Prosím o kontrolu logu-gamepady nefungují ve hrách

[AleRx8]

Čau, po opravdu dlouhé době mám opět problémy s funkčností nějakých věcí. No a jelikož nikdo neví, co s tím, tak jako poslední možnost vidím ten log. Tak tady je:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:09:41, on 15.9.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
E:\Windows\system32\taskhost.exe
E:\Windows\system32\Dwm.exe
E:\Windows\Explorer.EXE
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\AVG\AVG9\avgtray.exe
E:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
E:\Program Files\RocketDock\RocketDock.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
E:\Program Files\Opera\opera.exe
E:\Windows\system32\taskhost.exe
E:\Users\AleRx8\Desktop\MovieEditPro15_silver_store_v3_UK.exe
E:\Windows\system32\SearchFilterHost.exe
E:\Program Files\MAGIX\Movie_Edit_Pro_15_silver\mxcdr\setup.exe
E:\Program Files\MAGIX\Speed2_burnR_mxcdr\Speed.exe
E:\Users\AleRx8\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... 2dqXQG6oOA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
F2 - REG:system.ini: UserInit=E:\Windows\system32\userinit.exe,E:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] E:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "E:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [RocketDock] "E:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Startup: ubisoft register.lnk = E:\Program Files\Ubi Soft\Register\schedule.exe
O8 - Extra context menu item: Download all by FlashGet3 - E:\Users\AleRx8\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - E:\Users\AleRx8\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: e:\program files\vmware\vmware player\vsocklib.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AMD External Events Utility - AMD - E:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - E:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - E:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - E:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - E:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - E:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - E:\Windows\system32\vmnat.exe
O23 - Service: XobniService - Xobni Corporation - E:\Program Files\Xobni\XobniService.exe

--
End of file - 7558 bytes

Díky moc

[Reklama]

[jaro3]

Příště novější verzi HJT (2.0.4.,nebo 2.0.3Beta):
http://www.trendsecure.com/portal/en-US ... s/download


Odinstaluj:
MyWebSearch (jak si takový humus můžeš pořád stahovat a instalovat)...

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... 2dqXQG6oOA
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "E:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[AleRx8]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4628

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16.9.2010 16:41:58
mbam-log-2010-09-16 (16-41-58).txt

Typ skenu: Rychlý sken
Skenované objekty: 140314
Uplynulý čas: 4 minuta(y), 48 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 24
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 6
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
E:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
E:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
E:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
E:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
E:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
E:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

Infikované soubory:
E:\Program Files\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> No action taken.
E:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.


Vymazal jsem vše co jsi napsal, ale některé položky už v HJT nebyly (hlavně ten debilní program, který už můj počítač doufám v životě neuvidí )

[jaro3]

OK!

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

[AleRx8]

ComboFix 10-09-16.06 - AleRx8 17.09.2010 14:37:29.5.4 - x86
Microsoft Windows 7 Ultimate N 6.1.7600.0.1250.420.1033.18.3071.2328 [GMT 2:00]
Spuštěný z: e:\users\AleRx8\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\windows\system32\img_utils.dll
e:\windows\system32\imgscaler.dll
e:\windows\system32\videocore.dll
e:\windows\system32\videoformat.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-17 do 2010-09-17 )))))))))))))))))))))))))))))))
.

2010-09-17 12:28 . 2010-09-17 12:28 -------- d-----w- e:\programdata\ATI
2010-09-16 13:43 . 2010-09-16 13:43 -------- d-----w- e:\users\AleRx8\DoctorWeb
2010-09-15 16:15 . 2009-11-26 09:26 188928 ----a-w- e:\programdata\Softland\Backup4all Lite 4\Plugins\MicrosoftOutlookSources.dll
2010-09-15 16:15 . 2009-11-26 09:26 173056 ----a-w- e:\programdata\Softland\Backup4all Lite 4\Plugins\OutlookExpressSources.dll
2010-09-15 16:14 . 2010-09-15 16:14 -------- d-----w- e:\programdata\Softland
2010-09-15 16:14 . 2010-09-15 16:14 -------- d-----w- e:\program files\Softland
2010-09-15 16:10 . 2010-09-15 16:10 -------- d-----w- e:\users\AleRx8\AppData\Roaming\MAGIX
2010-09-15 16:08 . 2004-09-13 11:29 200704 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\licgen.exe
2010-09-15 16:08 . 2003-11-04 16:20 6144 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\components\videowritetest.exe
2010-09-15 16:08 . 2003-10-09 09:56 513088 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\WMDS.dll
2010-09-15 16:08 . 1997-10-15 20:03 18944 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\components\shelexec.exe
2010-09-15 16:08 . 2010-09-15 16:09 -------- d-----w- e:\programdata\MAGIX
2010-09-15 16:08 . 2005-10-08 14:14 40960 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\Default\fcdummy.exe
2010-09-15 16:08 . 2010-09-15 16:09 -------- d-----w- e:\program files\MAGIX
2010-09-15 16:08 . 2007-04-27 07:43 120200 ----a-w- e:\windows\system32\DLLDEV32i.dll
2010-09-15 16:07 . 2010-09-15 16:07 -------- d-----w- e:\program files\Common Files\MAGIX Services
2010-09-15 13:30 . 2001-05-04 09:05 505104 ----a-r- e:\windows\system32\msxml.dll
2010-09-15 13:30 . 2002-10-17 08:35 26096 ----a-r- e:\windows\system32\xmlinst.exe
2010-09-15 13:30 . 2002-01-07 14:30 24576 ----a-r- e:\windows\system32\msxml3a.dll
2010-09-15 13:30 . 2001-05-04 09:05 28432 ----a-r- e:\windows\system32\msxmlr.dll
2010-09-15 13:30 . 2000-03-17 06:21 36864 ----a-r- e:\windows\system32\xmlparse.dll
2010-09-15 13:30 . 2000-03-17 06:21 69632 ----a-r- e:\windows\system32\xmltok.dll
2010-09-15 13:30 . 1998-06-17 22:00 89360 ----a-r- e:\windows\system32\VB5DB.DLL
2010-09-15 13:30 . 2010-09-15 13:30 -------- d-----w- e:\users\AleRx8\AppData\Roaming\ubi.com
2010-09-15 13:30 . 2001-07-30 16:03 185344 ----a-w- e:\windows\patchw32.dll
2010-09-15 13:30 . 2010-09-15 13:30 -------- d-----w- e:\program files\ubi.com
2010-09-15 13:30 . 2010-09-15 13:30 -------- d-----w- e:\program files\Common Files\PocketSoft
2010-09-15 13:27 . 2010-09-15 13:30 -------- d-----w- e:\program files\Ubi Soft
2010-09-14 13:06 . 2010-09-14 13:06 -------- d-----w- e:\program files\Recuva
2010-09-12 16:16 . 2010-09-12 16:16 53632 ----a-w- e:\users\AleRx8\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-12 16:12 . 2010-09-12 16:12 -------- d-----w- e:\users\AleRx8\AppData\Local\Downloaded Installations
2010-09-12 13:25 . 2010-09-16 15:38 -------- d-----w- e:\program files\Call of Duty Modern Warfare 2
2010-09-12 06:05 . 2010-09-12 06:05 -------- d-----w- e:\windows\Profiles
2010-09-12 06:05 . 2010-09-12 06:05 -------- d-----w- e:\windows\system32\Adobe
2010-09-12 06:05 . 2010-09-12 06:05 -------- d-----w- e:\users\AleRx8\AppData\Roaming\InterTrust
2010-09-12 06:04 . 1998-11-13 10:08 308224 ----a-w- e:\windows\IsUn0413.exe
2010-09-12 05:59 . 2010-09-12 06:02 -------- d-----w- e:\program files\KaM - The Peasants Rebellion
2010-09-11 06:27 . 2010-09-11 06:27 462864 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\d3dx10_37.dll
2010-09-11 06:27 . 2010-09-11 06:27 4068624 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\eawebkit.dll
2010-09-11 06:27 . 2010-09-11 06:27 3786760 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\d3dx9_37.dll
2010-09-11 06:27 . 2010-09-11 06:27 267536 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\gameplay.dll
2010-09-11 06:27 . 2010-09-11 06:27 1789200 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\gameplay.native.dll
2010-09-11 06:27 . 2010-09-11 06:27 10900752 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\nfsw.exe
2010-09-11 06:19 . 2010-09-11 06:19 883670 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\pb\pbcl.dll
2010-09-11 06:19 . 2010-09-11 06:19 57344 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\pb\pbag.dll
2010-09-11 06:15 . 2010-09-12 16:15 -------- d-----w- e:\programdata\Electronic Arts
2010-09-11 06:15 . 2010-09-12 16:13 -------- d-----w- e:\program files\Electronic Arts
2010-09-08 16:20 . 2010-09-09 16:35 -------- d-----w- e:\program files\AVI MPEG RM WMV Joiner
2010-09-08 16:19 . 2010-09-08 16:19 -------- d-----w- e:\program files\K-Lite Codec Pack
2010-09-08 16:14 . 2010-09-08 16:14 -------- d-----w- e:\program files\Easy Video Joiner
2010-09-08 16:07 . 2010-09-08 16:07 -------- d-----w- e:\program files\AVIJOINER
2010-09-04 08:04 . 2010-09-04 08:04 -------- d-----w- E:\$AVG
2010-09-04 07:57 . 2010-09-04 07:57 7383104 ----a-w- e:\users\AleRx8\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe
2010-08-31 15:32 . 2010-08-31 15:32 -------- d-----w- e:\program files\Fifa Master
2010-08-31 14:00 . 2010-08-31 14:00 -------- d--h--w- e:\windows\msdownld.tmp
2010-08-31 12:59 . 2010-08-31 12:59 -------- d-----w- e:\users\AleRx8\AppData\Roaming\AVG9
2010-08-31 12:53 . 2010-08-31 12:53 12536 ----a-w- e:\windows\system32\avgrsstx.dll
2010-08-31 12:53 . 2010-08-31 12:53 52872 ----a-w- e:\windows\system32\drivers\avgrkx86.sys
2010-08-31 12:53 . 2010-08-31 12:53 243024 ----a-w- e:\windows\system32\drivers\avgtdix.sys
2010-08-31 12:53 . 2010-08-31 12:53 216400 ----a-w- e:\windows\system32\drivers\avgldx86.sys
2010-08-31 12:53 . 2010-08-31 12:53 29584 ----a-w- e:\windows\system32\drivers\avgmfx86.sys
2010-08-31 12:53 . 2010-09-17 11:35 -------- d-----w- e:\windows\system32\drivers\Avg
2010-08-31 12:50 . 2010-08-31 12:50 -------- d-----w- e:\programdata\avg9
2010-08-31 12:48 . 2010-08-31 12:50 -------- d-----w- e:\program files\AVG
2010-08-28 09:57 . 2010-08-28 09:57 -------- d-----w- e:\users\AleRx8\AppData\Local\Google Translator (2)
2010-08-28 08:59 . 2010-08-28 08:59 -------- d-----w- e:\program files\iPod
2010-08-28 08:58 . 2010-08-28 08:59 -------- d-----w- e:\program files\QuickTime
2010-08-28 08:58 . 2010-08-28 08:58 -------- d-----w- e:\program files\Apple Software Update
2010-08-28 07:58 . 2010-08-28 07:58 -------- d-----w- e:\users\AleRx8\AppData\Local\Macroplant
2010-08-27 11:30 . 2010-08-27 11:30 -------- d-----w- e:\windows\TiMoC
2010-08-27 11:30 . 2010-08-27 11:30 -------- d-----w- e:\program files\TiMoC
2010-08-27 10:30 . 2010-08-27 13:47 -------- d-----w- e:\users\AleRx8\AppData\Local\Oblivion
2010-08-27 10:15 . 2010-08-27 10:15 -------- d-----w- e:\program files\Bethesda Softworks
2010-08-26 10:58 . 2010-08-26 11:04 -------- d-----w- e:\program files\Metro 2033 Demo
2010-08-26 03:36 . 2010-08-26 03:36 6380032 ----a-w- e:\windows\system32\drivers\atikmdag.sys
2010-08-26 02:01 . 2010-08-26 02:01 143360 ----a-w- e:\windows\system32\atiapfxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 450560 ----a-w- e:\windows\system32\ATIDEMGX.dll
2010-08-26 01:57 . 2010-08-26 01:57 380928 ----a-w- e:\windows\system32\atieclxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 176128 ----a-w- e:\windows\system32\atiesrxx.exe
2010-08-26 01:55 . 2010-08-26 01:55 159744 ----a-w- e:\windows\system32\atitmmxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 15830016 ----a-w- e:\windows\system32\atioglxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 356352 ----a-w- e:\windows\system32\atipdlxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 278528 ----a-w- e:\windows\system32\Oemdspif.dll
2010-08-26 01:55 . 2010-08-26 01:55 11776 ----a-w- e:\windows\system32\atimuixx.dll
2010-08-26 01:55 . 2010-08-26 01:55 43520 ----a-w- e:\windows\system32\ati2edxx.dll
2010-08-26 01:34 . 2010-08-26 01:34 46080 ----a-w- e:\windows\system32\aticalrt.dll
2010-08-26 01:34 . 2010-08-26 01:34 44032 ----a-w- e:\windows\system32\aticalcl.dll
2010-08-26 01:33 . 2010-08-26 01:33 4032512 ----a-w- e:\windows\system32\atiumdag.dll
2010-08-26 01:33 . 2010-08-26 01:33 4375552 ----a-w- e:\windows\system32\aticaldd.dll
2010-08-26 01:25 . 2010-08-26 01:25 3392000 ----a-w- e:\windows\system32\atiumdva.dll
2010-08-26 01:21 . 2010-08-26 01:21 241664 ----a-w- e:\windows\system32\atiadlxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 12800 ----a-w- e:\windows\system32\atiglpxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 19968 ----a-w- e:\windows\system32\atigktxx.dll
2010-08-26 01:20 . 2010-08-26 01:20 221696 ----a-w- e:\windows\system32\drivers\atikmpag.sys
2010-08-26 01:19 . 2010-08-26 01:19 28160 ----a-w- e:\windows\system32\atiu9pag.dll
2010-08-26 01:19 . 2010-08-26 01:19 53248 ----a-w- e:\windows\system32\drivers\ati2erec.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- e:\windows\system32\atimpc32.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- e:\windows\system32\amdpcom32.dll
2010-08-24 08:31 . 2010-08-24 08:31 139152 ----a-w- e:\users\AleRx8\AppData\Roaming\PnkBstrK.sys
2010-08-24 08:30 . 2010-08-24 08:30 794408 ----a-w- e:\windows\system32\pbsvc.exe
2010-08-22 15:47 . 2010-08-22 15:51 -------- d-----w- e:\program files\FIFA 10
2010-08-22 15:47 . 2010-08-22 15:47 -------- d-----w- e:\users\AleRx8\Nová složka
2010-08-22 15:16 . 2010-08-22 15:16 -------- d-----w- e:\program files\Veetle
2010-08-21 07:30 . 2010-03-25 10:36 20512 ----a-w- e:\windows\system32\drivers\mxRCycle.sys
2010-08-21 07:30 . 2010-03-25 10:36 35000 ----a-w- e:\windows\system32\mxntdfg.exe
2010-08-21 07:28 . 2010-08-21 07:28 -------- d-----r- E:\_Backup.RC
2010-08-21 07:28 . 2010-08-24 14:03 -------- d-----w- E:\_Backup
2010-08-21 07:27 . 2010-08-21 07:27 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Avanquest
2010-08-21 07:27 . 2010-08-21 07:27 -------- d-----w- e:\programdata\Avanquest
2010-08-21 07:27 . 2010-08-21 07:27 -------- d-----w- e:\program files\Avanquest
2010-08-20 07:39 . 2010-08-20 07:39 -------- d-----w- e:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2010-08-19 07:34 . 2010-08-19 07:34 -------- d-----w- e:\program files\Common Files\ATI Technologies

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-17 12:34 . 2010-07-31 15:32 -------- d-----w- e:\programdata\VMware
2010-09-16 13:23 . 2010-02-12 06:02 -------- d-----w- e:\program files\Opera
2010-09-16 13:21 . 2010-01-17 18:17 127128 ----a-w- e:\users\AleRx8\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-15 16:09 . 2010-09-15 16:09 -------- d-----w- e:\program files\Common Files\MAGIX Shared
2010-09-15 13:32 . 2010-01-16 13:15 -------- d--h--w- e:\program files\InstallShield Installation Information
2010-09-12 16:31 . 2010-05-30 07:59 -------- d-----w- e:\program files\Capture-A-ScreenShot
2010-09-12 16:16 . 2010-09-12 16:15 -------- d-----w- e:\program files\Common Files\Adobe AIR
2010-09-12 16:16 . 2010-09-12 16:15 53632 ----a-w- e:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-12 16:12 . 2010-09-12 16:12 3084 ----a-w- e:\windows\system32\ealregsnapshot1.reg
2010-09-12 16:12 . 2010-02-12 05:59 -------- d-----w- e:\program files\Common Files\InstallShield
2010-09-12 14:03 . 2010-05-01 18:14 -------- d-----w- e:\program files\Steam
2010-09-12 13:47 . 2010-01-18 16:02 -------- d-----w- e:\users\AleRx8\AppData\Roaming\ICQ
2010-09-12 06:05 . 2010-01-27 17:23 -------- d-----w- e:\program files\Common Files\Adobe
2010-09-08 16:17 . 2010-09-08 16:17 -------- d-----w- e:\program files\Zealot Software
2010-08-31 14:17 . 2010-02-01 12:04 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Azureus
2010-08-30 09:21 . 2010-06-20 09:09 138968 ----a-w- e:\windows\system32\drivers\PnkBstrK.sys
2010-08-30 09:21 . 2010-06-20 09:09 214592 ----a-w- e:\windows\system32\PnkBstrB.exe
2010-08-28 11:00 . 2010-01-18 15:44 -------- d-----w- e:\users\AleRx8\AppData\Roaming\vlc
2010-08-28 08:59 . 2010-07-31 14:12 -------- d-----w- e:\program files\iTunes
2010-08-28 08:59 . 2010-01-19 15:26 -------- d-----w- e:\program files\Common Files\Apple
2010-08-28 07:52 . 2010-07-02 14:52 -------- d-----w- e:\program files\iPhone Explorer
2010-08-27 13:05 . 2010-01-18 15:54 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Ashampoo
2010-08-26 02:01 . 2010-05-05 02:19 528384 ----a-w- e:\windows\system32\aticfx32.dll
2010-08-26 01:52 . 2010-05-05 02:08 3914240 ----a-w- e:\windows\system32\atidxx32.dll
2010-08-26 01:27 . 2010-02-03 03:23 65536 ----a-w- e:\windows\system32\coinst.dll
2010-08-26 01:20 . 2010-04-07 01:22 30208 ----a-w- e:\windows\system32\atiuxpag.dll
2010-08-24 09:52 . 2010-01-18 16:02 -------- d-----w- e:\program files\ICQ7.0
2010-08-24 08:30 . 2010-06-20 09:09 75064 ----a-w- e:\windows\system32\PnkBstrA.exe
2010-08-24 08:30 . 2010-01-20 15:05 -------- d-----w- e:\program files\EA Sports
2010-08-21 07:24 . 2010-08-11 09:30 -------- d-----w- e:\program files\Common Files\Wise Installation Wizard
2010-08-19 07:34 . 2010-05-01 17:16 -------- d-----w- e:\program files\ATI Technologies
2010-08-18 11:20 . 2010-08-18 11:20 -------- d-----w- e:\program files\Driver-Soft
2010-08-18 08:37 . 2010-03-08 14:50 -------- d-----w- e:\program files\Opera 10.50 Beta
2010-08-18 08:31 . 2010-06-10 20:02 -------- d-----w- e:\program files\NCsoft
2010-08-18 08:30 . 2010-04-30 15:09 -------- d-----w- e:\program files\1C Company
2010-08-18 08:28 . 2010-08-18 08:15 -------- d--h--w- e:\programdata\sysnfxo
2010-08-18 08:26 . 2010-08-10 11:19 -------- d-----w- e:\program files\Free Screen Recorder
2010-08-18 08:26 . 2010-01-24 10:52 -------- d-----w- e:\program files\ExpressZIP
2010-08-18 08:26 . 2010-07-22 07:59 -------- d-----w- e:\program files\Creative
2010-08-18 08:25 . 2010-01-18 15:57 -------- d-----w- e:\program files\Ashampoo
2010-08-18 08:24 . 2010-03-02 16:25 -------- d-----w- e:\program files\3herosoft
2010-08-17 11:25 . 2010-08-17 10:59 -------- d-----w- e:\users\AleRx8\AppData\Roaming\AusLogics
2010-08-17 10:27 . 2010-08-17 10:27 -------- d-----w- e:\program files\Auslogics
2010-08-17 09:31 . 2010-01-17 18:19 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Media Player Classic
2010-08-17 09:30 . 2010-08-17 09:30 -------- d-----w- e:\program files\CCleaner
2010-08-17 07:30 . 2010-01-21 06:01 -------- d-----w- e:\programdata\Microsoft Help
2010-08-17 06:18 . 2010-01-19 15:09 -------- d-----w- e:\users\AleRx8\AppData\Roaming\IObit
2010-08-16 11:40 . 2010-08-16 11:38 -------- d-----w- e:\program files\MP3Gain
2010-08-16 07:22 . 2010-08-16 07:22 -------- d-----w- e:\programdata\Ocster Backup
2010-08-15 14:26 . 2010-08-15 14:26 -------- d-----w- e:\program files\Posibolt Software
2010-08-14 13:13 . 2010-08-14 13:13 -------- d-----w- e:\program files\SopCast
2010-08-13 07:33 . 2010-08-13 07:33 -------- d-----w- e:\program files\Zortam Mp3 Media Studio
2010-08-12 10:36 . 2010-08-12 10:36 -------- d-----w- e:\program files\ATI
2010-08-11 09:41 . 2010-08-11 09:41 -------- d-----w- e:\program files\NVIDIA Corporation
2010-08-11 07:26 . 2010-08-11 07:26 75776 ----a-w- e:\windows\cadkasdeinst01e.exe
2010-08-11 07:26 . 2010-08-11 07:26 -------- d-----w- e:\program files\Your monster voice 1
2010-08-10 07:44 . 2010-01-20 16:26 -------- d-----w- e:\program files\AGEIA Technologies
2010-08-07 07:39 . 2010-08-07 07:39 -------- d-----w- e:\programdata\Comodo Downloader
2010-08-06 15:28 . 2010-08-06 13:53 -------- d-----w- e:\program files\My Program
2010-08-06 14:24 . 2010-08-06 14:21 -------- d-----w- e:\program files\TDU 2
2010-08-05 16:15 . 2010-08-05 16:10 -------- d-----w- e:\users\AleRx8\AppData\Roaming\uTorrent
2010-08-05 16:10 . 2010-08-05 16:10 -------- d-----w- e:\program files\uTorrent
2010-08-05 15:56 . 2010-08-06 07:03 7474910 ----a-w- e:\program files\NatureIllusionStudioStandardEdition.exe
2010-08-05 10:44 . 2010-08-05 10:44 -------- d-----w- e:\program files\maComfort
2010-08-05 10:44 . 2010-08-05 10:44 -------- d-----w- e:\users\AleRx8\AppData\Roaming\maComfort
2010-08-05 08:30 . 2010-06-07 13:22 -------- d-----w- e:\program files\WinUtilities
2010-08-03 09:13 . 2010-08-03 09:13 -------- d-sh--w- e:\programdata\SecuROM
2010-08-03 09:11 . 2010-01-20 15:25 -------- d-----w- e:\program files\Rockstar Games
2010-08-03 08:49 . 2010-06-30 08:28 -------- d-----w- e:\program files\Metin2
2010-08-03 08:07 . 2010-08-03 08:07 -------- d-----w- e:\program files\1AVStreamer
2010-07-31 15:41 . 2010-07-31 15:40 -------- d-----w- e:\users\AleRx8\AppData\Roaming\VMware
2010-07-31 15:33 . 2010-07-31 15:33 921608 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\uninstall.exe
2010-07-31 15:32 . 2010-07-31 15:32 -------- d-----w- e:\program files\Common Files\VMware
2010-07-31 15:32 . 2010-07-31 15:32 -------- d-----w- e:\program files\VMware
2010-07-31 15:31 . 2010-07-31 15:33 581632 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\module_core.dll
2010-07-31 15:31 . 2010-07-31 15:33 356352 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\module_ws.dll
2010-07-31 15:31 . 2010-07-31 15:33 968752 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib64.dll
2010-07-31 15:31 . 2010-07-31 15:33 932400 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib64.exe
2010-07-31 15:31 . 2010-07-31 15:33 760368 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib.dll
2010-07-31 15:31 . 2010-07-31 15:33 760368 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vminstutil.dll
2010-07-31 15:31 . 2010-07-31 15:33 707120 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib.exe
2010-07-31 15:02 . 2010-07-31 14:35 -------- d-----w- e:\program files\Finderbar 1.5
2010-07-31 14:35 . 2010-07-31 14:35 39424 ----a-w- e:\windows\zipinst.exe
2010-07-31 14:35 . 2010-07-31 14:35 2853 ----a-w- e:\programdata\Microsoft\Windows\Start Menu\Programs\Landvermesser\Finderbar\eraserd.pif
2010-07-31 14:33 . 2010-07-31 14:33 -------- d-----w- e:\program files\RocketDock
2010-07-31 14:17 . 2009-07-13 23:40 249856 ----a-w- e:\windows\system32\uxtheme.dll
2010-07-31 14:17 . 2009-07-13 23:39 2755072 ----a-w- e:\windows\system32\themeui.dll
2010-07-31 14:17 . 2009-07-13 23:39 37376 ----a-w- e:\windows\system32\themeservice.dll
2010-07-31 14:08 . 2010-02-01 06:13 -------- d-----w- e:\program files\Safari
2010-07-31 14:08 . 2010-07-31 14:08 72488 ----a-w- e:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-23 07:21 . 2010-07-23 07:21 -------- d-----w- e:\program files\Common Files\Java
2010-07-23 07:20 . 2010-07-23 07:20 423656 ----a-w- e:\windows\system32\deployJava1.dll
2010-07-23 07:20 . 2010-07-23 07:20 -------- d-----w- e:\program files\Java
2010-07-22 08:00 . 2010-07-22 08:00 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Creative
2010-07-22 07:59 . 2010-07-22 07:59 -------- d-----w- e:\programdata\Creative
2010-07-21 14:30 . 2010-07-21 14:30 73000 ----a-w- e:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-20 12:50 . 2010-07-20 12:50 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Bump Technologies, Inc
2010-07-15 12:47 . 2010-07-15 12:47 101904 ----a-w- e:\windows\system32\drivers\AtihdW73.sys
2010-07-03 07:15 . 2010-07-03 07:15 23 --sha-w- e:\windows\system32\fbdaabb3.dat
2010-06-29 15:47 . 2010-06-29 15:46 7377592 ----a-w- e:\users\AleRx8\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build09.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- e:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- e:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
"AVG9_TRAY"="e:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-31 2065760]
"TrayServer"="e:\program files\MAGIX\Movie_Edit_Pro_15_silver\TrayServer.exe" [2008-11-13 90112]
"Malwarebytes Anti-Malware (reboot)"="e:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

e:\users\AleRx8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ubisoft register.lnk - e:\program files\Ubi Soft\Register\schedule.exe [2010-9-15 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=e:\windows\System32\avgrsstx.dll

R3 DfSdkS;Defragmentation-Service;e:\program files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [2009-08-24 406016]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;e:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 MatSvc;Microsoft Automated Troubleshooting Service;e:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 npggsvc;nProtect GameGuard Service;e:\windows\system32\GameMon.des [2009-10-11 3369044]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;e:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-08 100496]
R3 VMUSBArbService;VMware USB Arbitration Service;e:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-05-20 539184]
R3 XobniService;XobniService;e:\program files\Xobni\XobniService.exe [2009-10-12 46824]
R4 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R4 Fix-It Utilities 10 Essentials Task Manager;Fix-It Utilities 10 Essentials Task Manager;e:\progra~1\AVANQU~1\Fix-It\mxtask.exe [2010-03-25 529688]
R4 sptd;sptd;e:\windows\system32\Drivers\sptd.sys [2010-06-17 697328]
S0 AvgRkx86;avgrkx86.sys;e:\windows\System32\Drivers\avgrkx86.sys [2010-08-31 52872]
S1 AvgLdx86;AVG AVI Loader Driver x86;e:\windows\system32\Drivers\avgldx86.sys [2010-08-31 216400]
S1 AvgTdiX;AVG Network Redirector;e:\windows\system32\Drivers\avgtdix.sys [2010-08-31 243024]
S2 AMD External Events Utility;AMD External Events Utility;e:\windows\system32\atiesrxx.exe [2010-08-26 176128]
S2 avg9wd;AVG WatchDog;e:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-31 308136]
S2 SCRCAMHRDRV;ScreenCamera HR;e:\windows\system32\DRIVERS\SCRCAMHRDRV.sys [2010-03-01 234800]
S2 vmci;VMware vmci;e:\windows\system32\Drivers\vmci.sys [2010-05-20 70704]
S3 amdkmdag;amdkmdag;e:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 amdkmdap;amdkmdap;e:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;e:\windows\system32\DRIVERS\l160x86.sys [2009-07-13 47104]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;e:\windows\system32\drivers\AtihdW73.sys [2010-07-15 101904]
S3 rt61x86;Linksys Wireless-G PCI Adapter Driver;e:\windows\system32\DRIVERS\WMP54Gv41x86.sys [2007-06-26 286208]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
Obsah adresáře 'Naplánované úlohy'

2010-06-21 e:\windows\Tasks\AWC Startup.job
- e:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-01-19 15:33]
.
.
------- Doplňkový sken -------
.
IE: Download all by FlashGet3 - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: ????3?? - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
LSP: e:\program files\VMware\VMware Player\vsocklib.dll
FF - ProfilePath - e:\users\AleRx8\AppData\Roaming\Mozilla\Firefox\Profiles\xtna1v3q.default\
FF - component: e:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: e:\users\AleRx8\AppData\Roaming\Mozilla\Firefox\Profiles\xtna1v3q.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: e:\users\AleRx8\AppData\Roaming\Mozilla\Firefox\Profiles\xtna1v3q.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll

---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-FIFA 09 FAT Rebuilder - e:\program files\EA Sports\FIFA 09\FAT Rebuilder Uninstaller
AddRemove-CMP 2009 - e:\program files\EA Sports\FIFA 09\Uninstal.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="e:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="e:\\Users\\AleRx8\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="e:\\Users\\AleRx8\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:44,be,19,e7,c0,91,a3,a6,cf,d0,b6,88,f4,9f,f1,94,fc,00,fa,e7,bf,73,d1,
39,f3,9a,eb,da,f8,59,76,3b,fa,8a,cb,09,15,1d,89,a5,58,72,be,3a,b4,f6,17,d3,\
"??"=hex:45,20,e8,79,3b,03,2f,15,59,18,e4,56,b1,f7,d1,2f

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\SecuROM\License information*]
"datasecu"=hex:75,c9,fa,f4,10,f8,1d,da,3c,71,e6,b8,6d,fa,14,1d,27,e1,12,fd,3a,
8f,6e,ff,3d,4a,86,93,ac,02,d1,fa,ca,7f,97,79,59,9a,bd,0c,dd,40,ac,00,80,58,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Celkový čas: 2010-09-17 14:46:28
ComboFix-quarantined-files.txt 2010-09-17 12:46

Před spuštěním: Volných bajtů: 194 099 044 352
Po spuštění: Volných bajtů: 194 003 030 016

- - End Of File - - 0A44AB2490F59D68504D52E2D0436BF4

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
e:\windows\msdownld.tmp
e:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
e:\windows\system32\fbdaabb3.dat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[AleRx8]

ComboFix 10-09-17.04 - AleRx8 18.09.2010 9:55.6.4 - x86
Microsoft Windows 7 Ultimate N 6.1.7600.0.1250.420.1033.18.3071.1908 [GMT 2:00]
Spuštěný z: e:\users\AleRx8\Desktop\ComboFix.exe
Použité ovládací přepínače :: e:\users\AleRx8\Desktop\CFScript.txt
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
e:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll
e:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseData.ini
e:\windows\msdownld.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-18 do 2010-09-18 )))))))))))))))))))))))))))))))
.

2010-09-18 08:01 . 2010-09-18 08:01 -------- d-----w- e:\users\AleRx8\AppData\Local\temp
2010-09-18 08:01 . 2010-09-18 08:01 -------- d-----w- e:\users\Public\AppData\Local\temp
2010-09-18 08:01 . 2010-09-18 08:01 -------- d-----w- e:\users\Default\AppData\Local\temp
2010-09-17 14:44 . 2010-09-17 14:44 -------- d-----w- e:\users\AleRx8\AppData\Local\AOL
2010-09-17 12:28 . 2010-09-17 12:28 -------- d-----w- e:\programdata\ATI
2010-09-16 13:43 . 2010-09-16 13:43 -------- d-----w- e:\users\AleRx8\DoctorWeb
2010-09-15 16:15 . 2009-11-26 09:26 188928 ----a-w- e:\programdata\Softland\Backup4all Lite 4\Plugins\MicrosoftOutlookSources.dll
2010-09-15 16:15 . 2009-11-26 09:26 173056 ----a-w- e:\programdata\Softland\Backup4all Lite 4\Plugins\OutlookExpressSources.dll
2010-09-15 16:14 . 2010-09-15 16:14 -------- d-----w- e:\programdata\Softland
2010-09-15 16:14 . 2010-09-15 16:14 -------- d-----w- e:\program files\Softland
2010-09-15 16:10 . 2010-09-15 16:10 -------- d-----w- e:\users\AleRx8\AppData\Roaming\MAGIX
2010-09-15 16:08 . 2004-09-13 11:29 200704 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\licgen.exe
2010-09-15 16:08 . 2003-11-04 16:20 6144 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\components\videowritetest.exe
2010-09-15 16:08 . 2003-10-09 09:56 513088 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\WMDS.dll
2010-09-15 16:08 . 1997-10-15 20:03 18944 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\DVD\WMV_DISC\components\shelexec.exe
2010-09-15 16:08 . 2010-09-15 16:09 -------- d-----w- e:\programdata\MAGIX
2010-09-15 16:08 . 2005-10-08 14:14 40960 ----a-w- e:\programdata\MAGIX\Movie_Edit_Pro_15_silver\Default\fcdummy.exe
2010-09-15 16:08 . 2010-09-15 16:09 -------- d-----w- e:\program files\MAGIX
2010-09-15 16:08 . 2007-04-27 07:43 120200 ----a-w- e:\windows\system32\DLLDEV32i.dll
2010-09-15 16:07 . 2010-09-15 16:07 -------- d-----w- e:\program files\Common Files\MAGIX Services
2010-09-15 13:30 . 2001-05-04 09:05 505104 ----a-r- e:\windows\system32\msxml.dll
2010-09-15 13:30 . 2002-10-17 08:35 26096 ----a-r- e:\windows\system32\xmlinst.exe
2010-09-15 13:30 . 2002-01-07 14:30 24576 ----a-r- e:\windows\system32\msxml3a.dll
2010-09-15 13:30 . 2001-05-04 09:05 28432 ----a-r- e:\windows\system32\msxmlr.dll
2010-09-15 13:30 . 2000-03-17 06:21 36864 ----a-r- e:\windows\system32\xmlparse.dll
2010-09-15 13:30 . 2000-03-17 06:21 69632 ----a-r- e:\windows\system32\xmltok.dll
2010-09-15 13:30 . 1998-06-17 22:00 89360 ----a-r- e:\windows\system32\VB5DB.DLL
2010-09-15 13:30 . 2010-09-15 13:30 -------- d-----w- e:\users\AleRx8\AppData\Roaming\ubi.com
2010-09-15 13:30 . 2001-07-30 16:03 185344 ----a-w- e:\windows\patchw32.dll
2010-09-15 13:30 . 2010-09-15 13:30 -------- d-----w- e:\program files\ubi.com
2010-09-15 13:30 . 2010-09-15 13:30 -------- d-----w- e:\program files\Common Files\PocketSoft
2010-09-15 13:27 . 2010-09-15 13:30 -------- d-----w- e:\program files\Ubi Soft
2010-09-14 13:06 . 2010-09-14 13:06 -------- d-----w- e:\program files\Recuva
2010-09-12 16:16 . 2010-09-12 16:16 53632 ----a-w- e:\users\AleRx8\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-12 16:12 . 2010-09-12 16:12 -------- d-----w- e:\users\AleRx8\AppData\Local\Downloaded Installations
2010-09-12 13:25 . 2010-09-17 14:38 -------- d-----w- e:\program files\Call of Duty Modern Warfare 2
2010-09-12 06:05 . 2010-09-12 06:05 -------- d-----w- e:\windows\Profiles
2010-09-12 06:05 . 2010-09-12 06:05 -------- d-----w- e:\windows\system32\Adobe
2010-09-12 06:05 . 2010-09-12 06:05 -------- d-----w- e:\users\AleRx8\AppData\Roaming\InterTrust
2010-09-12 06:04 . 1998-11-13 10:08 308224 ----a-w- e:\windows\IsUn0413.exe
2010-09-12 05:59 . 2010-09-12 06:02 -------- d-----w- e:\program files\KaM - The Peasants Rebellion
2010-09-11 06:27 . 2010-09-11 06:27 462864 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\d3dx10_37.dll
2010-09-11 06:27 . 2010-09-11 06:27 4068624 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\eawebkit.dll
2010-09-11 06:27 . 2010-09-11 06:27 3786760 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\d3dx9_37.dll
2010-09-11 06:27 . 2010-09-11 06:27 267536 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\gameplay.dll
2010-09-11 06:27 . 2010-09-11 06:27 1789200 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\gameplay.native.dll
2010-09-11 06:27 . 2010-09-11 06:27 10900752 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\nfsw.exe
2010-09-11 06:19 . 2010-09-11 06:19 883670 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\pb\pbcl.dll
2010-09-11 06:19 . 2010-09-11 06:19 57344 ----a-w- e:\programdata\Electronic Arts\Need For Speed World\Data\pb\pbag.dll
2010-09-11 06:15 . 2010-09-12 16:15 -------- d-----w- e:\programdata\Electronic Arts
2010-09-11 06:15 . 2010-09-12 16:13 -------- d-----w- e:\program files\Electronic Arts
2010-09-08 16:20 . 2010-09-09 16:35 -------- d-----w- e:\program files\AVI MPEG RM WMV Joiner
2010-09-08 16:19 . 2010-09-08 16:19 -------- d-----w- e:\program files\K-Lite Codec Pack
2010-09-08 16:14 . 2010-09-08 16:14 -------- d-----w- e:\program files\Easy Video Joiner
2010-09-08 16:07 . 2010-09-08 16:07 -------- d-----w- e:\program files\AVIJOINER
2010-09-04 08:04 . 2010-09-04 08:04 -------- d-----w- E:\$AVG
2010-09-04 07:57 . 2010-09-04 07:57 7383104 ----a-w- e:\users\AleRx8\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe
2010-08-31 15:32 . 2010-08-31 15:32 -------- d-----w- e:\program files\Fifa Master
2010-08-31 12:59 . 2010-08-31 12:59 -------- d-----w- e:\users\AleRx8\AppData\Roaming\AVG9
2010-08-31 12:53 . 2010-08-31 12:53 12536 ----a-w- e:\windows\system32\avgrsstx.dll
2010-08-31 12:53 . 2010-08-31 12:53 52872 ----a-w- e:\windows\system32\drivers\avgrkx86.sys
2010-08-31 12:53 . 2010-08-31 12:53 243024 ----a-w- e:\windows\system32\drivers\avgtdix.sys
2010-08-31 12:53 . 2010-08-31 12:53 216400 ----a-w- e:\windows\system32\drivers\avgldx86.sys
2010-08-31 12:53 . 2010-08-31 12:53 29584 ----a-w- e:\windows\system32\drivers\avgmfx86.sys
2010-08-31 12:53 . 2010-09-18 05:37 -------- d-----w- e:\windows\system32\drivers\Avg
2010-08-31 12:50 . 2010-08-31 12:50 -------- d-----w- e:\programdata\avg9
2010-08-31 12:48 . 2010-08-31 12:50 -------- d-----w- e:\program files\AVG
2010-08-28 09:57 . 2010-08-28 09:57 -------- d-----w- e:\users\AleRx8\AppData\Local\Google Translator (2)
2010-08-28 08:59 . 2010-08-28 08:59 -------- d-----w- e:\program files\iPod
2010-08-28 08:58 . 2010-08-28 08:59 -------- d-----w- e:\program files\QuickTime
2010-08-28 08:58 . 2010-08-28 08:58 -------- d-----w- e:\program files\Apple Software Update
2010-08-28 07:58 . 2010-08-28 07:58 -------- d-----w- e:\users\AleRx8\AppData\Local\Macroplant
2010-08-27 11:30 . 2010-08-27 11:30 -------- d-----w- e:\windows\TiMoC
2010-08-27 11:30 . 2010-08-27 11:30 -------- d-----w- e:\program files\TiMoC
2010-08-27 10:30 . 2010-08-27 13:47 -------- d-----w- e:\users\AleRx8\AppData\Local\Oblivion
2010-08-27 10:15 . 2010-08-27 10:15 -------- d-----w- e:\program files\Bethesda Softworks
2010-08-26 10:58 . 2010-08-26 11:04 -------- d-----w- e:\program files\Metro 2033 Demo
2010-08-26 03:36 . 2010-08-26 03:36 6380032 ----a-w- e:\windows\system32\drivers\atikmdag.sys
2010-08-26 02:01 . 2010-08-26 02:01 143360 ----a-w- e:\windows\system32\atiapfxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 450560 ----a-w- e:\windows\system32\ATIDEMGX.dll
2010-08-26 01:57 . 2010-08-26 01:57 380928 ----a-w- e:\windows\system32\atieclxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 176128 ----a-w- e:\windows\system32\atiesrxx.exe
2010-08-26 01:55 . 2010-08-26 01:55 159744 ----a-w- e:\windows\system32\atitmmxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 15830016 ----a-w- e:\windows\system32\atioglxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 356352 ----a-w- e:\windows\system32\atipdlxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 278528 ----a-w- e:\windows\system32\Oemdspif.dll
2010-08-26 01:55 . 2010-08-26 01:55 11776 ----a-w- e:\windows\system32\atimuixx.dll
2010-08-26 01:55 . 2010-08-26 01:55 43520 ----a-w- e:\windows\system32\ati2edxx.dll
2010-08-26 01:34 . 2010-08-26 01:34 46080 ----a-w- e:\windows\system32\aticalrt.dll
2010-08-26 01:34 . 2010-08-26 01:34 44032 ----a-w- e:\windows\system32\aticalcl.dll
2010-08-26 01:33 . 2010-08-26 01:33 4032512 ----a-w- e:\windows\system32\atiumdag.dll
2010-08-26 01:33 . 2010-08-26 01:33 4375552 ----a-w- e:\windows\system32\aticaldd.dll
2010-08-26 01:25 . 2010-08-26 01:25 3392000 ----a-w- e:\windows\system32\atiumdva.dll
2010-08-26 01:21 . 2010-08-26 01:21 241664 ----a-w- e:\windows\system32\atiadlxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 12800 ----a-w- e:\windows\system32\atiglpxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 19968 ----a-w- e:\windows\system32\atigktxx.dll
2010-08-26 01:20 . 2010-08-26 01:20 221696 ----a-w- e:\windows\system32\drivers\atikmpag.sys
2010-08-26 01:19 . 2010-08-26 01:19 28160 ----a-w- e:\windows\system32\atiu9pag.dll
2010-08-26 01:19 . 2010-08-26 01:19 53248 ----a-w- e:\windows\system32\drivers\ati2erec.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- e:\windows\system32\atimpc32.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- e:\windows\system32\amdpcom32.dll
2010-08-24 08:31 . 2010-08-24 08:31 139152 ----a-w- e:\users\AleRx8\AppData\Roaming\PnkBstrK.sys
2010-08-24 08:30 . 2010-08-24 08:30 794408 ----a-w- e:\windows\system32\pbsvc.exe
2010-08-22 15:47 . 2010-08-22 15:51 -------- d-----w- e:\program files\FIFA 10
2010-08-22 15:47 . 2010-08-22 15:47 -------- d-----w- e:\users\AleRx8\Nová složka
2010-08-22 15:16 . 2010-08-22 15:16 -------- d-----w- e:\program files\Veetle
2010-08-21 07:30 . 2010-03-25 10:36 20512 ----a-w- e:\windows\system32\drivers\mxRCycle.sys
2010-08-21 07:30 . 2010-03-25 10:36 35000 ----a-w- e:\windows\system32\mxntdfg.exe
2010-08-21 07:28 . 2010-08-21 07:28 -------- d-----r- E:\_Backup.RC
2010-08-21 07:28 . 2010-08-24 14:03 -------- d-----w- E:\_Backup
2010-08-21 07:27 . 2010-08-21 07:27 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Avanquest
2010-08-21 07:27 . 2010-08-21 07:27 -------- d-----w- e:\programdata\Avanquest
2010-08-21 07:27 . 2010-08-21 07:27 -------- d-----w- e:\program files\Avanquest

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 06:09 . 2010-01-18 16:02 -------- d-----w- e:\users\AleRx8\AppData\Roaming\ICQ
2010-09-18 05:33 . 2010-07-31 15:32 -------- d-----w- e:\programdata\VMware
2010-09-17 13:57 . 2010-01-18 15:57 -------- d-----w- e:\program files\Ashampoo
2010-09-16 13:23 . 2010-02-12 06:02 -------- d-----w- e:\program files\Opera
2010-09-16 13:21 . 2010-01-17 18:17 127128 ----a-w- e:\users\AleRx8\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-15 16:09 . 2010-09-15 16:09 -------- d-----w- e:\program files\Common Files\MAGIX Shared
2010-09-15 13:32 . 2010-01-16 13:15 -------- d--h--w- e:\program files\InstallShield Installation Information
2010-09-12 16:31 . 2010-05-30 07:59 -------- d-----w- e:\program files\Capture-A-ScreenShot
2010-09-12 16:16 . 2010-09-12 16:15 -------- d-----w- e:\program files\Common Files\Adobe AIR
2010-09-12 16:16 . 2010-09-12 16:15 53632 ----a-w- e:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-12 16:12 . 2010-09-12 16:12 3084 ----a-w- e:\windows\system32\ealregsnapshot1.reg
2010-09-12 16:12 . 2010-02-12 05:59 -------- d-----w- e:\program files\Common Files\InstallShield
2010-09-12 14:03 . 2010-05-01 18:14 -------- d-----w- e:\program files\Steam
2010-09-12 06:05 . 2010-01-27 17:23 -------- d-----w- e:\program files\Common Files\Adobe
2010-09-08 16:17 . 2010-09-08 16:17 -------- d-----w- e:\program files\Zealot Software
2010-08-31 14:17 . 2010-02-01 12:04 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Azureus
2010-08-30 09:21 . 2010-06-20 09:09 138968 ----a-w- e:\windows\system32\drivers\PnkBstrK.sys
2010-08-30 09:21 . 2010-06-20 09:09 214592 ----a-w- e:\windows\system32\PnkBstrB.exe
2010-08-28 11:00 . 2010-01-18 15:44 -------- d-----w- e:\users\AleRx8\AppData\Roaming\vlc
2010-08-28 08:59 . 2010-07-31 14:12 -------- d-----w- e:\program files\iTunes
2010-08-28 08:59 . 2010-01-19 15:26 -------- d-----w- e:\program files\Common Files\Apple
2010-08-28 07:52 . 2010-07-02 14:52 -------- d-----w- e:\program files\iPhone Explorer
2010-08-27 13:05 . 2010-01-18 15:54 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Ashampoo
2010-08-26 02:01 . 2010-05-05 02:19 528384 ----a-w- e:\windows\system32\aticfx32.dll
2010-08-26 01:52 . 2010-05-05 02:08 3914240 ----a-w- e:\windows\system32\atidxx32.dll
2010-08-26 01:27 . 2010-02-03 03:23 65536 ----a-w- e:\windows\system32\coinst.dll
2010-08-26 01:20 . 2010-04-07 01:22 30208 ----a-w- e:\windows\system32\atiuxpag.dll
2010-08-24 09:52 . 2010-01-18 16:02 -------- d-----w- e:\program files\ICQ7.0
2010-08-24 08:30 . 2010-06-20 09:09 75064 ----a-w- e:\windows\system32\PnkBstrA.exe
2010-08-24 08:30 . 2010-01-20 15:05 -------- d-----w- e:\program files\EA Sports
2010-08-21 07:24 . 2010-08-11 09:30 -------- d-----w- e:\program files\Common Files\Wise Installation Wizard
2010-08-19 07:34 . 2010-08-19 07:34 -------- d-----w- e:\program files\Common Files\ATI Technologies
2010-08-19 07:34 . 2010-05-01 17:16 -------- d-----w- e:\program files\ATI Technologies
2010-08-18 11:20 . 2010-08-18 11:20 -------- d-----w- e:\program files\Driver-Soft
2010-08-18 08:37 . 2010-03-08 14:50 -------- d-----w- e:\program files\Opera 10.50 Beta
2010-08-18 08:31 . 2010-06-10 20:02 -------- d-----w- e:\program files\NCsoft
2010-08-18 08:30 . 2010-04-30 15:09 -------- d-----w- e:\program files\1C Company
2010-08-18 08:28 . 2010-08-18 08:15 -------- d--h--w- e:\programdata\sysnfxo
2010-08-18 08:26 . 2010-08-10 11:19 -------- d-----w- e:\program files\Free Screen Recorder
2010-08-18 08:26 . 2010-01-24 10:52 -------- d-----w- e:\program files\ExpressZIP
2010-08-18 08:26 . 2010-07-22 07:59 -------- d-----w- e:\program files\Creative
2010-08-18 08:24 . 2010-03-02 16:25 -------- d-----w- e:\program files\3herosoft
2010-08-17 11:25 . 2010-08-17 10:59 -------- d-----w- e:\users\AleRx8\AppData\Roaming\AusLogics
2010-08-17 10:27 . 2010-08-17 10:27 -------- d-----w- e:\program files\Auslogics
2010-08-17 09:31 . 2010-01-17 18:19 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Media Player Classic
2010-08-17 09:30 . 2010-08-17 09:30 -------- d-----w- e:\program files\CCleaner
2010-08-17 07:30 . 2010-01-21 06:01 -------- d-----w- e:\programdata\Microsoft Help
2010-08-17 06:18 . 2010-01-19 15:09 -------- d-----w- e:\users\AleRx8\AppData\Roaming\IObit
2010-08-16 11:40 . 2010-08-16 11:38 -------- d-----w- e:\program files\MP3Gain
2010-08-16 07:22 . 2010-08-16 07:22 -------- d-----w- e:\programdata\Ocster Backup
2010-08-15 14:26 . 2010-08-15 14:26 -------- d-----w- e:\program files\Posibolt Software
2010-08-14 13:13 . 2010-08-14 13:13 -------- d-----w- e:\program files\SopCast
2010-08-13 07:33 . 2010-08-13 07:33 -------- d-----w- e:\program files\Zortam Mp3 Media Studio
2010-08-12 10:36 . 2010-08-12 10:36 -------- d-----w- e:\program files\ATI
2010-08-11 09:41 . 2010-08-11 09:41 -------- d-----w- e:\program files\NVIDIA Corporation
2010-08-11 07:26 . 2010-08-11 07:26 75776 ----a-w- e:\windows\cadkasdeinst01e.exe
2010-08-11 07:26 . 2010-08-11 07:26 -------- d-----w- e:\program files\Your monster voice 1
2010-08-10 07:44 . 2010-01-20 16:26 -------- d-----w- e:\program files\AGEIA Technologies
2010-08-07 07:39 . 2010-08-07 07:39 -------- d-----w- e:\programdata\Comodo Downloader
2010-08-06 15:28 . 2010-08-06 13:53 -------- d-----w- e:\program files\My Program
2010-08-06 14:24 . 2010-08-06 14:21 -------- d-----w- e:\program files\TDU 2
2010-08-05 16:15 . 2010-08-05 16:10 -------- d-----w- e:\users\AleRx8\AppData\Roaming\uTorrent
2010-08-05 16:10 . 2010-08-05 16:10 -------- d-----w- e:\program files\uTorrent
2010-08-05 15:56 . 2010-08-06 07:03 7474910 ----a-w- e:\program files\NatureIllusionStudioStandardEdition.exe
2010-08-05 10:44 . 2010-08-05 10:44 -------- d-----w- e:\program files\maComfort
2010-08-05 10:44 . 2010-08-05 10:44 -------- d-----w- e:\users\AleRx8\AppData\Roaming\maComfort
2010-08-05 08:30 . 2010-06-07 13:22 -------- d-----w- e:\program files\WinUtilities
2010-08-03 09:13 . 2010-08-03 09:13 -------- d-sh--w- e:\programdata\SecuROM
2010-08-03 09:11 . 2010-01-20 15:25 -------- d-----w- e:\program files\Rockstar Games
2010-08-03 08:49 . 2010-06-30 08:28 -------- d-----w- e:\program files\Metin2
2010-08-03 08:07 . 2010-08-03 08:07 -------- d-----w- e:\program files\1AVStreamer
2010-07-31 15:41 . 2010-07-31 15:40 -------- d-----w- e:\users\AleRx8\AppData\Roaming\VMware
2010-07-31 15:33 . 2010-07-31 15:33 921608 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\uninstall.exe
2010-07-31 15:32 . 2010-07-31 15:32 -------- d-----w- e:\program files\Common Files\VMware
2010-07-31 15:32 . 2010-07-31 15:32 -------- d-----w- e:\program files\VMware
2010-07-31 15:31 . 2010-07-31 15:33 581632 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\module_core.dll
2010-07-31 15:31 . 2010-07-31 15:33 356352 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\module_ws.dll
2010-07-31 15:31 . 2010-07-31 15:33 968752 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib64.dll
2010-07-31 15:31 . 2010-07-31 15:33 932400 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib64.exe
2010-07-31 15:31 . 2010-07-31 15:33 760368 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib.dll
2010-07-31 15:31 . 2010-07-31 15:33 760368 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vminstutil.dll
2010-07-31 15:31 . 2010-07-31 15:33 707120 ----a-w- e:\programdata\VMware\VMware Player\Uninstaller\vnetlib.exe
2010-07-31 15:02 . 2010-07-31 14:35 -------- d-----w- e:\program files\Finderbar 1.5
2010-07-31 14:35 . 2010-07-31 14:35 39424 ----a-w- e:\windows\zipinst.exe
2010-07-31 14:35 . 2010-07-31 14:35 2853 ----a-w- e:\programdata\Microsoft\Windows\Start Menu\Programs\Landvermesser\Finderbar\eraserd.pif
2010-07-31 14:33 . 2010-07-31 14:33 -------- d-----w- e:\program files\RocketDock
2010-07-31 14:17 . 2009-07-13 23:40 249856 ----a-w- e:\windows\system32\uxtheme.dll
2010-07-31 14:17 . 2009-07-13 23:39 2755072 ----a-w- e:\windows\system32\themeui.dll
2010-07-31 14:17 . 2009-07-13 23:39 37376 ----a-w- e:\windows\system32\themeservice.dll
2010-07-31 14:08 . 2010-02-01 06:13 -------- d-----w- e:\program files\Safari
2010-07-31 14:08 . 2010-07-31 14:08 72488 ----a-w- e:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-23 07:21 . 2010-07-23 07:21 -------- d-----w- e:\program files\Common Files\Java
2010-07-23 07:20 . 2010-07-23 07:20 423656 ----a-w- e:\windows\system32\deployJava1.dll
2010-07-23 07:20 . 2010-07-23 07:20 -------- d-----w- e:\program files\Java
2010-07-22 08:00 . 2010-07-22 08:00 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Creative
2010-07-22 07:59 . 2010-07-22 07:59 -------- d-----w- e:\programdata\Creative
2010-07-21 14:30 . 2010-07-21 14:30 73000 ----a-w- e:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-20 12:50 . 2010-07-20 12:50 -------- d-----w- e:\users\AleRx8\AppData\Roaming\Bump Technologies, Inc
2010-07-15 12:47 . 2010-07-15 12:47 101904 ----a-w- e:\windows\system32\drivers\AtihdW73.sys
2010-07-03 07:15 . 2010-07-03 07:15 23 --sha-w- e:\windows\system32\fbdaabb3.dat
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- e:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- e:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-09-17_12.45.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:19 . 2010-09-18 05:35 32772 e:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 04:19 . 2010-09-17 12:36 32772 e:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-16 13:07 . 2010-09-18 05:35 11054 e:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1786341700-570025950-2881891393-1000_UserData.bin
+ 2010-02-01 08:33 . 2010-09-18 07:06 16384 e:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-01 08:33 . 2010-09-17 12:04 16384 e:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-01 08:33 . 2010-09-17 12:04 32768 e:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-01 08:33 . 2010-09-18 07:06 32768 e:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-01 08:33 . 2010-09-18 07:06 16384 e:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-01 08:33 . 2010-09-17 12:04 16384 e:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-17 12:33 . 2010-09-17 12:33 2048 e:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-09-18 05:32 . 2010-09-18 05:32 2048 e:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-09-18 05:32 . 2010-09-18 05:32 2048 e:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-09-17 12:33 . 2010-09-17 12:33 2048 e:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-09-17 13:59 . 2010-09-17 13:59 2741248 e:\windows\assembly\GAC_MSIL\CyViewer\1.0.6.5__f58f4c3ffce91d11\CyViewer.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
"AVG9_TRAY"="e:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-31 2065760]
"TrayServer"="e:\program files\MAGIX\Movie_Edit_Pro_15_silver\TrayServer.exe" [2008-11-13 90112]

e:\users\AleRx8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ubisoft register.lnk - e:\program files\Ubi Soft\Register\schedule.exe [2010-9-15 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=e:\windows\System32\avgrsstx.dll

R3 DfSdkS;Defragmentation-Service;e:\program files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [2009-08-24 406016]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;e:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 MatSvc;Microsoft Automated Troubleshooting Service;e:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 npggsvc;nProtect GameGuard Service;e:\windows\system32\GameMon.des [2009-10-11 3369044]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;e:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-08 100496]
R3 VMUSBArbService;VMware USB Arbitration Service;e:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-05-20 539184]
R3 XobniService;XobniService;e:\program files\Xobni\XobniService.exe [2009-10-12 46824]
R4 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R4 Fix-It Utilities 10 Essentials Task Manager;Fix-It Utilities 10 Essentials Task Manager;e:\progra~1\AVANQU~1\Fix-It\mxtask.exe [2010-03-25 529688]
R4 sptd;sptd;e:\windows\system32\Drivers\sptd.sys [2010-06-17 697328]
S0 AvgRkx86;avgrkx86.sys;e:\windows\System32\Drivers\avgrkx86.sys [2010-08-31 52872]
S1 AvgLdx86;AVG AVI Loader Driver x86;e:\windows\system32\Drivers\avgldx86.sys [2010-08-31 216400]
S1 AvgTdiX;AVG Network Redirector;e:\windows\system32\Drivers\avgtdix.sys [2010-08-31 243024]
S2 AMD External Events Utility;AMD External Events Utility;e:\windows\system32\atiesrxx.exe [2010-08-26 176128]
S2 avg9wd;AVG WatchDog;e:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-31 308136]
S2 SCRCAMHRDRV;ScreenCamera HR;e:\windows\system32\DRIVERS\SCRCAMHRDRV.sys [2010-03-01 234800]
S2 vmci;VMware vmci;e:\windows\system32\Drivers\vmci.sys [2010-05-20 70704]
S3 amdkmdag;amdkmdag;e:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 amdkmdap;amdkmdap;e:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;e:\windows\system32\DRIVERS\l160x86.sys [2009-07-13 47104]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;e:\windows\system32\drivers\AtihdW73.sys [2010-07-15 101904]
S3 rt61x86;Linksys Wireless-G PCI Adapter Driver;e:\windows\system32\DRIVERS\WMP54Gv41x86.sys [2007-06-26 286208]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
Obsah adresáře 'Naplánované úlohy'

2010-06-21 e:\windows\Tasks\AWC Startup.job
- e:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-01-19 15:33]
.
.
------- Doplňkový sken -------
.
IE: Download all by FlashGet3 - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: ????3?? - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - e:\users\AleRx8\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
LSP: e:\program files\VMware\VMware Player\vsocklib.dll
FF - ProfilePath - e:\users\AleRx8\AppData\Roaming\Mozilla\Firefox\Profiles\xtna1v3q.default\
FF - component: e:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: e:\users\AleRx8\AppData\Roaming\Mozilla\Firefox\Profiles\xtna1v3q.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: e:\users\AleRx8\AppData\Roaming\Mozilla\Firefox\Profiles\xtna1v3q.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll

---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="e:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="e:\\Users\\AleRx8\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="e:\\Users\\AleRx8\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:44,be,19,e7,c0,91,a3,a6,cf,d0,b6,88,f4,9f,f1,94,fc,00,fa,e7,bf,73,d1,
39,f3,9a,eb,da,f8,59,76,3b,fa,8a,cb,09,15,1d,89,a5,58,72,be,3a,b4,f6,17,d3,\
"??"=hex:45,20,e8,79,3b,03,2f,15,59,18,e4,56,b1,f7,d1,2f

[HKEY_USERS\S-1-5-21-1786341700-570025950-2881891393-1000\Software\SecuROM\License information*]
"datasecu"=hex:75,c9,fa,f4,10,f8,1d,da,3c,71,e6,b8,6d,fa,14,1d,27,e1,12,fd,3a,
8f,6e,ff,3d,4a,86,93,ac,02,d1,fa,ca,7f,97,79,59,9a,bd,0c,dd,40,ac,00,80,58,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Celkový čas: 2010-09-18 10:02:23
ComboFix-quarantined-files.txt 2010-09-18 08:02
ComboFix2.txt 2010-09-17 12:46

Před spuštěním: Volných bajtů: 193 104 818 176
Po spuštění: Volných bajtů: 192 626 429 952

- - End Of File - - 95455338B7FA7339498D0F663D6EF0EE


HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:06:49, on 18.9.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
E:\Windows\system32\taskhost.exe
E:\Windows\system32\Dwm.exe
E:\Program Files\AVG\AVG9\avgtray.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
E:\Windows\explorer.exe
E:\Program Files\Opera\opera.exe
E:\Users\AleRx8\Desktop\hijackthis.exe
E:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG9_TRAY] E:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [TrayServer] E:\Program Files\MAGIX\Movie_Edit_Pro_15_silver\TrayServer.exe
O4 - HKCU\..\Run: [RocketDock] "E:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: ubisoft register.lnk = E:\Program Files\Ubi Soft\Register\schedule.exe
O8 - Extra context menu item: Download all by FlashGet3 - E:\Users\AleRx8\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - E:\Users\AleRx8\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: e:\program files\vmware\vmware player\vsocklib.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: E:\Windows\System32\avgrsstx.dll
O23 - Service: AMD External Events Utility - AMD - E:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - E:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - E:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - E:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - E:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - E:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - E:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - E:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - E:\Windows\system32\vmnat.exe
O23 - Service: XobniService - Xobni Corporation - E:\Program Files\Xobni\XobniService.exe

--
End of file - 5354 bytes


http://www.virustotal.com/file-scan/rep ... 1284731247

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast, či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast či Microsoft Security Essentials


Pak napiš , jak to vypadá s PC , hry..