\Legacy_MCCOMPONENTHOSTSERVICE
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_SRVSYSDRIVER32
-------\Legacy_WXPDRIVERS
-------\Service_gupdate1c9b3bd98da55aa
-------\Service_gupdatem
-------\Service_gusvc
-------\Service_McComponentHostService
-------\Service_NBService
-------\Service_srvbtcclient
-------\Service_srviecheck
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-25 do 2011-08-25 )))))))))))))))))))))))))))))))
.
.
2011-08-23 17:27 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-23 17:27 . 2011-08-23 17:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-23 17:27 . 2011-08-23 17:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-23 17:27 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-23 15:38 . 2011-08-25 16:19 -------- d-----w- c:\program files\trend micro
2011-08-23 15:38 . 2011-08-23 18:44 -------- d-----w- C:\rsit
2011-08-23 15:22 . 2011-08-23 15:23 -------- d-----w- c:\documents and settings\Administrator.MAREK-D279A91B6
2011-08-22 19:53 . 2011-08-22 19:53 -------- d-----w- c:\program files\ESET
2011-08-22 19:18 . 2011-08-22 19:19 -------- d-----w- c:\documents and settings\TEMP
2011-08-22 19:12 . 2011-08-22 19:12 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-22 18:02 . 2011-08-22 18:02 -------- d-----w- c:\program files\AVAST Software
2011-08-22 18:02 . 2011-08-22 18:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-08-22 17:57 . 2011-08-22 17:57 -------- d-----w- c:\windows\LastGood.Tmp
2011-08-22 17:57 . 2008-07-01 07:04 30728 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2011-08-22 13:23 . 2011-08-22 13:23 -------- d-----w- c:\program files\Common Files\Java
2011-08-21 19:32 . 2011-08-21 19:32 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2011-08-21 19:29 . 2011-08-21 19:29 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2011-08-19 08:05 . 2011-05-25 03:53 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-08-19 08:05 . 2011-05-25 03:53 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-08-19 08:05 . 2011-05-25 03:47 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-08-19 08:05 . 2011-05-25 03:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-08-19 08:05 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-19 08:05 . 2011-05-25 02:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-08-19 08:05 . 2011-05-25 02:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-19 08:05 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\program files\ATI
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\ATI
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\documents and settings\Default User\Data aplikací\ATI
2011-08-19 07:54 . 2011-08-19 07:54 -------- d-----w- C:\ATI
2011-08-19 07:26 . 2011-08-19 07:26 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-08-10 13:03 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 13:02 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-17 09:10 . 2009-05-23 18:44 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-17 09:10 . 2009-06-27 15:10 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-08-17 09:10 . 2009-05-23 18:44 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-10 15:21 . 2009-05-23 18:44 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-15 13:29 . 2004-08-03 21:15 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-10-25 14:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-29 18:25 . 2009-11-08 17:20 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-29 13:19 . 2011-06-29 13:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-24 14:10 . 2009-04-02 11:02 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 18:31 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 12:05 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-17 13:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-15 18:24 . 2011-06-15 21:52 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-06-06 11:35 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2010-08-20 11:13 . 2009-04-05 16:17 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-23_15.23.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-25 19:13 . 2011-08-25 19:13 16384 c:\windows\temp\Perflib_Perfdata_7c8.dat
+ 2009-11-20 18:30 . 2011-08-25 17:44 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-20 18:30 . 2011-08-23 14:32 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-20 18:30 . 2011-08-25 17:44 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-11-20 18:30 . 2011-08-23 14:32 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-08-23 15:32 . 2011-08-25 17:44 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"KONICA MINOLTA PagePro 1350WStatusDisplay"="c:\windows\system32\MSTMON_Q.EXE" [2004-11-26 167936]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2003-08-13 147456]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-20 30192]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-09 2176512]
"PDFPrint"="d:\program files\pdf24\pdf24.exe" [2011-02-01 220552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Corel MEDIA FOLDERS INDEXER 8.LNK - d:\program files\cd8\Programs\MFIndexer.exe [2009-4-2 83456]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico [2010-9-20 6144]
WinZip Quick Pick.lnk - d:\program files\WinZip\WZQKPICK.EXE [2008-9-10 525664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"d:\\Program Files\\Graphisoft\\ArchiCAD 14\\ArchiCAD.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [24.5.2009 13:23 64512]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.5.2009 20:05 691696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.4.2010 18:46 142592]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;d:\program files\finereader\NetworkLicenseServer.exe [24.9.2007 19:11 566560]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [2.4.2009 14:02 81356]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [25.5.2011 2:00 2151640]
R2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [22.7.2003 9:44 18848]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [2.4.2009 14:02 39182]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [2.4.2009 14:02 9804]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [9.12.2009 14:47 12032]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [2.4.2009 14:06 6085]
S2 ddservice;ddservice;c:\windows\update.7.1\svchostdriver.exe srv --> c:\windows\update.7.1\svchostdriver.exe srv [?]
S2 ekrn;Eset Service;"c:\program files\ESET\ESET Smart Security\ekrn.exe" --> c:\program files\ESET\ESET Smart Security\ekrn.exe [?]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2.4.2009 14:54 247608]
S2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe --> c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [5.4.2009 18:17 30192]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [25.5.2011 2:00 15232]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-25 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-05-25 11:19]
.
2011-05-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 18:05]
.
2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 18:05]
.
2011-08-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1085031214-839522115-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1085031214-839522115-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-22 c:\windows\Tasks\Reimage Reminder.job
- c:\program files\Reimage\Reimage Repair\ReimageReminder.exe [2010-04-19 07:15]
.
.
------- Doplňkový sken -------
.
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
FF - ProfilePath - c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\Mozilla\Firefox\Profiles\1t9gp4sa.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Centrum.cz Toolbar_is1 - c:\program files\CentrumczToolbar\unins000.exe
AddRemove-CToolbar_UNINSTALL - c:\progra~1\Crawler\Toolbar\CToolbar.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-PCSU-SL_is1 - c:\program files\Zrychleni Pocitace\unins000.exe
AddRemove-Trojan Remover_is1 - c:\program files\Trojan Remover\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-25 21:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1400)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(4032)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\program files\cd8\programs\CMFFld80.dll
d:\progra~1\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
d:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\windows\system32\msiexec.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Razer\Lachesis\OSD.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Razer\Lachesis\razertra.exe
c:\program files\Razer\Lachesis\razerofa.exe
c:\documents and settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive\CNET TechTracker\TechTracker.exe
.
**************************************************************************
.
Celkový čas: 2011-08-25 21:17:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-25 19:17
ComboFix2.txt 2011-08-23 15:26
.
Před spuštěním: Volných bajtů: 13 139 968 000
Po spuštění: Volných bajtů: 13 097 521 152
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 19D5FCBED7B9BCFB2417A871C35CEBB5

#10 Příspěvek od **vyosek** » 25 srp 2011 20:25

Jeste jeden skript pro ComboFix - postup stejny

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\ICQ6Toolbar
c:\program files\ESET\ESET Smart Security
c:\windows\update.7.1

Driver::
ddservice
ekrn
ICQ Service

FixCSet::

File::
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1085031214-839522115-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1085031214-839522115-500.job
C:\WINDOWS\tasks\Reimage Reminder.job

Reboot::

Maross.s · #11 Příspěvek od **Maross.s** » 26 srp 2011 15:53

Tak už to vypadá, že vše jede, že je vše vpořádku

. Moc děkuji za pomoc

.

#12 Příspěvek od **vyosek** » 26 srp 2011 15:56

Dejte mi sem prosim log po aplikaci druheho skriptu pro CFko

Maross.s · #13 Příspěvek od **Maross.s** » 26 srp 2011 15:59

ComboFix 11-08-22.03 - Administrator 25.08.2011 21:41:17.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2870 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator.MAREK-D279A91B6\Plocha\CFScript.txt
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\tasks\Ad-Aware Update (Weekly).job"
"c:\windows\tasks\AppleSoftwareUpdate.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1085031214-839522115-500.job"
"c:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1085031214-839522115-500.job"
"c:\windows\tasks\Reimage Reminder.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\64dlls.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\intel64.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\Kernel32.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\localsys64.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\ntos.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\oembios.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\sdra64.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\sdra73.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\swin32.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\twex.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\twext.exe
c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\wsnpoema.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\windows\tasks\Ad-Aware Update (Weekly).job
c:\windows\tasks\AppleSoftwareUpdate.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-1123561945-1085031214-839522115-500.job
c:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-1123561945-1085031214-839522115-500.job
c:\windows\tasks\Reimage Reminder.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DDSERVICE
-------\Legacy_EKRN
-------\Legacy_ICQ_SERVICE
-------\Service_ddservice
-------\Service_ekrn
-------\Service_ICQ Service
-------\Service_EhttpSrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-26 do 2011-08-26 )))))))))))))))))))))))))))))))
.
.
2011-08-23 17:27 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-23 17:27 . 2011-08-23 17:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-23 17:27 . 2011-08-23 17:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-23 17:27 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-23 15:38 . 2011-08-25 16:19 -------- d-----w- c:\program files\trend micro
2011-08-23 15:38 . 2011-08-23 18:44 -------- d-----w- C:\rsit
2011-08-23 15:22 . 2011-08-23 15:23 -------- d-----w- c:\documents and settings\Administrator.MAREK-D279A91B6
2011-08-22 19:53 . 2011-08-22 19:53 -------- d-----w- c:\program files\ESET
2011-08-22 19:18 . 2011-08-22 19:19 -------- d-----w- c:\documents and settings\TEMP
2011-08-22 19:12 . 2011-08-22 19:12 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-22 18:02 . 2011-08-22 18:02 -------- d-----w- c:\program files\AVAST Software
2011-08-22 18:02 . 2011-08-22 18:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-08-22 17:57 . 2008-07-01 07:04 30728 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2011-08-22 13:23 . 2011-08-22 13:23 -------- d-----w- c:\program files\Common Files\Java
2011-08-21 19:32 . 2011-08-21 19:32 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2011-08-21 19:29 . 2011-08-21 19:29 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2011-08-19 08:05 . 2011-05-25 03:53 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-08-19 08:05 . 2011-05-25 03:53 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-08-19 08:05 . 2011-05-25 03:47 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-08-19 08:05 . 2011-05-25 03:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-08-19 08:05 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-19 08:05 . 2011-05-25 02:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-08-19 08:05 . 2011-05-25 02:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-19 08:05 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\program files\ATI
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\ATI
2011-08-19 08:05 . 2011-08-19 08:05 -------- d-----w- c:\documents and settings\Default User\Data aplikací\ATI
2011-08-19 07:54 . 2011-08-19 07:54 -------- d-----w- C:\ATI
2011-08-19 07:26 . 2011-08-19 07:26 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-08-10 13:03 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 13:02 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-17 09:10 . 2009-05-23 18:44 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-17 09:10 . 2009-06-27 15:10 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-08-17 09:10 . 2009-05-23 18:44 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-10 15:21 . 2009-05-23 18:44 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-15 13:29 . 2004-08-03 21:15 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-10-25 14:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-29 18:25 . 2009-11-08 17:20 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-29 13:19 . 2011-06-29 13:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-24 14:10 . 2009-04-02 11:02 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 18:31 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 12:05 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-17 13:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-15 18:24 . 2011-06-15 21:52 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-06-06 11:35 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2010-08-20 11:13 . 2009-04-05 16:17 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-23_15.23.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-26 14:40 . 2011-08-26 14:40 16384 c:\windows\temp\Perflib_Perfdata_608.dat
+ 2009-11-20 18:30 . 2011-08-25 17:44 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-20 18:30 . 2011-08-23 14:32 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-20 18:30 . 2011-08-25 17:44 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-11-20 18:30 . 2011-08-23 14:32 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-08-25 19:21 . 2011-08-25 19:21 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
- 2010-08-22 18:22 . 2010-08-22 18:22 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"KONICA MINOLTA PagePro 1350WStatusDisplay"="c:\windows\system32\MSTMON_Q.EXE" [2004-11-26 167936]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2003-08-13 147456]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-20 30192]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-09 2176512]
"PDFPrint"="d:\program files\pdf24\pdf24.exe" [2011-02-01 220552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Corel MEDIA FOLDERS INDEXER 8.LNK - d:\program files\cd8\Programs\MFIndexer.exe [2009-4-2 83456]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico [2010-9-20 6144]
WinZip Quick Pick.lnk - d:\program files\WinZip\WZQKPICK.EXE [2008-9-10 525664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"d:\\Program Files\\Graphisoft\\ArchiCAD 14\\ArchiCAD.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [24.5.2009 13:23 64512]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.5.2009 20:05 691696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [9.4.2010 18:46 142592]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;d:\program files\finereader\NetworkLicenseServer.exe [24.9.2007 19:11 566560]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [2.4.2009 14:02 81356]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [25.5.2011 2:00 2151640]
R2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [22.7.2003 9:44 18848]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [2.4.2009 14:02 39182]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [2.4.2009 14:02 9804]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [9.12.2009 14:47 12032]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [2.4.2009 14:06 6085]
S2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe --> c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [5.4.2009 18:17 30192]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-26 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-05-25 11:19]
.
.
------- Doplňkový sken -------
.
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
FF - ProfilePath - c:\documents and settings\TEMP.MAREK-D279A91B6\Data aplikací\Mozilla\Firefox\Profiles\1t9gp4sa.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-26 16:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1408)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3380)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\program files\cd8\programs\CMFFld80.dll
d:\progra~1\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
d:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\PnkBstrA.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\documents and settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive\CNET TechTracker\TechTracker.exe
c:\program files\Razer\Lachesis\OSD.exe
c:\program files\Razer\Lachesis\razertra.exe
c:\program files\Razer\Lachesis\razerofa.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2011-08-26 16:44:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-26 14:44
ComboFix2.txt 2011-08-25 19:17
ComboFix3.txt 2011-08-23 15:26
.
Před spuštěním: Volných bajtů: 11 593 170 944
Po spuštění: Volných bajtů: 13 013 827 584
.
- - End Of File - - 6FCC551FECDF57E74C3048A99D8F36A6

#14 Příspěvek od **vyosek** » 26 srp 2011 16:05

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate

Doporucuji odinstalovat Ad-Aware - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Nahrady za Ad-Aware:
- Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
- SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
Samozrejme pouzivejte jen jeden z nich
Osobne doporucuji SuperAntiSpyware

Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

Dejte novy log z RSIT a napiste jak se chova PC

Maross.s · #15 Příspěvek od **Maross.s** » 26 srp 2011 18:17

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-08-26 19:17:02
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 15 GB (30%) free of 50 GB
Total RAM: 3326 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:09, on 26.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\MSTMON_Q.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
D:\Program Files\pdf24\pdf24.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
D:\Program Files\finereader\NetworkLicenseServer.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
D:\Program Files\Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Firefox\plugin-container.exe
C:\Documents and Settings\Administrator.MAREK-D279A91B6\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] C:\WINDOWS\system32\MSTMON_Q.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [PDFPrint] D:\Program Files\pdf24\pdf24.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CNET TechTracker.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = D:\Program Files\cd8\Programs\MFIndexer.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\finereader\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 8826 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Mozilla\Firefox\Profiles\4qair42l.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\PROGRA~1\Crawler\firefox\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609]
"Description"=12.0.1.609
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

D:\Program Files\Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

D:\Program Files\Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-18 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-04-26 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-18 305328]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-08-26 16851456]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"KONICA MINOLTA PagePro 1350WStatusDisplay"=C:\WINDOWS\system32\MSTMON_Q.EXE [2004-11-26 167936]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2003-08-13 147456]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"PDFPrint"=D:\Program Files\pdf24\pdf24.exe [2011-02-01 220552]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Corel MEDIA FOLDERS INDEXER 8.LNK - D:\Program Files\cd8\Programs\MFIndexer.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
VPN Client.lnk - C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico
WinZip Quick Pick.lnk - D:\Program Files\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Administrator.MAREK-D279A91B6\Nabídka Start\Programy\Po spuštění
CNET TechTracker.lnk - C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive\CNET TechTracker\TechTracker.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-05-25 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\uTorrent\utorrent.exe"="D:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Program Files\Graphisoft\ArchiCAD 14\ArchiCAD.exe"="D:\Program Files\Graphisoft\ArchiCAD 14\ArchiCAD.exe:*:Disabled:ArchiCAD 14.0"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2011-08-26 19:17:02 ----D---- C:\rsit
2011-08-26 19:08:32 ----D---- C:\Program Files\SUPERAntiSpyware
2011-08-26 18:52:46 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\SUPERAntiSpyware.com
2011-08-26 18:52:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-08-26 18:45:32 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-08-26 18:45:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-08-26 18:45:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-08-26 18:45:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-08-26 18:45:30 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-08-26 18:45:30 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-08-26 18:45:30 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-08-26 18:45:30 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-08-26 18:42:31 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-08-26 18:42:31 ----A---- C:\WINDOWS\avastSS.scr
2011-08-26 17:51:27 ----SHD---- C:\RECYCLER
2011-08-25 21:45:35 ----D---- C:\WINDOWS\temp
2011-08-25 21:21:40 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Skype
2011-08-25 21:13:51 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Identities
2011-08-23 21:20:55 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-08-23 19:27:46 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Malwarebytes
2011-08-23 19:27:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-23 19:21:42 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\OpenCandy
2011-08-23 19:21:42 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\CBS Interactive
2011-08-23 18:11:30 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Ahead
2011-08-23 17:38:23 ----D---- C:\Program Files\trend micro
2011-08-23 17:27:24 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Macromedia
2011-08-23 17:27:24 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Adobe
2011-08-23 17:26:29 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Mozilla
2011-08-23 17:22:44 ----SD---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\Microsoft
2011-08-23 17:22:44 ----D---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\ATI
2011-08-23 17:22:44 ----ASH---- C:\Documents and Settings\Administrator.MAREK-D279A91B6\Data aplikací\desktop.ini
2011-08-23 16:40:11 ----A---- C:\Boot.bak
2011-08-23 16:40:08 ----RASHD---- C:\cmdcons
2011-08-22 21:10:51 ----D---- C:\Config.Msi
2011-08-22 20:40:10 ----D---- C:\WINDOWS\pss
2011-08-22 20:02:16 ----D---- C:\Program Files\AVAST Software
2011-08-22 20:02:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-22 15:23:11 ----D---- C:\Program Files\Common Files\Java
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atioglxx.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-08-19 10:05:15 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-08-19 10:05:11 ----D---- C:\Program Files\ATI
2011-08-19 09:54:23 ----D---- C:\ATI
2011-08-10 22:15:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-10 22:15:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-10 22:15:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-10 22:12:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-10 22:12:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-03 09:50:33 ----D---- C:\Program Files\ConduitEngine
2011-08-02 23:45:24 ----D---- C:\Program Files\Conduit
2011-08-02 23:45:21 ----D---- C:\Program Files\FreeOnlineRadioPlayerRecorder
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2011-08-02 23:45:02 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll

======List of files/folders modified in the last 1 month======

2011-08-26 19:15:14 ----D---- C:\WINDOWS\Prefetch
2011-08-26 19:14:37 ----D---- C:\WINDOWS
2011-08-26 19:14:00 ----D---- C:\Documents and Settings
2011-08-26 19:12:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-26 19:12:50 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-26 19:08:32 ----RD---- C:\Program Files
2011-08-26 18:58:20 ----D---- C:\WINDOWS\system32\drivers
2011-08-26 18:42:31 ----D---- C:\WINDOWS\system32
2011-08-26 18:36:42 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-26 18:33:32 ----HD---- C:\WINDOWS\inf
2011-08-26 18:22:40 ----D---- C:\WINDOWS\WinSxS
2011-08-26 18:21:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-08-26 18:21:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-08-26 18:20:40 ----SHD---- C:\WINDOWS\Installer
2011-08-26 18:19:13 ----RSD---- C:\WINDOWS\assembly
2011-08-26 18:15:57 ----D---- C:\WINDOWS\Minidump
2011-08-26 18:11:49 ----SD---- C:\WINDOWS\Tasks
2011-08-26 17:56:19 ----SHD---- C:\System Volume Information
2011-08-26 17:56:19 ----D---- C:\WINDOWS\system32\Restore
2011-08-26 17:48:32 ----A---- C:\WINDOWS\system.ini
2011-08-26 17:48:27 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-26 17:47:13 ----D---- C:\WINDOWS\AppPatch
2011-08-26 17:47:11 ----D---- C:\Program Files\Common Files
2011-08-26 17:40:10 ----D---- C:\WINDOWS\system32\config
2011-08-25 19:51:45 ----D---- C:\WINDOWS\ehome
2011-08-23 20:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-08-23 16:40:11 ----RASH---- C:\boot.ini
2011-08-22 21:45:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-08-22 21:12:57 ----D---- C:\WINDOWS\system32\wbem
2011-08-22 21:12:35 ----D---- C:\WINDOWS\Registration
2011-08-22 20:41:27 ----A---- C:\WINDOWS\win.ini
2011-08-22 20:41:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-08-22 19:57:49 ----D---- C:\Program Files\Clownfish
2011-08-22 19:16:01 ----A---- C:\WINDOWS\NeroDigital.ini
2011-08-22 15:23:00 ----D---- C:\Program Files\Java
2011-08-19 10:05:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-19 10:05:13 ----D---- C:\Program Files\ATI Technologies
2011-08-19 09:50:07 ----D---- C:\WINDOWS\Debug
2011-08-17 11:10:35 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-08-11 15:46:03 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-10 22:16:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-10 22:15:07 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-10 22:13:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-10 22:12:52 ----D---- C:\Program Files\Internet Explorer
2011-08-02 22:45:18 ----D---- C:\Program Files\ICQ7.5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-11 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2002-06-24 81356]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 MLPTDR_Q;MLPTDR_Q; \??\C:\WINDOWS\system32\MLPTDR_Q.SYS []
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2002-06-24 39182]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2002-06-24 9804]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-05-25 6554624]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-11-16 131984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-27 4754432]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S3 angjw0sv;angjw0sv; C:\WINDOWS\system32\drivers\angjw0sv.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-08-26 3684352]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; D:\Program Files\finereader\NetworkLicenseServer.exe [2007-09-24 566560]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-05-25 643072]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-22 75136]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-04-03 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-21 867080]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

VIRY.CZ

Facebook VIR

Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR

Re: Facebook VIR