trojan prosím okontrolu HJT Vyřešeno

[nezmarigi]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:58:39, on 5.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware SE Personal\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
E:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
E:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "E:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files\Jmeniny.exe
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Hlede&j v ČR - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v &encyklopedii - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5108
O8 - Extra context menu item: Hledej ve &světě - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Hledej ve &zboží - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5107
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware SE Personal\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\Sandra 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\Sandra 2007\RpcSandraSrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - E:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 9704 bytes

[Reklama]

[jaro3]

Nic tam nevidím.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[nezmarigi]

Malwarebytes' Anti-Malware 1.32
Verze databáze: 1618
Windows 5.1.2600 Service Pack 3

5.1.2009 18:19:06
mbam-log-2009-01-05 (18-18-23).txt

Typ skenu: Rychlý sken
Objektu skenováno: 53112
Uplynulý cas: 4 minute(s), 39 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 15
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log
Poté odinstaluj: MyWebSearch

Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu-(po restartu drž klávesu F8)- (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....

[nezmarigi]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:44:30, on 5.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware SE Personal\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
E:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
E:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "E:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files\Jmeniny.exe
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Hlede&j v ČR - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v &encyklopedii - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5108
O8 - Extra context menu item: Hledej ve &světě - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Hledej ve &zboží - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5107
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware SE Personal\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\Sandra 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\Sandra 2007\RpcSandraSrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - E:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 9548 bytes

[jaro3]

Ještě ten SDFix jak je výše.

[nezmarigi]

System Report
*************

Run on Łt 06.01.2009 at 04:04

Microsoft Windows XP [Verze 5.1.2600]

Current user is an administrator

Running Processes:

\SystemRoot\System32\smss.exe [660]
\??\C:\WINDOWS\system32\csrss.exe [720]
\??\C:\WINDOWS\system32\winlogon.exe [744]
C:\WINDOWS\system32\services.exe [836]
C:\WINDOWS\system32\lsass.exe [848]
C:\WINDOWS\system32\svchost.exe [1032]
C:\WINDOWS\system32\svchost.exe [1080]
C:\Program Files\Windows Defender\MsMpEng.exe [1184]
C:\WINDOWS\System32\svchost.exe [1224]
C:\WINDOWS\system32\svchost.exe [1256]
C:\WINDOWS\system32\svchost.exe [1464]
C:\WINDOWS\system32\svchost.exe [1624]
E:\Program Files\Lavasoft\Ad-Aware SE Personal\aawservice.exe [1684]
C:\WINDOWS\Explorer.EXE [1836]
C:\WINDOWS\system32\spoolsv.exe [1948]
C:\PROGRA~1\AVG\AVG8\avgtray.exe [152]
E:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [280]
C:\WINDOWS\system32\ctfmon.exe [336]
E:\Program Files\Skype\Phone\Skype.exe [532]
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [1576]
C:\Program Files\Creative\Shared Files\CTDevSrv.exe [1604]
C:\WINDOWS\System32\svchost.exe [1780]
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [1300]
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [164]
C:\PROGRA~1\AVG\AVG8\avgrsx.exe [572]
C:\WINDOWS\system32\nvsvc32.exe [2104]
C:\WINDOWS\system32\PnkBstrA.exe [2156]
E:\Program Files\Skype\Plugin Manager\skypePM.exe [2408]
E:\Program Files\Spyware Terminator\sp_rsser.exe [2480]
C:\WINDOWS\system32\svchost.exe [2664]
C:\PROGRA~1\AVG\AVG8\avgemc.exe [2836]
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [3004]
C:\WINDOWS\System32\alg.exe [3892]
C:\Program Files\Internet Explorer\iexplore.exe [436]
C:\Program Files\Internet Explorer\iexplore.exe [3132]


Drivers - Running:

3xHybrid
ACPI
AFD
AmdK8
appdrv01
Arp1394
ASAPIW2k
atapi
atksgt
audstub
AvgLdx86
AvgMfx86
AvgTdiX
Beep
Cdfs
Cdrom
Disk
Fips
FltMgr
Ftdisk
giveio
Gpc
HDAudBus
HidUsb
HTTP
Imapi
IntcAzAudAddService
IpNat
IPSec
isapnp
Kbdclass
kbdhid
KSecDD
lirsgt
mnmdd
Mouclass
mouhid
MountMgr
MRxDAV
MRxSmb
Msfs
mssmbios
Mup
NDIS
NdisTapi
Ndisuio
NdisWan
NDProxy
NetBIOS
NetBT
NIC1394
Npfs
Ntfs
Null
nv
NVENETFD
nvnetbus
ohci1394
Parport
PartMgr
ParVdm
PCI
PCIIde
PptpMiniport
PSched
Ptilink
PxHelp20
RasAcd
Rasl2tp
RasPppoe
Raspti
Rdbss
RDPCDD
redbook
SCDEmu
serenum
Serial
speedfan
sptd
sp_rsdrv2
sr
Srv
swenum
sysaudio
Tcpip
TermDD
Update
usbccgp
usbehci
usbhub
usbohci
USBSTOR
VgaSave
VolSnap
Wanarp
wdmaud
WudfPf


Drivers - Stopped:

Abiosdsk
abp480n5
ACPIEC
adpu160m
aec
Aha154x
aic78u2
aic78xx
AliIde
amsint
asc
asc3350p
asc3550
AsyncMac
Atdisk
Atmarpc
cbidf2k
CCDECODE
cd20xrnt
Cdaudio
cglptnt
Changer
CmdIde
Cpqarray
dac960nt
dmboot
dmio
dmload
DMusic
dpti2o
drmkaud
ElbyVCD
ENTECH
ET5Drv
EverestDriver
Fastfat
Fdc
Flpydisk
gdrv
hpn
i2omgmt
i2omp
i8042prt
ini910u
IntelIde
Ip6Fw
IpFilterDriver
IpInIp
IRENUM
kmixer
lbrtfdc
Modem
MPE
mraid35x
MSKSSRV
MSPCLOCK
MSPQM
MSTEE
NABTSFEC
NdisIP
NwlnkFlt
NwlnkFwd
PCIDump
Pcmcia
PDCOMP
PDFRAME
PDRELI
PDRFRAME
perc2
perc2hib
Processor
ql1080
Ql10wnt
ql12160
ql1240
ql1280
RDPWD
SANDRA
Secdrv
Sfloppy
Simbad
SLIP
Sparrow
splitter
streamip
swmidi
symc810
symc8xx
sym_hi
sym_u3
TDPIPE
TDTCP
TosIde
Udfs
ultra
usbprint
ViaIde
WDICA
WpdUsb
WSTCODEC
WudfRd


Services - Running:

aawservice
ALG
AudioSrv
avg8emc
avg8wd
BITS
CryptSvc
CTDevice_Srv
DcomLaunch
Dhcp
Dnscache
ERSvc
Eventlog
EventSystem
FastUserSwitchingCompatibility
helpsvc
HidServ
HTTPFilter
lanmanserver
lanmanworkstation
LmHosts
MDM
MSSQL$PINNACLESYS
Netman
Nla
NVSvc
PinnacleSys.MediaServer
PlugPlay
PnkBstrA
PolicyAgent
ProtectedStorage
RasMan
RpcSs
SamSs
Schedule
seclogon
SENS
SharedAccess
ShellHWDetection
Spooler
sp_rssrv
srservice
SSDPSRV
stisvc
TapiSrv
TermService
Themes
TrkWks
W32Time
WebClient
WinDefend
winmgmt
wscsvc
wuauserv
WudfSvc
WZCSVC


Services - Stopped:

Alerter
appdrvrem01
AppMgmt
aspnet_state
Browser
CiSvc
ClipSrv
clr_optimization_v2.0.50727_32
COMSysApp
CTUPnPSv
dmadmin
dmserver
Dot3svc
EapHost
gusvc
hkmsvc
ImapiService
Messenger
mnmsrvc
MSDTC
MSIServer
MSSQLServerADHelper
napagent
NetDDE
NetDDEdsdm
Netlogon
NtLmSsp
NtmsSvc
ose
RasAuto
RDSessMgr
RemoteAccess
RpcLocator
RSVP
SandraDataSrv
SandraTheSrv
SCardSvr
SQLAgent$PINNACLESYS
SwPrv
SysmonLog
upnphost
UPS
VSS
WmdmPmSN
WmiApSrv
WMPNetworkSvc
xmlprov


Files Created/Modified - 60 Days:


C:\

6 Jan 2009 3.31.20 4 194 304 000 A.SH. "C:\pagefile.sys"


C:\WINDOWS\

6 Jan 2009 3.31.22 2 048 A.S.. "C:\WINDOWS\bootstat.dat"
29 Dec 2008 4.42.38 113 664 A.... "C:\WINDOWS\system32\mqapi.exe"
10 Dec 2008 0.24.38 17 593 280 A.... "C:\WINDOWS\system32\MRT.exe"
14 Dec 2008 15.02.10 5 699 584 A.... "C:\WINDOWS\system32\mshtml.dll"
12 Dec 2008 4.47.58 66 872 A.... "C:\WINDOWS\system32\PnkBstrA.exe"
24 Dec 2008 13.22.40 183 112 A.... "C:\WINDOWS\system32\PnkBstrB.exe"
6 Jan 2009 3.31.34 6 A..H. "C:\WINDOWS\Tasks\SA.DAT"
6 Jan 2009 3.32.08 49 152 A.... "C:\WINDOWS\Temp\CompiledAdapter.dll"
6 Jan 2009 4.03.52 0 A.... "C:\WINDOWS\Temp\scsE.tmp"
14 Dec 2008 15.02.10 5 699 584 A.... "C:\WINDOWS\system32\dllcache\mshtml.dll"
4 Jan 2009 18.41.46 15 504 A.... "C:\WINDOWS\system32\drivers\mbam.sys"
4 Jan 2009 18.41.50 38 496 A.... "C:\WINDOWS\system32\drivers\mbamswissarmy.sys"
24 Dec 2008 13.22.46 138 184 A.... "C:\WINDOWS\system32\drivers\PnkBstrK.sys"
5 Jan 2009 15.57.20 2 103 352 A.... "C:\WINDOWS\system32\Restore\rstrlog.dat"


C:\Program Files\

19 Dec 2008 19.28.02 1 434 864 A.... "C:\Program Files\CCleaner\CCleaner.exe"
4 Jan 2009 11.55.24 114 658 A.... "C:\Program Files\CCleaner\uninst.exe"
4 Jan 2009 10.33.48 396 288 A.... "C:\Program Files\HijackThis\HijackThis.exe"
4 Jan 2009 18.41.46 380 048 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe"
4 Jan 2009 18.41.44 73 360 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll"
4 Jan 2009 18.41.46 1 269 392 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
4 Jan 2009 18.41.46 73 360 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll"
4 Jan 2009 18.41.48 399 504 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"
4 Jan 2009 18.41.48 170 640 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
4 Jan 2009 18.41.48 44 688 A.... "C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll"
5 Jan 2009 18.09.28 8 865 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.dat"
5 Jan 2009 18.08.42 688 784 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
4 Jan 2009 18.41.50 77 968 A.... "C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll"
24 Dec 2008 12.21.36 84 259 A.... "C:\Program Files\Mp3tag\Mp3tagUninstall.exe"
21 Nov 2008 10.29.46 3 835 904 A.... "C:\Program Files\SpeedFan\speedfan.exe"
3 Dec 2008 4.41.46 36 335 A.... "C:\Program Files\SpeedFan\uninstall.exe"
9 Dec 2008 11.12.30 234 856 A.... "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
9 Dec 2008 11.12.32 104 296 A.... "C:\Program Files\TomTom HOME 2\TomTomHOME.exe"
3 Jan 2009 9.38.38 173 022 A.... "C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe"
13 Dec 2008 16.13.52 161 112 A.... "C:\Program Files\Audible\Bin\AudibleExt.dll"
5 Dec 2008 3.51.54 152 832 A.... "C:\Program Files\AVG\AVG8\avgchk.exe"
5 Dec 2008 3.51.54 3 A.... "C:\Program Files\AVG\AVG8\avgchk.exe0"
12 Dec 2008 21.12.54 2 075 416 A.... "C:\Program Files\AVG\AVG8\avgresf.dll"
5 Dec 2008 3.51.54 1 261 336 A.... "C:\Program Files\AVG\AVG8\avgtray.exe"
11 Nov 2008 4.57.58 34 048 A.... "C:\Program Files\AVG\AVG8\fixfp.exe"
5 Dec 2008 3.51.54 924 698 A.... "C:\Program Files\AVG\AVG8\setup.dat"
19 Dec 2008 3.33.50 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1063.dll"
19 Dec 2008 3.34.22 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1071.dll"
19 Dec 2008 3.34.34 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1066.dll"
19 Dec 2008 3.34.30 22 016 A.... "C:\Program Files\CCleaner\Lang\lang-1050.dll"
19 Dec 2008 3.33.16 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1030.dll"
19 Dec 2008 3.33.40 23 552 A.... "C:\Program Files\CCleaner\Lang\lang-1040.dll"
19 Dec 2008 3.34.12 24 576 A.... "C:\Program Files\CCleaner\Lang\lang-1034.dll"
19 Dec 2008 3.33.54 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1044.dll"
19 Dec 2008 3.33.38 23 040 A.... "C:\Program Files\CCleaner\Lang\lang-1038.dll"
19 Dec 2008 3.33.10 11 776 A.... "C:\Program Files\CCleaner\Lang\lang-1028.dll"
19 Dec 2008 3.34.06 22 016 A.... "C:\Program Files\CCleaner\Lang\lang-1048.dll"
19 Dec 2008 3.33.28 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1110.dll"
19 Dec 2008 3.32.50 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1051.dll"
19 Dec 2008 3.34.12 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1055.dll"
19 Dec 2008 3.33.04 19 456 A.... "C:\Program Files\CCleaner\Lang\lang-1025.dll"
19 Dec 2008 3.33.22 23 040 A.... "C:\Program Files\CCleaner\Lang\lang-1035.dll"
19 Dec 2008 3.33.58 22 016 A.... "C:\Program Files\CCleaner\Lang\lang-1045.dll"
19 Dec 2008 3.33.12 20 480 A.... "C:\Program Files\CCleaner\Lang\lang-1029.dll"
19 Dec 2008 3.32.52 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-1052.dll"
19 Dec 2008 3.33.32 26 112 A.... "C:\Program Files\CCleaner\Lang\lang-1032.dll"
19 Dec 2008 3.33.48 11 776 A.... "C:\Program Files\CCleaner\Lang\lang-1042.dll"
19 Dec 2008 3.34.24 24 064 A.... "C:\Program Files\CCleaner\Lang\lang-1026.dll"
19 Dec 2008 3.33.26 24 576 A.... "C:\Program Files\CCleaner\Lang\lang-1036.dll"
19 Dec 2008 3.34.04 24 576 A.... "C:\Program Files\CCleaner\Lang\lang-1046.dll"
19 Dec 2008 3.33.18 24 576 A.... "C:\Program Files\CCleaner\Lang\lang-1043.dll"
19 Dec 2008 3.33.00 23 040 A.... "C:\Program Files\CCleaner\Lang\lang-1027.dll"
19 Dec 2008 3.33.34 18 944 A.... "C:\Program Files\CCleaner\Lang\lang-1037.dll"
19 Dec 2008 3.32.58 22 016 A.... "C:\Program Files\CCleaner\Lang\lang-1031.dll"
19 Dec 2008 3.33.44 14 848 A.... "C:\Program Files\CCleaner\Lang\lang-1041.dll"
19 Dec 2008 3.34.10 20 992 A.... "C:\Program Files\CCleaner\Lang\lang-1049.dll"
19 Dec 2008 3.32.54 22 016 A.... "C:\Program Files\CCleaner\Lang\lang-1053.dll"
19 Dec 2008 3.34.00 25 088 A.... "C:\Program Files\CCleaner\Lang\lang-2070.dll"
19 Dec 2008 3.33.06 11 776 A.... "C:\Program Files\CCleaner\Lang\lang-2052.dll"
19 Dec 2008 3.34.20 20 992 A.... "C:\Program Files\CCleaner\Lang\lang-2074.dll"
19 Dec 2008 3.34.16 20 992 A.... "C:\Program Files\CCleaner\Lang\lang-3098.dll"
19 Dec 2008 3.34.28 21 504 A.... "C:\Program Files\CCleaner\Lang\lang-5146.dll"
13 Dec 2008 16.12.54 368 640 A.... "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\_setup.dll"
13 Dec 2008 16.13.52 192 512 A.... "C:\Program Files\Real Alternative\Plugins\aaffmt.dll"
13 Dec 2008 16.13.52 491 520 A.... "C:\Program Files\Real Alternative\Plugins\aarender.dll"
9 Dec 2008 10.33.42 11 613 A.... "C:\Program Files\TomTom HOME 2\license\EULA-et-EE.html"
9 Dec 2008 10.33.42 19 537 A.... "C:\Program Files\TomTom HOME 2\license\EULA-es-MX.html"
9 Dec 2008 10.33.42 12 190 A.... "C:\Program Files\TomTom HOME 2\license\EULA-af-ZA.html"
9 Dec 2008 10.33.42 12 480 A.... "C:\Program Files\TomTom HOME 2\license\EULA-ca-ES.html"
9 Dec 2008 10.33.42 13 628 A.... "C:\Program Files\TomTom HOME 2\license\EULA-cs-CZ.html"
9 Dec 2008 10.33.42 12 026 A.... "C:\Program Files\TomTom HOME 2\license\EULA-da-DK.html"
9 Dec 2008 10.33.42 12 743 A.... "C:\Program Files\TomTom HOME 2\license\EULA-de-DE.html"
9 Dec 2008 10.33.42 11 152 A.... "C:\Program Files\TomTom HOME 2\license\EULA-en-GB.html"
9 Dec 2008 10.33.42 11 291 A.... "C:\Program Files\TomTom HOME 2\license\EULA-en-US.html"
9 Dec 2008 10.33.42 12 607 A.... "C:\Program Files\TomTom HOME 2\license\EULA-es-ES.html"
9 Dec 2008 10.33.42 13 556 A.... "C:\Program Files\TomTom HOME 2\license\EULA-es-US.html"
9 Dec 2008 10.33.42 11 226 A.... "C:\Program Files\TomTom HOME 2\license\EULA-fi-FI.html"
9 Dec 2008 10.33.42 12 226 A.... "C:\Program Files\TomTom HOME 2\license\EULA-fr-FR.html"
9 Dec 2008 10.33.42 13 004 A.... "C:\Program Files\TomTom HOME 2\license\EULA-fr-US.html"
9 Dec 2008 10.33.42 12 207 A.... "C:\Program Files\TomTom HOME 2\license\EULA-hu-HU.html"
9 Dec 2008 10.33.42 12 750 A.... "C:\Program Files\TomTom HOME 2\license\EULA-it-IT.html"
9 Dec 2008 10.33.42 15 170 A.... "C:\Program Files\TomTom HOME 2\license\EULA-lt-LT.html"
9 Dec 2008 10.33.42 15 467 A.... "C:\Program Files\TomTom HOME 2\license\EULA-lv-LV.html"
9 Dec 2008 10.33.42 12 585 A.... "C:\Program Files\TomTom HOME 2\license\EULA-ms-MY.html"
9 Dec 2008 10.33.42 12 522 A.... "C:\Program Files\TomTom HOME 2\license\EULA-nl-BE.html"
9 Dec 2008 10.33.42 12 522 A.... "C:\Program Files\TomTom HOME 2\license\EULA-nl-NL.html"
9 Dec 2008 10.33.42 11 895 A.... "C:\Program Files\TomTom HOME 2\license\EULA-no-NO.html"
9 Dec 2008 10.33.42 15 074 A.... "C:\Program Files\TomTom HOME 2\license\EULA-pl-PL.html"
9 Dec 2008 10.33.42 16 127 A.... "C:\Program Files\TomTom HOME 2\license\EULA-pt-BR.html"
9 Dec 2008 10.33.42 12 467 A.... "C:\Program Files\TomTom HOME 2\license\EULA-pt-PT.html"
9 Dec 2008 10.33.42 81 374 A.... "C:\Program Files\TomTom HOME 2\license\EULA-ru-RU.html"
9 Dec 2008 10.33.42 12 407 A.... "C:\Program Files\TomTom HOME 2\license\EULA-sk-SK.html"
9 Dec 2008 10.33.42 12 654 A.... "C:\Program Files\TomTom HOME 2\license\EULA-sl-SL.html"
9 Dec 2008 10.33.42 11 256 A.... "C:\Program Files\TomTom HOME 2\license\EULA-sv-SE.html"
9 Dec 2008 10.33.42 15 592 A.... "C:\Program Files\TomTom HOME 2\license\EULA-tr-TR.html"
9 Dec 2008 10.33.42 25 310 A.... "C:\Program Files\TomTom HOME 2\license\EULA-zh-CN.html"
9 Dec 2008 10.33.42 25 326 A.... "C:\Program Files\TomTom HOME 2\license\EULA-zh-TW.html"
9 Dec 2008 11.12.18 11 776 A.... "C:\Program Files\TomTom HOME 2\xulrunner\AccessibleMarshal.dll"
9 Dec 2008 11.12.38 83 304 A.... "C:\Program Files\TomTom HOME 2\xulrunner\ext2fs.dll"
9 Dec 2008 11.12.18 233 472 A.... "C:\Program Files\TomTom HOME 2\xulrunner\freebl3.dll"
9 Dec 2008 11.12.38 501 096 A.... "C:\Program Files\TomTom HOME 2\xulrunner\HomeBase.dll"
9 Dec 2008 11.12.34 96 616 A.... "C:\Program Files\TomTom HOME 2\xulrunner\HOMERuntime.exe"
9 Dec 2008 11.12.18 23 552 A.... "C:\Program Files\TomTom HOME 2\xulrunner\IA2Marshal.dll"
9 Dec 2008 11.12.18 730 624 A.... "C:\Program Files\TomTom HOME 2\xulrunner\js3250.dll"
9 Dec 2008 11.12.36 349 544 A.... "C:\Program Files\TomTom HOME 2\xulrunner\MapShare.dll"
9 Dec 2008 11.12.18 163 840 A.... "C:\Program Files\TomTom HOME 2\xulrunner\nspr4.dll"
9 Dec 2008 11.12.18 692 224 A.... "C:\Program Files\TomTom HOME 2\xulrunner\nss3.dll"
9 Dec 2008 11.12.18 299 008 A.... "C:\Program Files\TomTom HOME 2\xulrunner\nssckbi.dll"
9 Dec 2008 11.12.18 98 304 A.... "C:\Program Files\TomTom HOME 2\xulrunner\nssdbm3.dll"
9 Dec 2008 11.12.18 81 920 A.... "C:\Program Files\TomTom HOME 2\xulrunner\nssutil3.dll"
9 Dec 2008 11.12.18 14 848 A.... "C:\Program Files\TomTom HOME 2\xulrunner\plc4.dll"
9 Dec 2008 11.12.18 11 264 A.... "C:\Program Files\TomTom HOME 2\xulrunner\plds4.dll"
9 Dec 2008 10.44.28 12 288 A.... "C:\Program Files\TomTom HOME 2\xulrunner\regxpcom.exe"
9 Dec 2008 10.44.28 49 152 A.... "C:\Program Files\TomTom HOME 2\xulrunner\shlibsign.exe"
9 Dec 2008 11.12.18 98 304 A.... "C:\Program Files\TomTom HOME 2\xulrunner\smime3.dll"
9 Dec 2008 11.12.18 151 552 A.... "C:\Program Files\TomTom HOME 2\xulrunner\softokn3.dll"
9 Dec 2008 11.12.18 393 728 A.... "C:\Program Files\TomTom HOME 2\xulrunner\sqlite3.dll"
9 Dec 2008 11.12.18 131 072 A.... "C:\Program Files\TomTom HOME 2\xulrunner\ssl3.dll"
9 Dec 2008 10.44.40 87 528 A.... "C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOME.dll"
9 Dec 2008 10.44.40 7 144 A.... "C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMEProvisioning.exe"
9 Dec 2008 11.12.18 163 840 A.... "C:\Program Files\TomTom HOME 2\xulrunner\wxbase28u_net_vc_custom.dll"
9 Dec 2008 11.12.18 1 495 040 A.... "C:\Program Files\TomTom HOME 2\xulrunner\wxbase28u_vc_custom.dll"
9 Dec 2008 11.12.20 1 585 152 A.... "C:\Program Files\TomTom HOME 2\xulrunner\wxmsw28u_core_vc_custom.dll"
9 Dec 2008 11.12.20 11 776 A.... "C:\Program Files\TomTom HOME 2\xulrunner\xpcom.dll"
9 Dec 2008 10.44.30 19 968 A.... "C:\Program Files\TomTom HOME 2\xulrunner\xpcshell.exe"
9 Dec 2008 11.12.36 9 083 240 A.... "C:\Program Files\TomTom HOME 2\xulrunner\xul.dll"
8 Dec 2008 18.01.52 3 355 A.... "C:\Program Files\Winamp\Plugins\vis_avs.dat"
5 Dec 2008 3.51.54 1 187 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Free_8_sp.html"
5 Dec 2008 3.51.54 1 070 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Free_8_us.html"
5 Dec 2008 3.51.54 1 106 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Paid_8_fr.html"
5 Dec 2008 3.51.54 1 120 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Paid_8_it.html"
5 Dec 2008 3.51.56 1 044 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Paid_8_us.html"
5 Dec 2008 3.51.54 1 093 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Paid_8_nl.html"
5 Dec 2008 3.51.54 1 127 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Paid_8_sp.html"
5 Dec 2008 3.51.54 1 153 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Paid_8_pt.html"
5 Dec 2008 3.51.54 1 146 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Free_8_fr.html"
5 Dec 2008 3.51.54 1 114 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Free_8_it.html"
5 Dec 2008 3.51.54 1 143 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Free_8_nl.html"
5 Dec 2008 3.51.54 1 217 A.... "C:\Program Files\AVG\AVG8\Notification\cmp2008_App_Free_8_pt.html"
8 Nov 2008 15.19.44 82 808 A.... "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdaterInstallMgr.exe"
8 Nov 2008 15.19.48 2 356 088 A.... "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
9 Dec 2008 11.12.40 1 593 704 A.... "C:\Program Files\TomTom HOME 2\xul\components\HOMEServices.dll"
9 Dec 2008 11.12.18 118 784 A.... "C:\Program Files\TomTom HOME 2\xul\plugins\npTomTomEmulatorPlugin.dll"
9 Dec 2008 11.12.18 59 392 A.... "C:\Program Files\TomTom HOME 2\xulrunner\plugins\npnul32.dll"
9 Dec 2008 10.44.28 117 A.... "C:\Program Files\TomTom HOME 2\xulrunner\res\hiddenWindow.html"


Files with hidden attributes:

Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\SDHelper (Spybot - Search & Destroy)\SDHelper.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Thu 14 Aug 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Wed 30 Jul 2008 4,891,984 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\TeaTimer (Spybot - Search & Destroy)\TeaTimer.exe"
Wed 24 Dec 2008 1,301 ...HR --- "C:\Documents and Settings\Pocitac\Data aplikacˇ\SecuROM\UserData\securom_v7_01.bak"


Program Folders:

C:\Program Files\

ACDSee32
Adobe
Ahead
Audible
AVG
CCleaner
CDex_170b2
Common Files
Corel
Creative
CyberLink
DAEMON Tools
DAEMON Tools Lite
DAEMON Tools Toolbar
Deep Silver
DIFX
DivX
DVD Shrink
ffvfw
Futuremark
Gigabyte
GoldWave
Google
HD Tune
HijackThis
InstallShield Installation Information
Internet Explorer
Java
MadOnion.com
Malwarebytes' Anti-Malware
Media Player Classic
Messenger
microsoft frontpage
Microsoft Office
Microsoft SQL Server
Microsoft Visual Studio
Microsoft Works
Microsoft.NET
Movie Maker
Mp3tag
MSN Gaming Zone
MSXML 4.0
NetMeeting
Online Services
OpenAL
Outlook Express
Pinnacle
PopCap Games
PowerISO
QuickTime Alternative
Real Alternative
Realtek
ReflexiveArcade
Sandra 2007
SDHelper (Spybot - Search & Destroy)
Selfkey Systems
SESSION
Seznam
SpeedFan
Speed-O-Meter
Spybot - Search & Destroy
Steam
TeaTimer (Spybot - Search & Destroy)
TomTom DesktopSuite
TomTom HOME 2
totalcmd
Uninstall Information
Winamp
WinClamAVShield
Windows Defender
Windows Desktop Search
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WinRAR
xerox

C:\Program Files\Common Files\

Adobe
Ahead
Borland Shared
DESIGNER
DirectX
InstallShield
Java
Microsoft Shared
MSSoap
ODBC
Services
Skype
SpeechEngines
System
Wise Installation Wizard


Add/Remove Programs:

Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
4 Elements
ACDSee 32
Adobe Flash Player ActiveX
Always Current Business Card
AudibleManager
AVG Free 8.0
Canon i250
CDex extraction audio
Corel Applications
Creative Centrale
Creative Removable Disk Manager
DAEMON Tools Toolbar
Deep Voyage
DVD Shrink 3.2
EasyTune5
Eldorado Puzzle
ffvfw (uninstall only)
Glyph 2
GoldWave v4.24
GTR Evolution
HD Tune 2.54
HijackThis 2.0.2
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 8 Beta 2
High Definition Audio Driver Package - KB888111
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows Media Format 11 SDK (KB929399)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127-v2)
Aktualizace zabezpečení systému Windows XP (KB938464)
Oprava hotfix aplikace Windows Media Player 11 (KB939683)
Aktualizace zabezpečení produktu Windows XP (KB941569)
Aktualizace systému Windows XP (KB942763)
Aktualizace zabezpečení systému Windows XP (KB946648)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB950759)
Aktualizace zabezpečení systému Windows XP (KB950760)
Aktualizace zabezpečení systému Windows XP (KB950762)
Aktualizace zabezpečení systému Windows XP (KB950974)
Aktualizace zabezpečení systému Windows XP (KB951066)
Aktualizace systému Windows XP (KB951072-v2)
Aktualizace zabezpečení systému Windows XP (KB951376-v2)
Aktualizace zabezpečení systému Windows XP (KB951698)
Aktualizace zabezpečení systému Windows XP (KB951748)
Aktualizace systému Windows XP (KB951978)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)
Oprava Hotfix systému Windows XP (KB952287)
Aktualizace zabezpečení systému Windows XP (KB952954)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB953838)
Aktualizace zabezpečení systému Windows XP (KB953839)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)
Aktualizace zabezpečení systému Windows XP (KB954211)
Aktualizace zabezpečení systému Windows XP (KB954459)
Aktualizace zabezpečení systému Windows XP (KB954600)
Aktualizace zabezpečení systému Windows XP (KB955069)
Aktualizace systému Windows XP (KB955839)
Aktualizace zabezpečení systému Windows XP (KB956391)
Aktualizace zabezpečení systému Windows XP (KB956802)
Aktualizace zabezpečení systému Windows XP (KB956803)
Aktualizace zabezpečení systému Windows XP (KB956841)
Aktualizace zabezpečení systému Windows XP (KB957095)
Aktualizace zabezpečení systému Windows XP (KB957097)
Aktualizace zabezpečení systému Windows XP (KB958644)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB960714)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Language Pack - CSY
Mp3tag v2.42
Microsoft Compression Client Pack 1.0 for Windows XP
Nero 6 Ultra Edition
Microsoft National Language Support Downlevel APIs
NVIDIA Drivers
OpenAL
PC Translator
PDF reDirect (remove only)
Peggle Nights Deluxe 1.0
PowerISO
QuickTime Alternative 1.39
Real Alternative 1.44
S.T.A.L.K.E.R. - Clear Sky [v1.0003]
SiSoftware Sandra Lite 2007 (Win64/32/CE)
Speed-O-Meter
SpeedFan (remove only)
Seznam Lištička
The Mysterious City Golden Prague
TomTom HOME 2.5.2.60
Total Commander (Remove or Repair)
Treasure Masters Inc
Winamp (remove only)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
Creative ZEN Mozaic User's Guide
AutoUpdate
Google Toolbar for Internet Explorer
Gems Quest
i-Cool
Java(TM) 6 Update 7
VBA (2720)
DMIView B7.0108.01
Creative Centrale
Pinnacle MediaServer
Skype™ 3.8
PowerDVD
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Java 2 Runtime Environment, SE v1.4.2_06
MSXML 4.0 SP2 Parser and SDK
Microsoft Visual C++ 2005 Redistributable
DivX
3DMark06
Microsoft .NET Framework 2.0 Language Pack - CSY
MSXML 4.0 SP2 (KB954430)
Creative Software Update
EAX4 Unified Redist
VC_MergeModuleToMSI
Microsoft Office Professional Edition 2003
Microsoft Office FrontPage 2003
MadOnion.com/3DMark2001 SE
Microsoft Games for Windows - LIVE Redistributable
Fallout 3
Windows Defender
Microsoft Visual C++ 2005 Redistributable
Kontrola české gramatiky pro sadu Microsoft Office 2003
Adobe Reader 8 - Czech
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Spelling Dictionaries Support For Adobe Reader 8
@BIOS
Spybot - Search & Destroy
Microsoft .NET Framework 2.0 Service Pack 1
MSXML 4.0 SP2 (KB936181)
Microsoft .NET Framework 1.1
Tropix 2 - Quest for the Golden Banana
Google Toolbar for Internet Explorer
Ad-Aware
Microsoft SQL Server Desktop Engine (PINNACLESYS)
Face_Wizard B07.0509.01
Realtek High Definition Audio Driver
Pure
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Pinnacle MediaCenter


Run Values:

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"AVG8_TRAY"="C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe"
"SpywareTerminator"="\"E:\\Program Files\\Spyware Terminator\\SpywareTerminatorShield.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Sv tky a věroźˇ"="C:\\Program Files\\Jmeniny.exe"
"Skype"="\"E:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"WEBTRAN"=""
"OEXPRESS"=""
"DAEMON Tools Lite"="\"C:\\Program Files\\DAEMON Tools Lite\\daemon.exe\" -autorun"


Bot Check:

SERVICE_NAME: wscsvc
DISPLAY_NAME : Centrum zabezpe
START_TYPE : 2 AUTO_START

SERVICE_NAME: sharedaccess
DISPLAY_NAME : Brána Firewall / Sdílení p
START_TYPE : 2 AUTO_START

SERVICE_NAME: wuauserv
DISPLAY_NAME : Automatické aktualizace
START_TYPE : 2 AUTO_START

SERVICE_NAME: srservice
DISPLAY_NAME : Slu
START_TYPE : 2 AUTO_START

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="Y"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000004

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"WaitToKillServiceTimeout"="20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SFCDisable"=dword:00000000
"Shell"="Explorer.exe"
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"TransportBindName"="\\Device\\"


ShellExecuteHooks:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"



Environment:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment
ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe
Path REG_EXPAND_SZ %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\
windir REG_EXPAND_SZ %SystemRoot%
OS REG_SZ Windows_NT
PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
TEMP REG_EXPAND_SZ %SystemRoot%\TEMP
TMP REG_EXPAND_SZ %SystemRoot%\TEMP

SecurityProviders:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Authentication Packages:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0


Subsystem Startup:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"Windows"="%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16"


Midi Drivers:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midi"="wdmaud.drv"


Non-Default IFEO Debugger:


Non-Default Installed Components:


Non-Default Safeboot Minimal:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\windefend
<NO NAME> REG_SZ Service


File Associations:


[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\cmdfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\htafile\shell\open\command]
@="C:\\WINDOWS\\system32\\mshta.exe \"%1\" %*"

[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"

[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"

[HKEY_CLASSES_ROOT\regedit\shell\open\command]
@="regedit.exe %1"

[HKEY_CLASSES_ROOT\regfile\shell\open\command]
@="regedit.exe \"%1\""

[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"

[HKEY_CLASSES_ROOT\txtfile\shell\open\command]
@="%SystemRoot%\system32\NOTEPAD.EXE %1"


Finished!

[jaro3]

Vypni rez. ochranu u AVG a štít u SpywareTerminatoru.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[nezmarigi]

ComboFix 09-01-05.05 - Pocitac 2009-01-06 14:43:44.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.2046.1499 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pocitac\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\update.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-12-06 do 2009-01-06 )))))))))))))))))))))))))))))))
.

2009-01-05 18:50 . 2009-01-06 04:07 <DIR> d-------- C:\SDFix
2009-01-05 18:09 . 2009-01-05 18:09 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-05 18:09 . 2009-01-05 18:09 <DIR> d-------- c:\documents and settings\Pocitac\Data aplikací\Malwarebytes
2009-01-05 18:09 . 2009-01-05 18:09 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-01-05 18:09 . 2009-01-04 18:41 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-05 18:09 . 2009-01-04 18:41 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-05 15:57 . 2009-01-05 15:57 <DIR> d-------- c:\program files\CCleaner
2009-01-02 19:46 . 2009-01-02 19:46 <DIR> d-------- c:\documents and settings\Pocitac\Data aplikací\Mysteryville2
2008-12-29 04:42 . 2008-12-29 04:42 113,664 --a------ c:\windows\system32\mqapi.exe
2008-12-25 22:56 . 2008-12-25 22:56 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\JollyBear
2008-12-25 13:38 . 2008-12-25 13:38 768 --a------ c:\windows\system32\elists.db
2008-12-25 10:40 . 2008-12-25 13:55 2,656 --a------ c:\windows\system32\gncontent.cch
2008-12-24 12:21 . 2008-12-24 12:21 <DIR> d-------- c:\program files\Mp3tag
2008-12-24 12:21 . 2008-12-24 12:31 <DIR> d-------- c:\documents and settings\Pocitac\Data aplikací\Mp3tag
2008-12-18 21:16 . 2008-12-18 21:16 <DIR> d-------- c:\windows\ie8updates
2008-12-13 16:15 . 2008-12-25 14:51 <DIR> d-------- c:\documents and settings\Pocitac\Data aplikací\Creative
2008-12-13 16:14 . 2006-10-06 07:17 53,248 --------- c:\windows\Ctregrun.exe
2008-12-13 16:13 . 2008-12-29 17:17 <DIR> d-------- c:\program files\Audible
2008-12-13 16:13 . 2008-12-13 16:13 755,320 --a------ c:\windows\system32\awrdscdc.ax
2008-12-13 16:13 . 2001-08-17 22:43 24,576 --------- c:\windows\system32\msxml3a.dll
2008-12-13 16:12 . 2008-12-13 16:14 <DIR> d-------- c:\program files\Creative
2008-12-13 16:12 . 2008-12-13 16:14 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Creative
2008-12-13 16:12 . 2008-12-13 16:12 <DIR> d--h----- c:\documents and settings\All Users\Data aplikací\{C39CADE8-EC32-4A3E-ADF3-99FB5B7A317D}
2008-12-13 16:12 . 2008-12-13 16:12 <DIR> d--h----- c:\documents and settings\All Users\Data aplikací\{90F3B5EB-A471-42F9-A905-991C2DB2312C}
2008-12-12 04:48 . 2008-12-24 13:22 183,112 --a------ c:\windows\system32\PnkBstrB.exe
2008-12-12 04:48 . 2008-12-24 13:22 138,184 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2008-12-12 04:47 . 2008-12-12 04:47 66,872 --a------ c:\windows\system32\PnkBstrA.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-06 13:35 --------- d-----w c:\documents and settings\Pocitac\Data aplikací\Spyware Terminator
2009-01-06 13:29 --------- d-----w c:\documents and settings\Pocitac\Data aplikací\Skype
2009-01-06 13:15 --------- d-----w c:\program files\WinClamAVShield
2009-01-06 13:14 --------- d-----w c:\documents and settings\Pocitac\Data aplikací\skypePM
2009-01-05 14:57 --------- d-----w c:\documents and settings\Pocitac\Data aplikací\Azureus
2009-01-05 14:57 --------- d-----w c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2009-01-05 14:57 --------- d-----w c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2009-01-01 09:08 --------- d-----w c:\program files\Sandra 2007
2008-12-28 07:07 --------- d-----w c:\program files\Windows Media Connect 2
2008-12-14 13:20 --------- d-----w c:\program files\SpeedFan
2008-12-13 15:14 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-29 10:22 --------- d-----w c:\documents and settings\All Users\Data aplikací\Christmasville
2008-11-24 18:09 --------- d-----w c:\documents and settings\Pocitac\Data aplikací\Zylom
2008-11-24 17:55 --------- d-----w c:\documents and settings\All Users\Data aplikací\Zylom
2008-11-22 16:00 --------- d-----w c:\documents and settings\Pocitac\Data aplikací\XRay Engine
2008-11-22 08:49 --------- d-----w c:\documents and settings\Pocitac\Data aplikací\Red Alert 3
2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-07 09:36 108,144 ----a-w c:\windows\system32\CmdLineExt.dll
2008-08-12 12:03 58 ----a-w c:\program files\Vyroci.dat
2008-08-10 07:50 44 ----a-w c:\program files\Vyroci.bak
2008-07-20 06:44 528 -c--a-w c:\program files\CONFIG.INI
2008-07-20 06:43 29 ----a-w c:\program files\new_ver.ini
2008-02-14 12:28 29 ----a-w c:\program files\version.ini
2008-02-14 12:23 231,944 ----a-w c:\program files\gwflash.exe
2007-09-21 17:42 19,008 ----a-w c:\program files\markfun.a64
2007-08-21 17:49 17,912 ----a-w c:\program files\markfun.w32
2007-08-21 17:49 125,504 ----a-w c:\program files\MarkFunDrv.dll
2007-04-04 16:35 207,680 ----a-w c:\program files\updateutility.exe
2007-03-30 02:36 301 -c--a-w c:\program files\update.ini
2007-03-02 02:48 240,448 ----a-w c:\program files\gwf32.exe
2006-11-23 21:47 207,680 ----a-w c:\program files\BIOS_Run.exe
2006-11-23 21:40 60,224 ----a-w c:\program files\HUADRV.DLL
2006-11-17 03:39 45,056 ----a-w c:\program files\FreeDVD.exe
2005-04-27 17:40 6,800 ----a-w c:\program files\W95_HUA.vxd
2002-10-09 17:59 225,280 ----a-w c:\program files\VYPNOUT.EXE
2002-06-14 16:41 287,744 ----a-w c:\program files\DBFview.exe
2002-04-29 22:09 307,200 ----a-w c:\program files\FELIX.EXE
1999-08-30 15:45 1,142,784 ----a-w c:\program files\Strom.exe
1998-04-14 11:06 485,888 ----a-w c:\program files\Jmeniny.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Svátky a výročí"="c:\program files\Jmeniny.exe" [1998-04-14 485888]
"Skype"="e:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-05 1261336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.hfyu"= huffyuv.dll
"msacm.divxa32"= DivXa32.acm
"vidc.fvfw"= ffvfw.dll
"msacm.avis"= ffvfw.dll
"vidc.VSPX"= vspxvfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneV]
--a------ 2007-08-14 13:10 20480 c:\program files\Gigabyte\ET5\ETcall.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2008-05-16 13:01 86016 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCS]
--------- 2006-06-08 08:42 65536 c:\program files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAuto.exe]
--a------ 2008-05-28 03:39 401408 c:\program files\Creative\Software Update 3\SoftAuto.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 11:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
--a------ 2008-08-09 07:10 1783808 e:\program files\Spyware Terminator\SpywareTerminatorShield.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2008-12-09 11:12 234856 c:\program files\TomTom HOME 2\HOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2008-05-16 13:01 1630208 c:\windows\system32\nwiz.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Sandra 2007\\sandra.exe"=
"c:\\Program Files\\Sandra 2007\\RpcSandraSrv.exe"=
"c:\\Program Files\\Sandra 2007\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\Gigabyte\\@BIOS\\gwflash.exe"=
"c:\\Program Files\\Gigabyte\\@BIOS\\update.exe"=
"c:\\Program Files\\gwflash.exe"=
"e:\\Program Files\\Azureus\\Azureus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Pocitac\\Plocha\\Race.Driver.GRID.Multi-5.Full-Rip.Skullptura\\Grid\\GRID.exe"=
"c:\\Program Files\\Gigabyte\\ET5\\update.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2008-10-18 2915944]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-07-20 97928]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2008-07-22 141312]
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T;c:\windows\system32\drivers\3xHybrid.sys [2008-07-20 827008]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-03-02 69120]
R4 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-20 875288]
R4 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-20 231704]
R4 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-07-20 76040]
R4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S3 cglptnt;cglptnt;c:\program files\totalcmd\CGLPTNT.SYS [2008-07-20 7888]
S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;e:\program files\EVEREST Home Edition\kerneld.wnt [2005-08-18 7168]
S4 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc477206-c098-11dd-967a-001d7dc3c085}]
\Shell\AutoRun\command - H:\InstallTomTomHOME.exe
.
Obsah adresáře 'Naplánované úlohy'

2009-01-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2009-01-06 c:\windows\Tasks\User_Feed_Synchronization-{C7E920EB-F47F-40C4-9F5D-4369B8B86BB9}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 02:05]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-WEBTRAN - (no file)
HKCU-Run-OEXPRESS - (no file)


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz
IE: &Přelož do češtiny - c:\program files\Seznam\Listicka\Toolbar.dll/5034
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Hlede&j v ČR - c:\program files\Seznam\Listicka\Toolbar.dll/5033
IE: Hledej v &encyklopedii - c:\program files\Seznam\Listicka\Toolbar.dll/5108
IE: Hledej ve &světě - c:\program files\Seznam\Listicka\Toolbar.dll/5035
IE: Hledej ve &zboží - c:\program files\Seznam\Listicka\Toolbar.dll/5107
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: www.servis24.cz
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 14:44:34
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\e:\program files\EVEREST Home Edition\kerneld.wnt"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1935655697-2077806209-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*NULL*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1935655697-2077806209-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*NULL*]
"??"=hex:16,08,9e,7f,51,48,38,e5,a7,90,f7,f2,f4,ec,d4,0d,ac,f6,d9,ca,25,7f,df,\
3d,dd,bf,32,10,24,6e,a2,04,c3,55,55,03,cd,74,e3,d1,d4,04,18,93,1c,9b,d1,c4,\
17,fa,b2,ef,b1,d3,1f,9c,2b,8e,1f,85,fe,e4,f9,84,4e,06,d7,c0,e3,ff,bb,18,8d,\
59,b0,cd,6b,29,30,82,31,57,8e,3d,0b,80,32,86,0b,fe,10,86,ee,c6,a6,ec,bf,34,\
33,3e,9d,2f,ea,d9,6d,f1,89,35,12,d6,44,74,6e,dc,e6,45,b4,45,a3,3f,d5,46,67,\
5c,14,2b,8a,ee,1a,94,2c,56,8f,ec,05,f8,b9,36,f2,16,ef,3e,7f,ef,42,e3,20,23,\
6c,a3,97,fb,df,fa,b1,37,b9,c6,da,2e,9c,86,6a,18,59,a1,4b,a3,63,23,2b,61,f8,\
6c,d8,ae,92,1f,9e,c1,3a,49,68,cc,df,fb,56,f2,6f,18,4b,69,ab,a0,43,f0,fb,e8,\
0c,16,0f,47,d5,81,5e,1e,17,f2,93,06,80,0d,b7,a8,a0,69,d9,2c,f4,55,2c,fc,3c,\
d5,3b,4f,45,22,06,7c,58,62,fe,53,7c,9b,21,fa,9a,d1,1d,aa,63,f9,cf,16,b7,60,\
b9,53,06,07,a7,a8,b1,a7,ee,b3,32,4e,e1,d9,a8,3f,01,63,a2,04,0d,c6,6a,49,ca,\
2f,9d,6a,62,ef,a5,59,87,35,a9,9f,57,0b,b8,7a,d1,c7,39,e1,93,2a,3f,66,28,6e,\
75,2b,f4,ee,20,b5,d8,89,80,c5,6e,3d,c8,e0,2e,e4,69,7b,03,a0,b4,cf,ce,85,ab,\
c3,44,34,19,12,07,21,cd,36,db,9c,11,6f,30,54,97,3d,06,07,21,4c,4a,9f,4e,eb,\
c0,09,f8,37,03,81,a2,87,11,8b,05,29,a8,a7,e1,41,1b,c0,d4,0e,bf,72,87,aa,cf,\
2a,89,70,00,b0,f5,46,ad,30,eb,00,4f,e8,7e,23,be,78,f2,ff,da,d9,f4,8d,be,e6,\
36,ec,e5,0c,80,c7,30,ce,49,3a,99,4f,df,77,fe,16,8d,ab,52,33,68,49,ca,ee,61,\
ae,4d,f5,53,9e,51,27,1c,5f,19,d8,da,fe,bd,64,1f,49,18,8e,77,28,a2,99,53,2b,\
2d,fd,96,af,d6,af,de,96,0a,42,ab,c1,f5,f4,3c,c6,71,3f,d7,85,a1,32,86,b6,a5,\
df,a4,e7,3a,0f,8e,ba,cc,d1,98,af,25,60,49,b3,4a,8d,18,1c,c1,95,7d,e7,25,34,\
9d,a6,6e,78,6b,8c,15,90,96,dc,4f,9f,71,41,39,1f,6f,5c,b3,ba,4a,75,ea,84,78,\
21,40,06,66,1b,ef,74,0b,61,cf,aa,75,ed,0c,4f,1c,7e,48,fa,70,db,26,14,76,af,\
0c,38,4f,1e,04,a6,be,4d,61,aa,81,29,4c,be,48,d8,b5,a5,e7,19,b4,a8,1c,66,0e,\
76,31,be,55,20,2b,18,d0,98,07,0a,4e,59,2b,70,97,95,2e,f7,06,43,ec,41,cb,b3,\
b1,bb,53,07,7e,74,46,0b,77,2f,52,1a,8f,7c,dc,de,9b,e6,0c,2b,79,5a,b1,50,27,\
3d,0e,36,89,b5,93,67,98,f3,4a,23,ea,d6,c9,e9,2a,64,5b,3f,e6,a8,d4,55,fe,3d,\
cc,e5,32,aa,0e,15,99,b3,6c,d0,23,31,35,13,2d,cc,8a,c4,cc,be,04,c3,c8,24,5f,\
4f,ca,a4,70,98,5c,ee,eb,46,87,7a,0d,ab,e4,55,a7,8b,63,b8,d0,25,1a,2f,21,b8,\
ef,60,a8,87,2c,d1,d8,9a,70,ae,92,5f,c6,3e,99,8c,e3,f0,47,9a,84,de,e3,45,0a,\
50,49,ed,5b,bc,e1,36,67,58,a4,8d,3d,d5,64,75,dc,ee,0a,9f,ff,8a,8b,61,c5,d3,\
7b,f0,58,ca,4e,6c,3a,87,de,48,04,65,fb,4d,08,0e,d9,de,37,5e,3a,30,66,38,47,\
b8,fd,f4,dc,ef,69,80,59,12,0c,51,be,57,8a,fd,03,0c,0e,5e,88,f4,a1,97,f3,46,\
00,17,ef,89,26,87,a1,65,d5,84,76,3e,b8,d0,04,e6,6b,0d,21,33,f4,50,6e,68,f5,\
b0,f2,e8,f7,f7,3b,26,d8,c1,6d,cd,bc,e8,dd,a8,f8,da,d4,c4,43,38,a5,67,89,52,\
a1,cd,52,af,50,35,d4,ad,83,61,e8,61,16,fd,d1,2f,a8,05,27,65,a5,26,0e,30,f4,\
8b,5e,09,53,6e,8c,1f,d7,c8,e5,90,75,a5,d1,33,ce,7d,48,33,2a,40,18,4a,08,b2,\
08,d2,70,f4,82,24,f4,24,a0,8a,72,f3,56,68,6a,24,1b,6b,6b,8b,bc,77,78,31,39,\
13,c7,e2,03,78,66,c9,71,30,a9,62,42,f0,1a,be,7c,2c,71,19,65,bb,ee,06,e6,fa,\
7b,8f,9a,18,6a,cc,93,c2,8c,a0,57,6b,00,9f,d6,ae,24,74,90,36,72,fb,be,cb,7d,\
2b,e2,89,63,bf,68,88,b6,4c,13,b5,a5,90,c3,60,45,41,d8,28,bf,e5,31,ec,ac,bc,\
2e,4d,f1,61,44,a6,a6,43,71,cc,31,66,06,8f,80,e3,2e,f0,a1,4f,7a,27,8c,39,54,\
22,91,f1,63,39,fc,d4,7b,e8,d3,07,e3,86,b3,47,19,fc,51,a5,30,5d,c6,92,c3,6a,\
a8,41,96,94,7d,a3,b3,d5,e0,26,56,31,0d,bf,29,71,5c,43,fe,03,0a,49,c3,41,68,\
9b,b5,f1,19,8b,f2,cd,7a,5c,68,bf,97,15,a8,e4,78,aa,c8,02,68,d2,94,df,45,dc,\
61,cb,57,7c,d7,6d,32,be,f0,10,f1,cb,39,f1,29,02,31,ae,75,4d,cc,4d,c8,98,3d,\
df,23,f8,2d,08,7e,d6,63,2a,f7,01,2e,b8,6a,fc,ff,78,6e,60,21,0d,84,3a,7b,0a,\
a8,b1,59,6a,a3,17,42,83,33,08,b2,f2,48,41,00,65,29,f1,c5,b4,c4,c0,fe,f9,60,\
2f,88,4d,ff,49,ec,1f,d7,8d,23,01,eb,9e,cc,12,5b,48,7b,69,6b,20,ba,66,03,c4,\
96,2c,c7,98,51,37,16,e8,4a,1c,94,3a,5c,2c,a7,80,38,e2,65,8b,74,0e,d1,da,66,\
db,d5,21,2a,31,fc,33,90,39,cc,ba,0a,49,fd,c2,ee,35,1c,27,0c,e4,ae,2e,b3,78,\
9d,30,6b,b7,7d,52,5d,a4,16,90,2b,fb,0c,a5,0e,e5,35,c3,cb,65,9a,67,f6,59,5a,\
c3,0c,61,e2,de,c5,20,0b,e3,0c,a1,27,88,46,49,ea,44,8f,90,69,f7,34,f6,56,dc,\
44,8b,73,c3,2e,29,e7,df,ff,3b,5d,ba,97,3b,66,46,cb,6a,83,bc,2f,d5,02,a7,d2,\
0a,6a,4e,95,0b,a3,6a,59,54,1f,31,5f,3c,91,4b,fc,9c,bd,8d,92,bd,ba,7e,91,4c,\
35,b8,a1,b2,9b,24,da,b7,de,34,3a,37,8e,86,51,4f,6a,7c,ea,e1,0d,9d,74,cd,77,\
1b,a1,62,1e,aa,54,e2,6f,18,b2,0c,24,30,75,9c,24,25,4f,dc,1a,4e,16,c6,f1,74,\
64,88,a3,7c,eb,6f,6d,d7,c2,1d,ca,3f,5f,a5,fe,10,d1,cc,d6,8e,c2,a5,3c,e4,2a,\
e4,16,bb,75,57,c9,17,0f,2c,d6,76,32,95,28,32,c0,34,62,6e,ef,67,70,8e,b3,04,\
36,1f,49,76,88,b3,5f,b5,ec,13,55,c8,46,f8,52,1c,31,d5,52,a7,75,8b,07,29,12,\
35,1c,45,5d,29,fa,fa,da,16,a0,40,f4,2e,39,b9,69,dd,68,ca,7d,4c,0f,ca,26,97,\
df,47,ff,d5,d4,d7,ed,a7,59,da,0a,05,e2,6c,5e,d3,8c,db,e5,68,97,d6,11,64,8b,\
35,6c,aa,50,41,29,9e,aa,3f,ab,e4,fe,0b,0c,97,de,3b,0e,60,6b,72,ca,ed,bb,bf,\
b1,ce,9d,61,c9,4a,3b,2d,72,b8,63,72,d1,94,be,24,3e,6a,b9,b5,47,67,10,62,83,\
36,f1,a1,d9,7b,19,0d,71,88,3a,74,9b,3c,8b,93,7c,aa,01,f2,02,6b,e2,ae,97,27,\
f9,69,f3,e7,a2,b6,db,41,af,a3,4e,59,35,ea,95,d6,8c,f2,49,68,af,2a,65,aa,44,\
b4,36,24,18,54,bc,34,65,ac,76,f0,81,ce,ff,fc,e8,02,d4,52,64,81,77,bd,0e,ec,\
10,d8,58,72,e2,82,cc,11,81,eb,72,c1,72,3f,35,56,16,6c,f7,29,3b,31,d5,42,7c,\
06,24,63,e4,21,dd,83,39,7a,25,7a,bb,69,03,6d,ab,0c,d9,55,53,ab,28,b4,ca,01,\
d9,72,e8,1b,ed,59,c9,70,b8,05,a1,9c,26,aa,70,4a,83,bc,9a,6c,51,b9,de,fb,c7,\
bc,96,40,e3,8c,97,d2,a4,d9,6e,20,c6,4f,ed,e2,ea,7e,34,43,ec,6d,45,ab,89,f8,\
09,be,35,a2,b6,76,21,a7,61,70,0f,eb,76,3c,9f,9b,4c,c5,ca,8a,c1,46,ac,8e,4f,\
c3,9e,e2,22,c5,8e,86,ac,45,9a,6f,f7,40,f2,6c,1e,3c,47,a1,72,a3,05,aa,93,0a,\
b5,44,66,01,15,28,d5,77,4b,73,20,dc,d4,35,00,df,e2,bc,24,8f,db,36,53,80,d8,\
d8,41,49,8c,db,62,c0,0d,e3,b6,44,37,7a,5f,83,94,67,c6,e7,7a,95,cb,6b,3f,40,\
5e,e2,93,45,dc,98,e6,23,83,65,a9,b0,43,2f,e7,00,c2,19,21,b3,1c,10,a2,02,62,\
63,81,35,2d,68,48,7c,50,41,f1,64,27,a0,b4,35,99,ac,1f,79,31,ce,bd,7b,9b,47,\
95,c0,a3,f5,f9,9a,52,e7,a7,6c,45,54,f3,36,15,a6,e8,09,1b,00,b2,d0,d7,ba,72,\
b1,f9,af,f9,0e,00,73,96,55,42,37,b5,eb,5c,f9,6c,46,50,c3,cf,c9,74,7e,b1,61,\
67,49,06,5d,20,8d,b6,ad,87,b6,4c,40,29,4f,23,0e,3e,15,27,94,a6,17,5d,c1,a0,\
2d,8b,3e,f9,1e,44,82,3c,ac,64,cc,c8,92,11,28,fd,73,db,94,24,85,1a,a3,92,37,\
68,37,0d,e4,7e,0e,d1,ba,d2,05,be,5e,f0,66,49,f2,e0,22,e7,e2,06,78,ff,02,cd,\
4f,6e,8a,6d,9b,11,b9,53,8d,54,2d,fe,1c,07,31,d8,c7,79,e4,e9,4a,85,c7,fb,40,\
43,12,67,e2,e8,b4,71,9a,40,1f,3f,fc,e2,a7,37,50,74,5f,9b,77,fb,b4,96,8f,97,\
9a,c8,b8,ac,3d,80,d9,f0,3a,23,62,85,1a,6f,2d,be,ca,67,fd,b4,e3,d2,c1,8b,60,\
5a,64,f0,76,ff,e0,b9,4c,c4,81,fe,70,54,c8,aa,4a,65,8c,c4,65,19,9e,fb,7e,ab,\
2f,71,30,96,28,99,52,24,af,15,d6,c4,82,df,33,d1,bc,b0,61,2f,b2,1b,c5,e1,69,\
da,18,d4,e9,45,4c,c6,5d,44,7c,c1,6d,3b,b7,ff,f5,0a,26,c8,eb,ed,f0,24,1a,3a,\
7f,52,aa,29,92,5a,aa,88,97,06,b6,bf,91,3f,9b,64,9f,ae,a8,2f,10,19,a6,44,59,\
f7,4d,33,e9,ad,08,f8,ae,52,6e,fd,74,38,fc,1e,e5,30,59,d7,bd,2e,a4,06,85,12,\
3b,67,3e,4d,8d,41,75,38,69,d3,b1,c1,ea,5f,ee,f7,8b,fd,33,b7,19,c1,9d,de,3a,\
37,0e,2f,d4,cb,45,27,91,9c,a4,26,ee,02,7f,b8,35,67,d0,5b,0c,6a,56,c2,b8,d0,\
ac,40,c4,ea,7a,7c,1f,f1,94,2f,6e,94,05,33,f3,7d,f3,52,05,8f,59,73,76,f8,77,\
51,f7,4c,c6,3e,ca,08,66,a4,e3,5f,bb,70,ae,58,cf,d5,9b,bd,41,72,ac,3a,6b,79,\
a1,82,b7,60,e3,e2,12,8d,60,d8,c6,1f,5b,53,2e,3f,fc,df,4f,8c,eb,cd,fa,91,be,\
50,53,01,d4,ab,38,f7,32,89,77,2d,73,c4,80,61,48,7e,54,84,a7,83,fa,c8,86,b1,\
33,bb,86,67,33,aa,46,fc,b5,5f,dd,e8,b4,6d,bb,f6,43,7b,12,8d,45,fb,d8,fe,1b,\
41,e8,0e,0e,4f,6c,6c,23,79,fd,4c,11,eb,78,aa,b8,93,75,db,1f,cd,4f,70,c3,3a,\
8f,d6,91,bb,f0,d0,c0,fe,d7,a9,28,19,b3,c1,b4,8b,d2,9f,26,db,08,e4,74,97,d3,\
1f,a7,71,ea,49,9d,1e,bf,4f,c8,6f,cf,17,98,dc,0b,b2,6a,b8,9a,07,55,27,43,58,\
54,c5,df,9e,8c,07,f2,56,53,8c,cd,56,00,e6,40,e1,44,23,83,b9,2e,2b,db,49,2b,\
2f,91,7f,45,df,21,60,4c,3d,bb,60,58,bc,88,c1,1a,6e,4f,fe,d3,7c,d9,9a,79,fb,\
34,35,3a,b4,bb,e6,ac,64,1a,8b,1d,2a,0c,e6,e5,46,e6,e0,90,5a,dc,1c,65,74,48,\
78,29,fc,95,0a,66,c1,bf,8d,32,bc,a4,86,b1,c4,f3,80,a3,02,2b,c1,1d,de,a0,af,\
a0,8b,26,e9,b3,c2,bb,99,18,0e,58,f9,49,1a,76,7a,1e,86,32,4e,55,6b,85,0b,11,\
32,e7,e3,0d,d4,d3,4b,a5,18,b0,fa,65,4a,9a,56,b2,77,86,f8,b2,dd,44,df,0d,73,\
17,ca,cb,e8,b4,97,1c,a3,fc,09,4a,95,01,ec,4e,2f,24,e7,e6,02,7f,24,69,8c,06,\
cd,88,01,c5,d9,ae,74,2c,44,66,08,bb,9f,6c,8d,01,53,8b,ce,41,30,c6,7e,0b,ff,\
bb,f9,9c,5d,9e,b5,6e,54,5f,dd,8c,56,54,69,99,42,72,a9,04,7b,ae,03,22,71,27,\
cb,ec,b2,e2,ec,86,2b,94,89,d0,1c,e6,fb,ef,6a,be,e9,3c,a9,54,f1,15,c3,20,84,\
a9,21,d2,e6,83,2d,57,22,a4,fb,9a,b3,94,de,23,92,41,25,e7,1b,d9,78,22,08,75,\
e0,43,0b,84,8b,e9,2c,3a,f6,42,09,cf,fa,52,d5,95,78,a3,18,21,e9,0f,11,16,24,\
ed,0b,82,15,ab,21,1e,09,3e,5c,9b,6a,2a,9a,8e,8c,a5,d3,04,e1,92,a9,9c,83,cd,\
2e,a0,cd,58,44,9b,db,0d,e6,4c,de,f2,43,58,c6,fb,b1,03,69,b5,e0,fe,2a,49,56,\
19,01,73,1b,6e,ca,bb,ca,7d,63,bd,97,66,30,e7,5b,59,83,c1,ad,3d,f5,32,f9,72,\
ac,4a,ef,74,40,c0,10,91,75,15,b2,78,c4,6b,ee,61,af,c8,ce,ad,f5,a0,a2,9f,b2,\
34,f4,72,3a,e6,0b,44,b2,7b,64,35,26,62,e1,fa,9f,16,74,76,27,0d,2c,74,06,7d,\
92,2f,28,11,5e,8c,3e,31,b5,8c,07,ce,ee,be,48,40,85,14,26,05,e7,4e,14,82,62,\
c0,10,6d,ae,20,f6,c4,17,eb,38,d3,c8,ea,cf,a8,ad,8b,ea,27,4c,78,1f,44,ce,67,\
a0,33,d8,58,76,c8,e8,b9,ca,a1,e0,09,35,b4,92,9f,2d,70,c8,f8,61,a1,5c,ef,69,\
36,29,f5,91,d4,27,c1,60,d5,fe,6a,49,ea,99,3e,52,34,50,28,92,f1,76,3f,b1,ab,\
96,a1,0a,3d,20,e1,16,35,d8,f2,df,40,8a,78,5e,2d,77,88,2d,bc,39,d1,1a,10,00,\
40,2a,e6,70,ee,c0,ed,aa,1e,7f,29,11,2f,f3,64,2d,55,3a,8a,81,9b,31,42,f7,fd,\
bc,3c,b0,22,2a,1a,ab,33,e5,e2,95,01,5a,2a,4f,d5,cf,15,1f,7a,67,4a,c8,97,59,\
05,b3,5e,bd,1a,96,36,33,4a,a4,f6,55,91,d8,e2,65,6b,2b,b3,62,ee,5a,8d,7a,de,\
40,1c,e6,35,cb,bd,de,4e,50,87,db,b0,7e,58,1e,72,ed,b8,01,e0,a4,33,f2,3b,f0,\
e6,8a,83,d9,a3,15,12,c9,f7,69,3d,14,9a,00,45,c6,fb,ce,2d,c2,c7,15,5d,07,5e,\
a7,e2,cf,9b,50,c3,a6,f2,b1,74,80,ec,ff,e4,93,b6,72,91,33,1a,41,58,09,e4,9c,\
3f,a3,9e,f9,90,65,25,72,44,06,cf,ee,5d,c7,38,be,eb,9d,46,f7,09,6b,12,1f,87,\
2e,d0,52,7c,ec,5d,96,2f,f6,7e,eb,da,94,23,1b,22,33,f1,17,64,44,12,c9,26,1f,\
55,28,d2,18,0d,f5,42,1a,40,76,35,04,5e,64,ed,e6,2b,b7,81,4c,02,b9,b6,f0,b0,\
4b,3b,a3,8c,cc,26,8d,9d,c4,39,cd,24,4a,05,a4,05,f0,9c,92,99,0f,48,30,7b,21,\
b4,89,99,4e,9c,18,59,46,1f,d2,22,d8,57,70,11,67,ed,87,ec,0e,32,11,96,60,70,\
ff,8a,31,fb,1e,e9,33,57,50,8d,b4,26,eb,e7,13,65,2d,bc,19,b3,68,b2,13,9c,6b,\
f0,ea,1d,5f,c9,0c,29,67,35,50,33,67,be,9c,73,f3,a3,19,44,ee,a4,0c,f5,bf,bb,\
10,95,f9,71,cd,08,b8,74,28,2e,65,a0,43,a7,21,1e,dd,15,d0,74,6a,88,62,57,f2,\
cf,74,01,e6,f2,a2,0d,54,fc,68,ab,45,8b,8d,a8,0f,2b,75,56,36,06,a0,2d,37,b1,\
ed,3c,a3,bb,e9,e4,de,95,2c,74,51,44,03,5e,16,77,77,a7,df,1d,68,9d,90,91,86,\
86,47,9a,74,f9,fd,d9,e3,85,7c,79,c1,f2,81,dd,52,ee,5e,2d,da,ce,14,0c,72,1f,\
25,01,2e,1a,a2,90,a6,7e,66,47,2a,fb,71,dc,dc,63,36,93,2a,75,c5,a8,9d,f4,f8,\
8b,aa,b2,93,c1,39,99,89,20,89,31,da,88,4c,ed,30,e2,e8,7a,ce,b3,70,a6,45,5d,\
d1,88,89,5b,a2,61,1e,7d,85,18,ae,b0,49,cd,ac,b5,f0,90,02,06,19,f4,26,d1,40,\
e7,38,15,0e,e4,68,c3,fe,e9,31,1e,ee,6e,fc,72,43,2e,ae,b4,8d,08,57,a6,19,97,\
58,63,2f,7c,2f,28,d9,49,89,65,97,99,4e,e9,5d,17,35,78,e1,8b,e1,e5,94,29,b2,\
96,36,f1,f9,30,93,be,32,b1,62,de,9b,20,06,3c,f8,47,3e,8f,b1,19,58,9b,a1,4c,\
bd,c6,2f,6b,08,d8,69,9c,6e,68,fd,64,11,74,dd,82,9b,db,d1,e1,ce,99,ec,5c,7f,\
5a,a4,3d,30,1b,ea,18,3e,f0,03,2b,93,76,26,95,a0,e5,ee,f4,34,6b,1f,02,78,31,\
59,0b,c7,cc,b5,c1,31,c4,24,a2,58,80,8f,91,74,14,d7,27,ce,78,24,5b,f0,7b,17,\
13,b9,22,51,a3,b9,a5,76,2e,7c,61,80,88,1a,8e,94,1a,b3,3f,2b,1b,9d,f7,31,78,\
18,8d,33,0e,7e,39,c0,d6,04,e6,4f,dc,59,6f,9d,35,81,e2,9a,a4,82,28,49,e2,b0,\
37,3d,54,1b,a3,74,45,0c,5f,5b,81,4c,ab,b3,67,a1,1a,42,d9,1e,8c,cf,d5,15,ad,\
46,b9,62,ee,42,d3,e9,f1,d8,98,35,96,ef,16,8f,02,b9,f8,1b,da,c6,69,f8,ce,7b,\
ae,8a,66,32,a9,3f,2f,4d,ad,61,49,a5,42,ac,a9,da,2f,3d,a7,4d,10,fb,84,84,36,\
70,38,52,39,5a,0e,a1,25,af,40,ca,02,ef,85,cf,87,aa,d9,68,aa,bd,4d,ec,86,95,\
9a,11,64,7f,20,c2,70,8f,1d,33,f4,e0,a3,ae,df,e9,aa,6f,94,b7,03,16,3e,39,e1,\
a1,06,de,15,b8,48,a2,10,e9,30,da,99,d7,b5,f3,b8,f8,6e,fc,80,ea,f9,52,e2,f1,\
20,bb,d2,4b,9e,3d,8a,0a,74,7c,68,c0,e6,2b,e2,aa,42,f3,f8,d2,37,99,33,64,18,\
2a,cf,8f,67,9c,ed,3c,01,a4,08,39,92,5d,7b,6b,f0,99,ec,37,1a,34,d4,ad,9a,38,\
99,fb,53,9a,98,18,bf,d3,5d,ce,1f,90,d9,66,ad,97,ad,00,35,36,11,5f,39,e7,68,\
aa,eb,0b,68,bf,61,8b,2f,30,de,55,1c,8f,7d,6a,26,b9,f2,87,c0,d5,c2,94,f7,85,\
dd,09,4f,5e,2d,7a,a7,a5,4a,ed,94,de,f5,82,a6,58,de,05,70,85,91,e2,27,cb,ea,\
1d,99,38,1f,99,eb,a5,6c,c5,69,7e,0d,30,a0,1c,43,3b,01,db,58,65,e0,8a,b1,6e,\
f5,d5,9f,b4,02,72,90,21,66,b9,7b,b2,57,0a,b8,65,61,9e,55,1b,48,52,8d,a9,d0,\
3d,83,0e,4f,1c,a8,a5,bd,00,1e,1d,bd,89,01,79,a5,c1,bb,56,8c,96,8e,ea,81,09,\
68,dc,69,18,58,0c,80,a5,0a,bb,50,25,54,74,02,1f,56,35,91,74,2a,25,3a,b4,87,\
c4,f3,9f,fe,22,20,67,d7,80,bc,b3,fa,73,42,79,68,1d,8f,86,bf,c5,49,fb,0f,cf,\
2f,0c,a4,06,3d,5d,c6,5f,ca,c6,5d,ad,79,27,93,00,1c,02,fa,04,54,1a,19,36,f7,\
c7,29,77,c8,b2,19,29,48,d0,59,00,38,78,16,84,ca,92,99,a1,9f,96,aa,f3,2a,46,\
f2,e5,f0,c1,c1,7a,ea,8e,23,5a,52,e1,76,a5,7f,d8,64,b0,0e,d1,ba,65,6b,de,5d,\
4d,36,97,de,50,3a,cc,ed,ce,b6,08,35,4e,48,09,ef,09,a0,dd,ae,d9,7b,e0,21,6a,\
78,30,f7,67,1f,d7,4f,82,b5,c9,7d,8e,96,56,e9,f6,e8,82,68,35,b5,fa,ff,55,38,\
b4,19,1b,49,d1,0f,6f,57,bf,ef,1f,b7,84,b5,c8,86,04,ea,21,1b,0d,c1,c1,7c,aa,\
fb,75,c7,57,12,a5,6f,a7,e2,90,55,83,81,79,4b,b7,ec,28,93,4b,b1,f5,c1,21,94,\
95,5e,74,0b,65,21,cf,e5,7e,49,94,35,0c,ca,37,a0,bd,e6,db,25,42,e4,0d,ad,82,\
c0,de,89,41,a2,8b,29,bd,89,83,5e,cc,fd,d3,94,9f,cb,44,75,16,cb,e4,8e,89,62,\
4c,5b,62,12,bf,87,9b,d7,c0,93,49,a8,a0,66,35,6d,b0,07,ea,e8,6e,f3,7d,a4,6b,\
1b,2b,cf,97,d3,e9,b9,f7,4b,88,d7,09,ec,cd,4e,0c,87,60,be,0a,b7,66,ce,e7,0c,\
34,ed,be,49,2f,10,08,2e,2d,cd,e1,6f,8e,8d,1a,51,e6,1b,87,1a,ef,eb,f1,6e,36,\
6f,36,e1,88,5d,18,e1,ee,04,a4,4c,97,86,3d,e8,8b,cc,68,d2,cc,3b,e5,6f,bc,bb,\
4b,47,d8,b6,6d,bf,e3,e1,80,1b,7a,4a,84,08,ac,44,2a,21,34,58,85,db,9d,c1,61,\
3f,21,cb,c1,29,e7,56,20,91,15,69,b8,d4,97,11,4d,d0,e0,86,0d,4d,fc,85,d9,c8,\
e7,8f,36,95,60,58,fd,e0,cb,fe,40,fa,e7,ca,aa,70,f0,1e,62,51,f9,86,35,3c,e2,\
21,84,ac,9a,bd,05,4d,47,e6,bb,ae,67,9a,d0,2e,2b,12,62,ce,25,27,d0,16,24,71,\
be,b4,5d,62,07,51,41,61,e3,41,6a,79,54,f0,74,99,e2,7c,72,4f,3c,89,c7,73,25,\
87,bb,da,5b,db,8a,01,65,e4,d7,24,0b,6f,ef,3a,81,aa,fe,b3,4d,13,92,c3,53,26,\
10,35,01,80,9b,06,51,b0,7b,9c,ac,fe,19,a1,78,8d,c8,07,a3,8d,c0,85,11,76,99,\
89,11,cd,6f,d6,88,b3,90,10,ed,24,48,65,f2,bc,ef,57,02,cf,9b,b6,31,68,b3,b2,\
f7,4f,fc,d6,c4,66,b6,47,09,be,02,9e,da,1b,75,33,07,b8,87,f1,fa,71,99,d6,a1,\
27,38,ff,61,8d,d4,0f,8b,9a,0d,3b,81,79,6a,41,cc,04,01,8c,28,5f,80,7c,c7,34,\
75,8b,1c,d1,a7,15,40,0c,8e,d0,a8,fe,e3,7a,70,f5,96,e0,1b,4c,cc,9b,7b,d0,40,\
8e,58,b9,2b,18,09,0d,d2,8b,99,ad,4f,68,31,b0,10,7b,b9,1e,ee,4b,e9,4a,20,be,\
a2,96,b6,94,de,84,c8,a4,81,6e,cf,9d,db,d9,29,1e,fa,68,30,91,bc,a9,67,91,34,\
88,bc,6f,e0,36,62,29,6a,93,c8,fe,41,de,b3,d4,58,72,61,1a,3a,38,30,b4,09,40,\
a2,81,da,17,f1,1c,f1,cb,f5,74,77,af,cf,2a,ca,2d,e8,79,e0,e4,37,ce,b6,f7,2b,\
1d,56,ac,ef,10,ca,03,c7,2e,c3,a1,27,d0,3d,5e,21,f2,42,5f,01,7b,ba,fd,94,7e,\
98,c2,34,b7,7c,08,ca,b0,e9,75,40,b1,2f,e0,c7,0b,83,20,ef,93,b4,4b,5a,5b,8a,\
08,57,f0,c6,65,ad,b6,8a,f6,e8,f3,7d,98,27,df,0e,37,19,4f,de,21,d2,d9,2a,27,\
62,ab,c0,71,6e,83,62,1a,6f,0e,2f,17,96,53,f7,3d,9f,d3,fd,fe,d9,f1,e5,08,da,\
e2,aa,64,1d,a1,cc,19,98,04,e2,d2,6f,de,5d,7a,0d,ec,6b,9d,ad,e5,d3,a6,4a,cc,\
2e,c2,33,93,98,2e,db,11,25,b7,14,28,63,b9,5c,9e,50,f1,97,cf,0f,d2,62,70,16,\
af,17,fc,35,b8,6f,ee,7b,70,a2,bb,a6,83,84,f3,85,3f,bb,9c,2e,7d,58,10,61,00,\
d2,1a,3d,b6,72,b1,d0,00,27,41,57,7e,ee,c0,d3,67,50,c1,2e,f2,80,e4,f6,5b,5f,\
8b,e5,f8,69,68,38,35,8c,7c,57,5a,68,d4,1b,df,58,28,7f,e2,3a,59,0d,c1,01,3a,\
63,6f,36,33,c7,81,c8,f0,39,2b,7f,3b,02,ca,47,d5,02,fc,e8,de,2a,8c,5b,5c,2f,\
b6,56,f4,31,36,8f,43,79,78,2b,46,47,b7,2a,c1,5b,3e,32,c1,49,64,b6,07,fd,dd,\
bc,fa,8c,8c,71,f0,8c,7b,72,c8,02,91,35,9d,f4,3b,8e,99,b9,a3,2b,eb,e4,36,77,\
74,53,a1,ba,d9,03,7c,30,37,74,a4,a5,51,f6,c4,4c,92,22,85,6d,e0,df,b8,d8,1b,\
68,de,b2,61,30,1a,e5,e3,10,b5,50,40,72,50,fa,ec,7f,1e,03,7a,56,f2,fa,9b,dc,\
93,5f,cb,52,6f,df,f8,30,f1,d0,67,4d,a8,34,08,3c,7a,fd,15,fd,8f,91,5c,1d,30,\
59,14,7f,2b,5d,fd,0c,c4,96,ad,57,73,a9,39,38,69,04,36,2e,d4,23,b9,03,78,29,\
33,32,b7,f8,82,0f,b2,01,ff,41,ca,0d,06,03,d6,7e,c6,34,96,22,06,02,52,33,6e,\
65,cd,a0,00,ab,46,a7,da,73,8f,dc,b2,c6,52,25,b4,70,e2,cd,67,0c,93,b5,b7,eb,\
c1,52,0a,9f,d7,19,ff,16,34,9a,02,e9,bc,b8,b2,f8,02,63,e0,49,20,c6,a6,16,df,\
65,04,2d,c4,2d,f0,41,b3,2f,3a,77,13,21,08,6b,c1,9a,9a,0b,4a,55,35,32,86,72,\
1b,e2,bb,74,ad,27,12,5b,bd,ac,69,63,6f,dd,d3,17,c4,f6,f4,08,9f,23,47,ce,c9,\
67,47,eb,4b,54,07,21,bd,c7,df,5b,73,4a,ae,03,48,23,1d,01,f5,e7,dc,cb,f0,7a,\
0f,95,61,03,52,12,bd,66,ec,23,e5,4f,40,f5,d9,b0,19,46,aa,31,3f,9d,ab,0f,e9,\
3d,09,38,cd,61,2d,bc,b6,fc,4c,7c,f4,a9,7d,10,7a,fb,70,30,a2,95,7e,2e,62,da,\
35,f9,dd,ab,ed,0a,62,71,44,f0,cb,3e,32,7f,8f,9e,bd,4b,95,76,fb,72,51,ee,34,\
f0,46,4e,98,97,50,7a,b1,f3,47,5b,18,af,13,5b,34,b9,0a,ba,6f,02,82,ff,33,e8,\
ff,16,99,02,03,1f,2d,2d,b6,fc,0c,e9,57,7d,1f,a2,63,24,5e,b8,c3,73,32,76,d4,\
8d,5a,5e,d6,f2,39,03,db,dd,96,6c,67,85,a9,da,3c,28,99,00,ee,e6,7d,e3,b1,74,\
47,1c,ec,80,81,b9,fc,a2,b1,54,95,6c,95,49,c1,f4,40,56,e6,9f,79,54,2c,ba,fa,\
d3,33,6f,d3,16,3a,1c,41,89,a3,45,ec,7a,a0,a7,60,e7,b9,92,52,a2,b9,4b,1f,e7,\
d2,93,37,a0,46,d8,68,56,c0,48,cd,ab,3b,51,73,cc,25,58,8e,9d,fe,08,3a,80,06,\
98,ea,a0,fa,9b,c4,52,bf,33,ca,a9,e2,be,18,61,12,f0,17,ba,6e,b5,8e,b9,f4,7f,\
7d,bc,33,b0,18,de,63,f6,40,27,20,be,7c,fd,01,dc,b9,5b,25,23,bd,1e,52,e3,f5,\
26,4c,dd,b8,47,89,0e,a4,c4,5b,0c,35,e2,61,f1,32,57,ab,ab,5b,5b,ed,a1,2c,91,\
39,14,4a,6a,44,8a,a1,ed,68,58,db,ab,3a,56,c8,c0,2f,ec,0f,aa,9d,47,8b,20,3f,\
c9,4d,2a,fb,a2,8f,ee,42,be,d0,b2,fa,b1,fe,87,b5,42,d6,4e,26,7f,9e,89,99,fe,\
4c,3f,be,1f,13,8d,80,8f,13,65,36,dc,9f,81,d4,ca,bb,a1,12,33,4f,fe,fd,89,0d,\
eb,ac,ef,6d,90,c9,e4,ce,bd,46,a0,11,4e,6a,65,22,17,0e,ba,ea,2f,cc,74,19,31,\
7e,c8,ce,36,d7,e7,1b,a6,85,b8,ec,3c,02,ce,3d,3d,4d,31,7d,a0,a9,0a,21,07,f6,\
41,2b,c9,5e,11,ea,d5,29,df,e7,ab,d4,b7,67,c5,d2,93,96,3f,87,60,92,50,5b,dc,\
c6,63,66,35,05,5f,ff,9a,b0,fd,dd,b8,0c,08,72,24,c9,f7,5d,a2,4e,ef,55,e2,46,\
97,ad,e2,5e,9f
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-1935655697-2077806209-839522115-1004\Software\SecuROM\License information*NULL*]
"datasecu"=hex:90,ec,36,ea,9b,53,61,99,b3,4f,b9,59,84,77,52,db,2a,65,e6,45,ec,\
6d,a2,29,7e,3d,9c,0b,a6,cd,a2,f6,89,7a,ed,37,c8,d2,ce,c8,85,5a,35,f4,98,45,\
17,df,61,de,50,53,01,d7,2f,34,dc,df,39,25,9a,1d,4b,04,c7,98,fa,08,ae,0e,3f,\
ae,a4,8e,c8,3b,f4,2c,f7,3c,5c,b0,13,1a,97,0d,bf,fa,8c,9d,d3,5a,be,0b,d0,29,\
45,64,43,f1,85,eb,4f,49,66,12,b3,e9,fb,8d,53,6f,46,52,72,02,e6,9f,ba,ab,08,\
fa,e1,02,d1,26,d8,6e,51,4a,5a,5b,57,49,b0,b9,7f,1f,55,ff,54,7a,dc,93,94,25,\
26,6c,33,fd,e0,d8,fc,07,1b,05,6a,a6,69,b1,91,b1,6c,dd,f3,12,cb,50,a3,21,c7,\
8e,6c,bf,8d,2e,b8,d8,36,47,0c,e1,57,c7,ee,88,e3,00,f8,0d,7a,99,65,ac,cf,91,\
bc,34,dd,74,56,ee,39,4b,11,f9,d9,52,10,31,26,d5,97,ea,82,4a,17,4f,a6,e5,0c,\
25,28,63,68,99,16,cb,12,8a,b5,c3,37,2d,24,45,d7,c1,e6,eb,03,c3,3e,ca,aa,a7,\
07,04,f3,2d,34,71,48,0c,31,dc,d0,3f,7b,2d,6e,48,26,68,d3,86,1f,99,b1,e6,61,\
0e,c0,ba,3c,42,ec,b0,24,ce,b1,4e,db,e6,cb,61,10,4f,cc,f0,16,34,aa,9f,e2,3b,\
73,7e,fa,92,04,1b,1e,29,52,f9,c7,f4,dd,5f,74,bd,ad,ed,14,06,4c,62,b4,63,00,\
db,4d,bf,a1,3f,42,f5,23,19,58,30,09,a6,18,50,82,3b,78,82,a0,35,d4,2c,39,1b,\
7d,60,a5,0d,cd,e5,ba,8e,e7,3d,78,71,b1,93,30,56,4c,c2,b8,7f,0a,eb,a0,3c,2b,\
43,4a,05,46,3c,ad,f1,5e,d1,57,ef,cf,0b,76,93,fa,36,88,6a,1a,c6,1a,43,43,66,\
1d,45,ed,e8,89,6f,e7,7f,e3,3c,94,cc,18,50,d9,6f,5a,da,57,e0,f2,a5,3d,18,9a,\
07,b9,fc,46,49,49,9f,74,89,4a,b2,ac,6f,88,d8,31,63,92,12,21,bc,c9,60,30,ba,\
97,59,2b,d1,fa,bd,2e,fc,85,fd,21,18,16,fb,21,a6,4f,da,24,a7,66,05,df,9c,eb,\
2a,99,5a,cd,59,1f,8c,21,a2,92,9a,03,4e,9e,e7,88,38,db,06,ad,41,49,5f,03,e5,\
36,46,9e,13,22,64,f4,16,9a,f9,4e,2f,2e,63,80,69,22,e6,dc,75,3b,d8,41,1c,a9,\
9d,bf,b6,70,2a,db,f1,0a,2f,30,c6,96,82,97,e7,6f,5e,97,7c,eb,57,f4,ac,d2,37,\
89,e6,79,af,3c,2d,b0,36,7c,01,ff,fa,16,a8,ee,74,85,a2,6c,98,8c,5e,ee,c1,45,\
5a,d9,74,7f,93,5d,f0,4f,74,68,48,65,ba,57,db,6c,c5,74,21,ec,03,0b,9c,23,6e,\
9d,e3,03,2c,d7,14,ca,e2,5e,23,47,b3,4b,f5,41,5c,69,61,0e,53,b4,57,68,81,12,\
31,27,21,77,7a,bd,90,3d,b4,5b,98,7c,d6,70,a2,98,6f,81,8d,d4,38,50,6d,4b,f6,\
00,bd,fd,81,d3,bb,fa,5b,fa,8a,5a,cf,11,db,e7,2e,ba,c2,b1,17,e3,7c,bf,68,46,\
e1,74,5f,8b,85,9e,32,fc,44,3a,e4,97,26,99,6d,88,e0,78,0d,f9,67,0c,93,a4,e3,\
98,16,ac,5e,b8,10,15,7e,b4,fc,e9,c3,9f,9c,7c,35,d6,20,9e,f6,23,57,c1,41,d8,\
4f,8f,2b,f1,f4,13,37,3f,df,7b,ef,91,fb,de,b0,8d,ee,d8,1e,69,ef,33,d5,fb,8c,\
a0,2d,46,80,3b,4d,6e,b2,9f,73,80,2f,eb,f0,b9,12,13,e0,03,16,b4,c8,ce,d4,f3,\
ea,00,d8,51,fb,96,f8,63,37,13,ee,c1,8b,55,ba,e7,12,5a,9f,14,8f,7f,00,6d,d0,\
db,e8,b9,7f,d2,4f,d5,fb,c1,6c,0a,8a,8b,2e,ba,0a,da,7c,fb,c0,3c,3f,52,5b,bb,\
c2,80,29,eb,76,14,d7,e1,e4,b8,08,9a,cd,40,ff,24,a6,e1,90,00,e7,8a,9d,31,4a,\
2e,18,4a,c1,ab,f5,4e,cc,ed,d3,d1,65,32,45,0c,a7,1b,11,a3,4a,83,e0,74,8c,31,\
9d,b4,f1,93,a2,18,e2,89,5a,20,0e,ad,d4,58,d4,a9,65,12,86,2e,c2,99,2e,9f,67,\
fd,1f,1a,17,fd,d4,30,c6,0d,77,78,8a,cc,f7,f9,74,ad,a0,56,2c,08,d4,07,bc,97,\
77,46,59,73,df,91,06,2a,fe,25,df,d6,ef,0f,88,a4,1c,40,88,b4,08,27,8e,9d,b9,\
85,7f,e3,50,58,06,48,13,5b,c8,c4,51,cb,8c,32,2b,20,ae,a7,61,02,c4,36,72,87,\
f9,6d,4b,b8,2e,2e,da,0d,eb,46,26,60,06,09,71,b6,8e,57,dc,a0,02,2e,cb,a3,1e,\
76,db,a4,27,40,9f,74,cb,d0,f8,f4,64,57,31,b7,57,1b,69,20,40,dc,32,fe,09,95,\
40,1d,d2,f9,ee,2d,97,18,9a,ae,3b,fb,de,de,39,5b,e2,57,dc,ab,a6,e8,6e,44,82,\
5a,0e,36,9e,9f,9b,a3,0f,21,de,d2,9b,65,35,f1,57,a5,61,0b,37,88,d7,b5,cb,93,\
d5,8d,42,ad,28,e8,45,4e,48,20,56,6f,b4,9c,57,7b,ad,27,f3,bb,02,c0,69,0b,99,\
14,98,62,ab,6b,15,6c,77,b9,1d,3f,bd,4a,77,2e,d1,d5,34,46,ed,ca,b6,74,58,d7,\
1c,90,47,fd,fb,49,11,2b,79,f6,0f,6e,7e,c3,56,72,59,20,76,7d,d6,36,59,97,c9,\
61,91,7d,29,1b,70,0a,ee,f0,dc,7c,51,a3,2f,e7,75,a2,61,68,28,ed,ae,c0,69,d6,\
c6,87,02,3d,1e,ef,12,2a,49,fd,be,f5,3d,b9,50,73,6a,17,37,c4,e9,f7,50,cd,00,\
d4,cf,98,8b,e0,6e,6f,a4,1e,19,50,b0,fa,ce,34,3a,c9,5a,2d,06,01,62,90,f5,84,\
c4,0a,64,34,c7,12,d0,3e,5a,c6,56,c6,8d,b6,5a,1c,19,58,73,9d,c1,25,05,8f,cf,\
51,02,a3,41,1e,c0,44,3c,26,24,9d,1d,af,d3,8c,bf,0b,44,f3,9a,56,b3,48,3a,ec,\
78,ac,4b,8c,69,92,76,6a,56,d2,75,94,b0,72,a6,a6,f7,c5,ee,f5,e9,2c,1f,a5,99,\
00,3f,c8,2e,00
"rkeysecu"=hex:e3,da,10,d0,56,a1,a0,b4,33,b6,9e,41,31,02,20,c8

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,51,f6,bd,cf,db,\
8f,1c,02,c8,28,51,af,b0,29,a3,98,61,91,ac,53,f2,c7,d3,74,e2,63,26,f1,3f,c8,\
ff,68,60,f3,78,32,5e,8c,b8,66,c8,28,51,af,b0,29,a3,98,4a,4f,46,36,01,02,4c,\
ec,81,04,36,70

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,13,c5,48,36,29,\
ad,09,6f,71,3b,04,66,8b,46,0d,96,76,9a,59,e9,ab,8c,8f,09,6a,9c,d6,61,af,45,\
84,18,90,2a,cd,01,f5,33,d6,28,71,3b,04,66,8b,46,0d,96,3c,2f,40,ec,ac,97,fc,\
2b,9a,ce,78,81

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,c0,4e,c6,00,af,\
aa,fe,79,25,da,ec,7e,55,20,c9,26,a0,a3,cf,bf,6e,72,c2,d2,ff,7c,85,e0,43,d4,\
0e,fe,fc,8c,41,5f,8a,4c,56,43,ff,7c,85,e0,43,d4,0e,fe,0f,a4,58,38,36,0c,e8,\
62,a5,5f,df,b0

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,2d,df,4b,e3,93,\
17,b0,12,3e,1e,9e,e0,57,5a,93,61,4e,e7,39,5f,0e,9c,0c,a7,86,8c,21,01,be,91,\
eb,e7,a5,66,35,22,b4,1a,f4,3b,86,8c,21,01,be,91,eb,e7,34,76,68,c2,39,4a,72,\
bc,22,80,24,ac

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,27,ee,71,99,45,\
d6,d3,1f,cd,44,cd,b9,a6,33,6c,cd,c9,c3,3e,b9,c1,ab,63,56,f5,1d,4d,73,a8,13,\
5c,05,63,cf,e0,79,2e,07,c6,84,f5,1d,4d,73,a8,13,5c,05,1c,ea,a8,43,96,ac,0f,\
7d,29,3d,fa,c4

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,03,da,59,51,90,\
89,28,ec,b0,18,ed,a7,3f,8d,37,a4,94,0b,39,97,e9,3d,99,c3,df,20,58,62,78,6b,\
cf,c8,83,41,db,04,d8,92,f6,5c,50,93,e5,ab,ec,6a,4e,ab,14,16,b6,36,59,c5,1e,\
f4,d9,8e,f4,86

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,8e,f5,fb,61,dd,\
47,07,94,31,77,e1,ba,b1,f8,68,02,83,eb,7a,fc,c8,68,31,c2,fb,a7,78,e6,12,2f,\
9a,ea,ea,de,ae,65,bd,d1,6c,9c,fb,a7,78,e6,12,2f,9a,ea,19,89,08,14,93,1d,07,\
c8,2c,db,b3,08

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,c9,57,d0,f1,a5,\
1a,88,0f,83,6c,56,8b,a0,85,96,ab,5e,1e,29,29,29,83,63,7a,01,3a,48,fc,e8,04,\
4a,f1,9e,51,9f,72,49,ba,e8,dd,83,6c,56,8b,a0,85,96,ab,a0,8a,ff,23,24,0e,5d,\
4e,05,a5,71,4b

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,10,75,be,25,9e,\
a8,50,63,51,fa,6e,91,28,9e,14,cc,76,3b,ba,47,59,40,f9,53,f6,0f,4e,58,98,5b,\
89,c9,6a,76,84,7f,2e,d8,cf,0e,f6,0f,4e,58,98,5b,89,c9,2b,e8,4f,57,26,f5,94,\
41,8a,5b,97,67

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,68,71,a4,f0,f2,\
f5,39,3f,b1,cd,45,5a,a8,c4,f8,b9,5b,a2,7d,bb,95,a2,4e,ca,3d,ce,ea,26,2d,45,\
aa,78,e4,8a,86,df,a7,cd,31,a0,b1,cd,45,5a,a8,c4,f8,b9,c1,cf,d6,6e,2b,c8,a7,\
fb,d8,26,f2,1d

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,af,55,59,62,01,\
92,27,82,e3,0e,66,d5,eb,bc,2f,6b,d1,6c,1e,c2,6c,61,04,3f,2a,b7,cc,b5,b9,7f,\
41,e7,ef,b8,03,f6,ff,2f,c1,2b,e3,0e,66,d5,eb,bc,2f,6b,df,02,90,47,00,c2,04,\
d3,f8,d4,ea,48

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:05,73,21,dd,54,d8,4a,c5,4c,7b,25,27,4d,\
32,8b,24,fa,ea,66,7f,d4,3b,6b,70,11,42,92,56,d6,03,dc,32,6c,43,2d,1e,aa,22,\
2f,9c,09,74,df,07,d5,8b,ab,6f,6c,43,2d,1e,aa,22,2f,9c,48,9d,06,1c,b2,45,df,\
97,e5,09,f6,cc
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(744)
c:\windows\system32\avgrsstx.dll

- - - - - - - > 'lsass.exe'(852)
c:\windows\system32\avgrsstx.dll
.
Celkový čas: 2009-01-06 14:45:19
ComboFix-quarantined-files.txt 2009-01-06 13:45:17

Před spuštěním: Volných bajtů: 46 904 909 824
Po spuštění: Volných bajtů: 46,915,276,800

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /usepmtimer /NoExecute=OptIn

606 --- E O F --- 2009-01-06 13:16:52

[jaro3]

Toto otestuj na Virustotal
c:\windows\System32\appdrvrem01.exe
c:\program files\FELIX.EXE
c:\windows\system32\gncontent.cch
c:\windows\system32\mqapi.exe
Vlož sem pak výsledky.

[nezmarigi]

Soubor gncontent.cch přijatý 2009.01.06 17:48:52 (CET)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO


Výsledek: 0/38 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 38 a 55 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:


Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.0.0.73 2009.01.06 -
AhnLab-V3 2009.1.6.3 2009.01.06 -
AntiVir 7.9.0.45 2009.01.05 -
Authentium 5.1.0.4 2009.01.05 -
Avast 4.8.1281.0 2009.01.06 -
AVG 8.0.0.199 2009.01.06 -
BitDefender 7.2 2009.01.06 -
CAT-QuickHeal 10.00 2009.01.06 -
ClamAV 0.94.1 2009.01.06 -
Comodo 884 2009.01.06 -
DrWeb 4.44.0.09170 2009.01.06 -
eTrust-Vet 31.6.6293 2009.01.06 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.05 -
F-Secure 8.0.14470.0 2009.01.06 -
Fortinet 3.117.0.0 2009.01.06 -
GData 19 2009.01.06 -
Ikarus T3.1.1.45.0 2009.01.06 -
K7AntiVirus 7.10.578 2009.01.06 -
Kaspersky 7.0.0.125 2009.01.06 -
McAfee 5486 2009.01.05 -
McAfee+Artemis 5486 2009.01.05 -
Microsoft 1.4205 2009.01.06 -
NOD32 3742 2009.01.06 -
Norman 5.80.02 2009.01.06 -
Panda 9.0.0.4 2009.01.06 -
PCTools 4.4.2.0 2009.01.06 -
Prevx1 V2 2009.01.06 -
Rising 21.11.12.00 2009.01.06 -
SecureWeb-Gateway 6.7.6 2009.01.06 -
Sophos 4.37.0 2009.01.06 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.06 -
TheHacker 6.3.1.4.205 2009.01.05 -
TrendMicro 8.700.0.1004 2009.01.06 -
VBA32 3.12.8.10 2009.01.05 -
ViRobot 2009.1.6.1546 2009.01.06 -
VirusBuster 4.5.11.0 2009.01.06 -
Rozšiřující informace
File size: 2656 bytes
MD5...: 0ae8ac07ce38ccd42cb96b193df0c36a
SHA1..: 982822d15567d3f359166ec79b85178c6b76cf98
SHA256: 224256ebf202b6dac445a2d621c5ee17bd795f6c6e242e193e312d8b1cc75a0a
SHA512: 5602d501f37d5efd07320e79a22f892d4706c1b74e85c3df7b26028e83b0399d
9aca734940f70f68e7192c033b0a1d79355d486cd5e5cc1e38aaa032b9505245

ssdeep: 12:zZmEalmF1X4shK+tVgRU11jTcid1RXPIl81:+llshDVcU1yid1RQ

PEiD..: -
TrID..: File type identification
PrintFox (C64) bitmap (100.0%)
PEInfo: -

[nezmarigi]

Soubor FELIX.EXE přijatý 2009.01.06 05:02:35 (CET)
Současný stav: Dokončeno

Výsledek: 6/38 (15.79%)
Formátované Vytisknout výsledky Antivirus Verze Poslední aktualizace Výsledek
a-squared - - -
AhnLab-V3 - - Win-AppCare/Xema.307200
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
Comodo - - ApplicUnsaf.Win32.Joke.ScreenMate
DrWeb - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
Fortinet - - Joke/Screenmates
GData - - -
Ikarus - - -
K7AntiVirus - - Trojan.Win32.Malware.1
Kaspersky - - -
McAfee - - -
McAfee+Artemis - - -
Microsoft - - -
NOD32 - - Win32/Joke.ScreenMate
Norman - - -
Panda - - -
PCTools - - -
Prevx1 - - Worm
Rising - - -
SecureWeb-Gateway - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
TrendMicro - - -
VBA32 - - -
ViRobot - - -
VirusBuster - - -
Rozšiřující informace
MD5: 0e4baee67e1dce71c1a334e22e50380e
SHA1: 6eb1cb1d94a00daf1fb91218b050fdcba8436c03
SHA256: 7ff0ecf2953b8662ede1577e330a514f09992c18aa3c14ed77cf2ffc115b0866
SHA512: fb8a13f0d600ce390b101ce75c08059880e48f8843beb2aa72e9a82c8e1232b52e2a24ffa31258eb9b076d0480f498ff49f3c14ba142ff3f96a6d3654262ecac